In a much anticipated (and, to many, long overdue) release published in mid-November, the U.S. Securities and Exchange Commission (SEC) proposed to update its decades-old recordkeeping requirements for broker-dealers to, among other things, allow for electronic records to be retained in a manner other than “exclusively in a non-rewriteable, non-erasable format” (aka write once, read many, or WORM). The proposal would allow electronic records to be retained, as an alternative to WORM, using an audit-trail methodology.
Sidley associate Lauren Kitces was featured on Simplify For Success, a podcast series presented by Meru Data and hosted by Priya Keshav. The discussion covered upcoming U.S. privacy laws and key considerations for organizations as they prepare for these laws. (more…)
On November 26, 2021, the U.S. Department of Commerce (Commerce) issued a notice of proposed rulemaking (Proposed Rule) implementing Executive Order 14034 on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034). The Proposed Rule would bring “connected software applications” into the scope of Commerce’s authority to review certain transactions involving information and communications technology and services (ICTS) in the U.S. supply chain and approve or prohibit such transactions or require mitigating measures.1
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00James Mendenhallhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngJames Mendenhall2021-12-09 17:00:292023-09-06 17:09:04U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process
The eighth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection, and cybersecurity landscape in a time of unique workplace challenges, new dimensions to cybercrime, significant new data protection regimes coming into effect around the world, and increased scrutiny from regulators, Boards of Directors and customers. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law. (more…)
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngData Matters Contributors2021-12-02 12:16:062024-11-15 14:09:24The Eighth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Now Available
On November 23, 2021, the Office of the Comptroller of the Currency (OCC) published Interpretative Letter No. 11791 (the Letter) clarifying the authority of national banks and federal savings associations (Banks) to engage in certain cryptocurrency, distributed ledger, and stablecoin activities. The Letter also addresses the nature of the interaction between state law and the National Bank Act for purposes of OCC oversight of trust and fiduciary activities of national banks, including national trust banks. The Letter reflects the intent of Acting Comptroller Michael J. Hsu to reset expectations regarding the expansion of Bank activities related to cryptocurrency. Concurrently, the OCC, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (the Agencies) released a joint statement alerting the industry of their intent to provide additional guidance in the coming months concerning certain activities related to cryptoassets conducted by banking organizations. The guidance is expected to address topics such as legal permissibility, expectations for safety and soundness, consumer protection, application of capital and liquidity standards, and compliance with existing laws related to such activities.
When President Joe Biden issued his major cybersecurity executive order on May 12, a White House press briefing said the order would invoke:
“the power of federal procurement to say, “If you’re doing business with us, we need you to practice really good — really good cybersecurity. And, most importantly, we really need you to focus on secure software development.” (more…)
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Alan Charles Raulhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngAlan Charles Raul2021-11-30 10:23:592023-09-07 12:06:29A Software Primer For Attorneys After Cyber Executive Order
Recent events have given the term “corporate crisis” a whole new meaning. From cyberattacks and pandemic disruptions to political divisions and tweets that go viral, companies are being challenged in ways they never have before. How should they respond in a fast-moving crisis? (more…)
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngData Matters Contributors2021-10-15 12:16:582022-12-05 11:22:27How to Mitigate Corporate Risk and Respond to Crises
In March 2021, the European Commission released a proposal for the creation of a “Digital Green Certificate,” which will allow EU citizens to travel easier throughout the EU during the COVID-19 pandemic. Last week, the EU Member States agreed on some proposed changes to the proposal, including strengthening of the data privacy provisions. According to the proposal, in order to obtain a Digital Green Certificate, individuals must prove that they have been vaccinated, present a negative test result, or have recently recovered from COVID-19. The proposal allows the issuance of a certificate for all COVID-19 vaccines, which have received an EU-wide marketing authorisation, however only the results of certain in vitro diagnostic tests will be considered valid.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00William RM Longhttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngWilliam RM Long2021-05-03 14:10:432024-05-02 17:02:33Part II – Digital Health Passports in Europe: Amended Proposal for a Digital Green Certificate and Eligible Testing Methods
SEC Announces Long-Awaited Updates to Broker-Dealer Recordkeeping Requirements
In a much anticipated (and, to many, long overdue) release published in mid-November, the U.S. Securities and Exchange Commission (SEC) proposed to update its decades-old recordkeeping requirements for broker-dealers to, among other things, allow for electronic records to be retained in a manner other than “exclusively in a non-rewriteable, non-erasable format” (aka write once, read many, or WORM). The proposal would allow electronic records to be retained, as an alternative to WORM, using an audit-trail methodology.
