Big Data: Legal and Compliance Considerations for Investment Managers

Sidley Partners Nathan J. Greene and Colleen Theresa Brown are co-authors of a new chapter of the PLI treatise Investment Adviser Regulation: A Step-by-Step Guide to Compliance and the Law focusing on legal and compliance considerations for use of Big Data.  The chapter examines the expanding range of topics facing investment management lawyers and compliance professionals, as well as the attendant legal and operational risks.  The chapter includes an introduction to the concepts of data, alternative data, big data and artificial intelligence; examples of an organization’s data users, likely sources of data, and organizational controls for data collection and processing; and a review of the ways different types of data are regulated.

Read More

EmailShare

CCPA Update: Comment Period Closes on Third Round of Proposed Modifications to CCPA Regulations; CCPA Litigation Gaining Steam; Consumer Groups and Major Newspapers Urge “No” Vote on California’s Privacy Initiative

New privacy developments continue to come from California, with a new proposed modifications to CCPA regulations, continuing CCPA litigation, and voting beginning on Proposition 24, an initiative to overhaul the CCPA.  We provide insight into each below.

Proposed Third Modified CCPA Regulations

In mid-October 2020, just a few months after the “finalization” of the regulations, the California Office of Attorney General proposed a handful of proposed modifications to regulations implementing the California Consumer Privacy Act.  The abbreviated comment period for the proposed modifications closed on October 28th, which means the Attorney General must now review the comments, draft a response, and either further modify the proposed regulations or submit them in their current form for approval by the California Office of Administrative Law (OAL).

Read More

EmailShare

TRM Podcast on DOJ’s Cryptocurrency Enforcement Framework features Sidley Partner Sujit Raman

Sidley’s newest partner, Sujit Raman, former U.S. Associate Deputy Attorney General at the Department of Justice (DOJ), was among three panelists on the TRM Talks inaugural podcast, titled “Unpacking DOJ’s Crypto Enforcement Framework.” The panel discussed the DOJ’s recently-published Cryptocurrency Enforcement Framework on legitimate uses of cryptocurrencies, the inherent risks and challenges, and the federal government’s enforcement strategies in this space.

Tune in at https://blog.trmlabs.com/trm-talks/unpacking-doj-crypto-framework.

EmailShare

SEC Lifts Moratorium on Registration of UK-Based Managers

Recent communications from the U.S. Securities and Exchange Commission (SEC) indicate that the SEC is again considering registration of advisers located in the UK. The SEC had delayed approving UK and European Union (EU) investment managers’ applications for registration since the adoption of the EU’s General Data Protection Regulation (GDPR), due to concerns that the GDPR would impede the SEC’s ability to collect data from, and supervise, these UK and EU investment managers.

Read More

EmailShare

California Amends Privacy Laws Again: CCPA Health Information Amendment and Employee/B2B Exemption Signed into Law; Vetoes for Genetic Privacy and Social Media Parental Consent Bills

California’s Governor Gavin Newsom recently signed into law two bills to amend the California Consumer Privacy Act (“CCPA”).  He also vetoed two other consumer privacy bills based on concerns about potential conflicts with existing state and federal law. Collectively, these four bills represented the most significant privacy legislation that came out of the California Legislature’s 2019-20 term, which came to a close on September 30th.

Only one of the two new CCPA amendments, AB713, includes substantive changes to the law.  It streamlines the CCPA’s health information exception and imposes new obligations on CCPA businesses and others that handle deidentified patient information.

The other CCPA amendment, AB1281, simply extends the CCPA’s employee and B2B exemptions to January 1, 2022 if voters fail to pass Proposition 24 (CPRA or CCPA 2.0) in November.  Those exemptions are currently set to expire on December 31st of this year.

Newsom also vetoed two consumer privacy bills despite expressing support for the goals of each.  SB980 would have expanded consumer rights with respect to genetic information collected by direct-to-consumer genetic testing companies.  Newsom’s veto was motivated by concerns that the law could have “unintended consequences” for the operation of the state’s communicable disease reporting requirements, including those applicable to COVID-19.  The other bill, AB1138, would have imposed additional parental consent requirements on social media network operators.  Newsom vetoed it to avoid potentially overlapping state and federal compliance obligations, citing parallels between the bill and federal regulations under the Children’s Online Privacy Protection Act (“COPPA”).

Here we outline the significant features of each of the new CCPA amendments.

Read More

EmailShare

Changes in Chinese Securities Law and Draft Data Security Law Affect Cross-Border Investigations

Recent changes to Chinese law have broad implications on cross-border data transfer in the course of investigations conducted by non-Chinese regulators. Clients work closely with counsel to navigate potential legal landmines in any defense of an investigation involving data from China.

Just over six months ago, on March 24, 2020, the People’s Republic of China’s (PRC) revised Securities Law (revised on December 28, 2019) (中华⼈民共和国证券法(2019年修订) went into effect. While the revised Securities Law affects many aspects of China’s securities law framework (including the registration of new securities for initial public offerings, disclosure requirements, and investor protection rules), a new “blocking” provision is particularly notable. Specifically, Article 177 of the revised Securities Law prohibits non-Chinese securities regulators from conducting investigations within China and prevents Chinese individuals and entities from providing information to such regulators without first receiving approval from the China Securities Regulatory Commission and/or other competent departments under the State Council.

Read More

EmailShare
EmailShare
XSLT Plugin by BMI Calculator