On December 17, 2021, the U.S. Securities and Exchange Commission (SEC) announced settled charges against a broker-dealer firm for recordkeeping violations arising from its employees’ use of personal devices for business communications. The firm agreed to pay a $125 million penalty and to retain a compliance consultant to conduct a comprehensive review of its policies and procedures relating to the retention of electronic communications found on personal devices. In announcing this enforcement action, the SEC encouraged registrants to self-report similar failures to the SEC. (more…)
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Lara C. Thyagarajanhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngLara C. Thyagarajan2022-01-12 09:18:112023-09-06 17:05:56SEC Encourages Self-Reporting of Recordkeeping Violations Resulting From Employees’ Use of Personal Devices for Business Communications
*This article was first published by Law360 on January 3, 2022.
A recent discussion with Elizabeth Denham and Claudia Berg of the U.K. Information Commissioner’s Office provided ample food for thought on the direction in which data protection regulation both in the U.K. and internationally is headed, including key trends to watch for in data protection.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00William RM Longhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngWilliam RM Long2022-01-11 09:10:522023-09-06 17:06:275 Global Data Protection Trends To Watch In 2022
On December 10, the Federal Trade Commission (FTC) announced it is considering a rulemaking on commercial Artificial Intelligence (AI). The purpose of the rulemaking, according to an advanced notice of proposed rulemaking (ANPRM) titled “Trade Regulation in Commercial Surveillance,” would be “to curb lax security practices, limit privacy abuses, and ensure that algorithmic decision-making does not result in unlawful discrimination.”
While not formally part of the rulemaking process mandated by the Administrative Procedure Act, advanced notices allow agencies to solicit public comment before drafting more specific proposals. The FTC has not yet issued privacy or artificial intelligence rules, though it has indicated that such rulemaking is on the horizon. The December 10 ANPRM is another signal that the FTC is gearing up to develop substantive privacy guidelines. (more…)
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Alexandra T. Mushkahttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngAlexandra T. Mushka2021-12-28 14:38:282024-11-15 14:37:28FTC Announces it May Pursue Rulemaking to Combat Discrimination in AI
In a much anticipated (and, to many, long overdue) release published in mid-November, the U.S. Securities and Exchange Commission (SEC) proposed to update its decades-old recordkeeping requirements for broker-dealers to, among other things, allow for electronic records to be retained in a manner other than “exclusively in a non-rewriteable, non-erasable format” (aka write once, read many, or WORM). The proposal would allow electronic records to be retained, as an alternative to WORM, using an audit-trail methodology.
Sidley associate Lauren Kitces was featured on Simplify For Success, a podcast series presented by Meru Data and hosted by Priya Keshav. The discussion covered upcoming U.S. privacy laws and key considerations for organizations as they prepare for these laws. (more…)
On November 26, 2021, the U.S. Department of Commerce (Commerce) issued a notice of proposed rulemaking (Proposed Rule) implementing Executive Order 14034 on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034). The Proposed Rule would bring “connected software applications” into the scope of Commerce’s authority to review certain transactions involving information and communications technology and services (ICTS) in the U.S. supply chain and approve or prohibit such transactions or require mitigating measures.1
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00James Mendenhallhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngJames Mendenhall2021-12-09 17:00:292023-09-06 17:09:04U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process
The eighth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection, and cybersecurity landscape in a time of unique workplace challenges, new dimensions to cybercrime, significant new data protection regimes coming into effect around the world, and increased scrutiny from regulators, Boards of Directors and customers. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law. (more…)
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngData Matters Contributors2021-12-02 12:16:062024-11-15 14:09:24The Eighth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Now Available
On November 23, 2021, the Office of the Comptroller of the Currency (OCC) published Interpretative Letter No. 11791 (the Letter) clarifying the authority of national banks and federal savings associations (Banks) to engage in certain cryptocurrency, distributed ledger, and stablecoin activities. The Letter also addresses the nature of the interaction between state law and the National Bank Act for purposes of OCC oversight of trust and fiduciary activities of national banks, including national trust banks. The Letter reflects the intent of Acting Comptroller Michael J. Hsu to reset expectations regarding the expansion of Bank activities related to cryptocurrency. Concurrently, the OCC, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (the Agencies) released a joint statement alerting the industry of their intent to provide additional guidance in the coming months concerning certain activities related to cryptoassets conducted by banking organizations. The guidance is expected to address topics such as legal permissibility, expectations for safety and soundness, consumer protection, application of capital and liquidity standards, and compliance with existing laws related to such activities.
SEC Encourages Self-Reporting of Recordkeeping Violations Resulting From Employees’ Use of Personal Devices for Business Communications
On December 17, 2021, the U.S. Securities and Exchange Commission (SEC) announced settled charges against a broker-dealer firm for recordkeeping violations arising from its employees’ use of personal devices for business communications. The firm agreed to pay a $125 million penalty and to retain a compliance consultant to conduct a comprehensive review of its policies and procedures relating to the retention of electronic communications found on personal devices. In announcing this enforcement action, the SEC encouraged registrants to self-report similar failures to the SEC. (more…)
Lara C. Thyagarajan
New York
lthyagarajan@sidley.com
Ranah Esmaili
Washington, D.C.
resmaili@sidley.com
Stephen L. Cohen
Washington, D.C., Boston, ...
scohen@sidley.com
Barry W. Rashkover
Corin R. Swift
New York
corin.swift@sidley.com
5 Global Data Protection Trends To Watch In 2022
*This article was first published by Law360 on January 3, 2022.
