Daniel F. Forester

Subscribe to Daniel F. Forester's Posts

Mr. Forester is counsel in Davis Polk's Corporate Department, practicing in the Intellectual Property and Technology Transactions Group. [Full Bio]

Expansive New California Privacy Measure Cleared for November Ballot

By Robert A. Cohen, Frank Azzopardi, Pritesh Shah, Matthew J. Bacal, Daniel F. Forester, Matthew Kelly, Will Schildknecht & Jennifer Leather on June 29, 2020

Posted in Breach Notification, Compliance, Cybersecurity, Enforcement, GDPR, Information Security, Privacy, Proposed Regulations, Regulation, Risk Assessment, State and U.S. Territory Regulation, Third-Party Vendors

While businesses operating in California are still adjusting to the requirements of the California Consumer Privacy Act (CCPA) and are watching for enforcement actions brought by the California Attorney General, as its enforcement powers begin on July 1, an expansive new privacy initiative was certified today by the California Secretary…
Continue Reading Expansive New California Privacy Measure Cleared for November Ballot

Global Data Review Publishes Davis Polk’s Chapter on United States Cybersecurity Laws in GDR Insight Handbook

By Avi Gesser, Matthew J. Bacal, Daniel F. Forester, Matthew Kelly, Clara Y. Kim & Gianna C. Walton on December 11, 2019

Posted in Cyberaware, Federal Regulation - U.S., State and U.S. Territory Regulation

Davis Polk attorneys authored a chapter on U.S. Cybersecurity Laws for the GDR Insight Handbook 2020. The chapter, which can be read here, was written by Avi Gesser, Matthew J. Bacal, Daniel F. Forester, Matthew A. Kelly, Clara Y. Kim, and Gianna C. Walton, and was published by…
Continue Reading Global Data Review Publishes Davis Polk’s Chapter on United States Cybersecurity Laws in GDR Insight Handbook

The NYAG Dunkin’ Donuts Cyber Case – One More Sign that the Days of Stick for Cybersecurity Enforcement May Be Around the Corner

By Avi Gesser, Daniel F. Forester & Mengyi Xu on October 25, 2019

Posted in Cyberaware, Enforcement Actions, State and U.S. Territory Regulation

Over the last few years, the creation of new cybersecurity regulations has been robust, but actual enforcement has been tepid. This is understandable in any new regulatory regime, especially one where the standards are vague, the conduct is evolving, and therefore, there is considerable uncertainty on the part of the…
Continue Reading The NYAG Dunkin’ Donuts Cyber Case – One More Sign that the Days of Stick for Cybersecurity Enforcement May Be Around the Corner

Ephemeral Messaging for Businesses: Balancing the Risks of Keeping and Deleting Data by Default

By Avi Gesser, Daniel F. Forester & Mengyi Xu on May 15, 2019

Posted in Cyberaware, Data Management, SEC

One way for companies to decrease their cybersecurity risks, as well as their risks from new privacy regulations, is through data minimization—significantly reducing the amount of their data. By deleting old data and collecting less new data, companies will have less sensitive information to protect and process in accordance with…
Continue Reading Ephemeral Messaging for Businesses: Balancing the Risks of Keeping and Deleting Data by Default

New Amendment Would Significantly Expand Liability Under California Consumer Privacy Act

By Avi Gesser, Daniel F. Forester, Mikaela Dealissia, Matthew Kelly & Joseph Kniaz on February 28, 2019

Posted in Cyberaware, Proposed Legislation, State and U.S. Territory Regulation

A recent bill to amend California’s landmark data privacy law seeks to expand potential liability for violations—bringing little comfort to those already concerned about the risks and challenges associated with achieving compliance in advance of the law’s upcoming effective date.

The proposal—Senate Bill 561, introduced on February 25, 2019, by…
Continue Reading New Amendment Would Significantly Expand Liability Under California Consumer Privacy Act

2019 Predictions – Top 10 Cybersecurity/Privacy Trends to Prepare for Now

By Avi Gesser, Daniel F. Forester, Will Schildknecht, Clara Y. Kim, Daniela Dekhtyar-McCarthy, Mikaela Dealissia, Dan Thomson & Mengyi Xu on January 15, 2019

Posted in Breach Guidance, Cyberaware, Enforcement Actions, Law Enforcement Notification, Cooperation & Investigation, Proposed Legislation, Risk Assessment

2018 was another busy year for lawyers in the privacy/cybersecurity world – GDPR, CCPA, Marriott, New York Department of Financial Service’s cybersecurity rule deadlines, increased SEC enforcement, more data breach lawsuits, more companies doing table top exercises and risk assessments, etc. But 2019 is looking to be even busier. Below…
Continue Reading 2019 Predictions – Top 10 Cybersecurity/Privacy Trends to Prepare for Now

Federal Privacy Legislation Is Coming. Maybe. Here’s What It Might Include

By Avi Gesser, Jon Leibowitz, Matthew Kelly, Joseph Kniaz & Daniel F. Forester on November 20, 2018

Posted in Cyberaware, Privacy, Proposed Legislation

Momentum is building for federal data privacy legislation, in large part due to the passage of the California Consumer Privacy Act (CCPA) (which goes into effect in 2020) and other states enacting or considering their own consumer privacy laws. These developments have businesses concerned that they will face a patchwork…
Continue Reading Federal Privacy Legislation Is Coming. Maybe. Here’s What It Might Include

Cybersecurity and Cloud Migration, Part 2 – Additional Concerns and Best Practices

By Avi Gesser, Daniel F. Forester & Christopher Woller on October 3, 2018

Posted in Cyberaware, Data Management, Information Security

In Part 1 of this blog post, we discussed some key contractual provisions that lawyers should consider when entering into agreements with cloud service providers (“CSPs”). In this Part 2, we discuss some additional contractual considerations to keep in mind, as well as some post-contract practices to consider in order…
Continue Reading Cybersecurity and Cloud Migration, Part 2 – Additional Concerns and Best Practices

Cyber Blog