Introduction
Employers need to be aware of the significant changes that are on the horizon when the California Privacy Rights Act (CPRA) becomes operative on January 1, 2023.
By way of background, in November of 2021, California residents voted to
Latest from Carpe Datum Law
California Privacy Protection Agency Releases Draft of Proposed Regulations to the CPRA
At the end of May, 2022, the California Privacy Protection Agency (“Agency”) released a preliminary draft of proposed regulations for the California Privacy Rights Act (“CPRA”). The 66-page draft proposal only covers a few topics the Agency is seeking to
SEC Proposes Mandatory Cybersecurity Disclosures by Public Companies
Introduction
On March 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed mandates for cybersecurity disclosures by public companies. If adopted, these mandates seek to provide investors a deeper look into public companies’ cybersecurity risk, governance, and incident reporting
President Biden Signs Bill Mandating Cyber Reporting for Critical Infrastructure Entities
Introduction
On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022. The Act will require critical infrastructure organizations (defined below) to report cyber attacks to the Cybersecurity and Infrastructure Security Agency
Utah To Become The Fourth State to Pass Privacy Legislation
Introduction
The Utah legislature has passed Senate Bill 227, otherwise known as the Utah Consumer Privacy Act (UCPA). Barring a veto from Utah Governor Spencer J. Cox, who, as of March 15, 2022, officially has the bill on his desk
U.S. Senate Unanimously Passes Cybersecurity Bill on March 2, 2022
Introduction
While previous cybersecurity legislation has largely been unable to pass through Congress, the Strengthening American Cybersecurity Act of 2022 was introduced by U.S. Senators Rob Portman (R-OH) and Gary Peters (D-MI), and has been viewed as a priority as
Recent Decision Holds That Failure to Timely Follow Up On Objections to Discovery Requests Does Not Waive Discovery
Recently, a federal Special Master in the District of New Jersey addressed whether a requesting party waives its right to relevant and discoverable documents when it fails to timely follow up on the responding party’s objections. In In re Valeant Pharmaceuticals
OFAC Issues a New Advisory Memo on Potential Sanctions Risk for Facilitating Ransomware Payments
On September 21, 2021 the US Department of the Treasury’s Office of Foreign Assets Control (“OFAC”) issue an updated memo on the potential sanctions risk associated with facilitating ransomware payments and to once again note “proactive steps” companies can take
First There Was Litigation; And Then There Was Standing
This post has been cross-posted from Seyfarth’s Consumer Class Defense Blog.
Now more than ever, it is important for organizations to review and update their basic information security protocols (their incident response, business continuity and crisis communications plans), and
China’s New Data Security Law
Introduction
On June 10, 2021, China officially passed China’s first Data Security Law, which will take effect on September 1, 2021. Following the introduction of the Data Security Law, together with the Cybersecurity Law, which has been implemented since June 1, 2017, and the Personal