(more…)
Katie Klaben
Washington, D.C.
kklaben@sidley.com
Colleen Theresa Brown
Washington, D.C.
cbrown@sidley.com
W. Hardy Callcott
San Francisco
wcallcott@sidley.com
Michael D. Wolk
Washington, D.C.
mwolk@sidley.com
Paul M. Tyrrell
Boston
ptyrrell@sidley.com
Meru Data Podcast Features Sidley Associate Lauren Kitces
Sidley associate Lauren Kitces was featured on Simplify For Success, a podcast series presented by Meru Data and hosted by Priya Keshav. The discussion covered upcoming U.S. privacy laws and key considerations for organizations as they prepare for these laws. (more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process
On November 26, 2021, the U.S. Department of Commerce (Commerce) issued a notice of proposed rulemaking (Proposed Rule) implementing Executive Order 14034 on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034). The Proposed Rule would bring “connected software applications” into the scope of Commerce’s authority to review certain transactions involving information and communications technology and services (ICTS) in the U.S. supply chain and approve or prohibit such transactions or require mitigating measures.1
(more…)
James Mendenhall
Washington, D.C.
jmendenhall@sidley.com
Justin R. Becker
Alan Charles Raul
Washington, D.C., New York
araul@sidley.com
Sujit Raman
Stephen W. McInerney
Chicago
smcinerney@sidley.com
Jen Fernandez
Washington, D.C.
jen.fernandez@sidley.com
The Eighth Edition of The Privacy, Data Protection and Cybersecurity Law Review is Now Available
The eighth edition of The Privacy, Data Protection and Cybersecurity Law Review takes a look at the evolving global privacy, data protection, and cybersecurity landscape in a time of unique workplace challenges, new dimensions to cybercrime, significant new data protection regimes coming into effect around the world, and increased scrutiny from regulators, Boards of Directors and customers. Several lawyers from Sidley’s global Privacy and Cybersecurity practice have contributed to this publication. See the chapters below for a closer look at this developing area of law. (more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
U.S. Banking Agencies Signal Closer Review of Cryptocurrency Activities
On November 23, 2021, the Office of the Comptroller of the Currency (OCC) published Interpretative Letter No. 11791 (the Letter) clarifying the authority of national banks and federal savings associations (Banks) to engage in certain cryptocurrency, distributed ledger, and stablecoin activities. The Letter also addresses the nature of the interaction between state law and the National Bank Act for purposes of OCC oversight of trust and fiduciary activities of national banks, including national trust banks. The Letter reflects the intent of Acting Comptroller Michael J. Hsu to reset expectations regarding the expansion of Bank activities related to cryptocurrency. Concurrently, the OCC, the Board of Governors of the Federal Reserve System, and the Federal Deposit Insurance Corporation (the Agencies) released a joint statement alerting the industry of their intent to provide additional guidance in the coming months concerning certain activities related to cryptoassets conducted by banking organizations. The guidance is expected to address topics such as legal permissibility, expectations for safety and soundness, consumer protection, application of capital and liquidity standards, and compliance with existing laws related to such activities.
(more…)
Ivana Grossi
David E. Teitelbaum
Washington, D.C.
dteitelbaum@sidley.com
Joel D. Feinberg
Washington, D.C.
jfeinberg@sidley.com
Michael D. Lewis
Washington, D.C.
michael.lewis@sidley.com
Kristin S. Teager
Washington, D.C.
kteager@sidley.com
A Software Primer For Attorneys After Cyber Executive Order
When President Joe Biden issued his major cybersecurity executive order on May 12, a White House press briefing said the order would invoke:
“the power of federal procurement to say, “If you’re doing business with us, we need you to practice really good — really good cybersecurity. And, most importantly, we really need you to focus on secure software development.” (more…)
Alan Charles Raul
Washington, D.C., New York
araul@sidley.com
Stephen W. McInerney
Chicago
smcinerney@sidley.com
How to Mitigate Corporate Risk and Respond to Crises
Recent events have given the term “corporate crisis” a whole new meaning. From cyberattacks and pandemic disruptions to political divisions and tweets that go viral, companies are being challenged in ways they never have before. How should they respond in a fast-moving crisis? (more…)
Data Matters Contributors
sidleyprivacyblog@sidley.com
Part II – Digital Health Passports in Europe: Amended Proposal for a Digital Green Certificate and Eligible Testing Methods
In March 2021, the European Commission released a proposal for the creation of a “Digital Green Certificate,” which will allow EU citizens to travel easier throughout the EU during the COVID-19 pandemic. Last week, the EU Member States agreed on some proposed changes to the proposal, including strengthening of the data privacy provisions. According to the proposal, in order to obtain a Digital Green Certificate, individuals must prove that they have been vaccinated, present a negative test result, or have recently recovered from COVID-19. The proposal allows the issuance of a certificate for all COVID-19 vaccines, which have received an EU-wide marketing authorisation, however only the results of certain in vitro diagnostic tests will be considered valid.
(more…)
William RM Long
London
wlong@sidley.com
Josefine Sommer
Brussels
jsommer@sidley.com
Francesca Blythe
London
fblythe@sidley.com
Yuliya Gevrenova
Upcoming Events
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
John M. Casanova
jcasanova@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Sharon R. Flanagan
sflanagan@sidley.com
David A. Gordon
dgordon@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Glenn G. Nash
gnash@sidley.com
Rollin A. Ransom
rransom@sidley.com
Alan Charles Raul
araul@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com