A recent discussion with Elizabeth Denham and Claudia Berg of the U.K. Information Commissioner’s Office provided ample food for thought on the direction in which data protection regulation both in the U.K. and internationally is headed, including key trends to watch for in data protection.
View article.
William RM Long
London
wlong@sidley.com
Francesca Blythe
London
fblythe@sidley.com
FTC Announces it May Pursue Rulemaking to Combat Discrimination in AI
On December 10, the Federal Trade Commission (FTC) announced it is considering a rulemaking on commercial Artificial Intelligence (AI). The purpose of the rulemaking, according to an advanced notice of proposed rulemaking (ANPRM) titled “Trade Regulation in Commercial Surveillance,” would be “to curb lax security practices, limit privacy abuses, and ensure that algorithmic decision-making does not result in unlawful discrimination.”
While not formally part of the rulemaking process mandated by the Administrative Procedure Act, advanced notices allow agencies to solicit public comment before drafting more specific proposals. The FTC has not yet issued privacy or artificial intelligence rules, though it has indicated that such rulemaking is on the horizon. The December 10 ANPRM is another signal that the FTC is gearing up to develop substantive privacy guidelines. (more…)
Alexandra T. Mushka
Washington, D.C.
amushka@sidley.com
Clayton G. Northouse
Lauren Kitces
Washington, D.C.
lkitces@sidley.com
SEC Announces Long-Awaited Updates to Broker-Dealer Recordkeeping Requirements
In a much anticipated (and, to many, long overdue) release published in mid-November, the U.S. Securities and Exchange Commission (SEC) proposed to update its decades-old recordkeeping requirements for broker-dealers to, among other things, allow for electronic records to be retained in a manner other than “exclusively in a non-rewriteable, non-erasable format” (aka write once, read many, or WORM). The proposal would allow electronic records to be retained, as an alternative to WORM, using an audit-trail methodology.
(more…)
Katie Klaben
Washington, D.C.
kklaben@sidley.com
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
W. Hardy Callcott
San Francisco
wcallcott@sidley.com
Michael D. Wolk
Paul M. Tyrrell
Boston
ptyrrell@sidley.com
Meru Data Podcast Features Sidley Associate Lauren Kitces
Sidley associate Lauren Kitces was featured on Simplify For Success, a podcast series presented by Meru Data and hosted by Priya Keshav. The discussion covered upcoming U.S. privacy laws and key considerations for organizations as they prepare for these laws. (more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process
On November 26, 2021, the U.S. Department of Commerce (Commerce) issued a notice of proposed rulemaking (Proposed Rule) implementing Executive Order 14034 on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034). The Proposed Rule would bring “connected software applications” into the scope of Commerce’s authority to review certain transactions involving information and communications technology and services (ICTS) in the U.S. supply chain and approve or prohibit such transactions or require mitigating measures.1
(more…)
James Mendenhall
Washington, D.C.
jmendenhall@sidley.com
Justin R. Becker
Alan Charles Raul
Washington, D.C., New York
araul@sidley.com
Sujit Raman
Stephen W. McInerney
Chicago
smcinerney@sidley.com
Jen Fernandez
Washington, D.C.
jen.fernandez@sidley.com
The Eighth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Now Available
The eighth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection, and cybersecurity landscape in a time of unique workplace challenges, new dimensions to cybercrime, significant new data protection regimes coming into effect around the world, and increased scrutiny from regulators, Boards of Directors and customers. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law. (more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
U.S. Banking Agencies Signal Closer Review of Cryptocurrency Activities
On November 23, 2021, the Office of the Comptroller of the Currency (OCC) published Interpretative Letter No. 11791 (the Letter) clarifying the authority of national banks and federal savings associations (Banks) to engage in certain cryptocurrency, distributed ledger, and stablecoin activities. The Letter also addresses the nature of the interaction between state law and the National Bank Act for purposes of OCC oversight of trust and fiduciary activities of national banks, including national trust banks. The Letter reflects the intent of Acting Comptroller Michael J. Hsu to reset expectations regarding the expansion of Bank activities related to cryptocurrency. Concurrently, the OCC, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (the Agencies) released a joint statement alerting the industry of their intent to provide additional guidance in the coming months concerning certain activities related to cryptoassets conducted by banking organizations. The guidance is expected to address topics such as legal permissibility, expectations for safety and soundness, consumer protection, application of capital and liquidity standards, and compliance with existing laws related to such activities.
(more…)
Ivana Grossi
David E. Teitelbaum
Washington, D.C.
dteitelbaum@sidley.com
Joel D. Feinberg
Washington, D.C.
jfeinberg@sidley.com
Michael D. Lewis
Washington, D.C.
michael.lewis@sidley.com
Kristin S. Teager
Washington, D.C.
kteager@sidley.com
Upcoming Events
IAPP AI Governance Global Europe 2025
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com