Photo of Will Schildknecht

Mr. Schildknecht is an associate in Davis Polk’s Litigation Department. His cybersecurity practice focuses on regulatory compliance, incident response and transaction risk assessments. [Full Bio]

Momentum is building for federal privacy legislation, with several different proposals circulating in Washington.  Ohio’s new cybersecurity law offers an interesting approach for incentivizing companies to protect their customers’ personal data.

We have written previously on two competing models for cybersecurity regulation—“standards” versus “rules.”  The standards-based approach, historically
Continue Reading

On June 6, 2018, the Eleventh Circuit vacated a cease and desist order issued by the FTC against LabMD as unenforceably vague.  The FTC’s Order, which resulted from a finding that LabMD had failed to maintain an adequate cybersecurity program, directed LabMD to “establish and implement, and thereafter maintain,
Continue Reading

On February 21, 2018, the Securities and Exchange Commission (“SEC”) issued a statement and interpretive guidance on issuers’ cybersecurity disclosures.   For a general discussion of the guidance, see Davis Polk’s recent Client Memorandum.  Although the guidance does not impose any new requirements on issuers, the SEC’s emphasis on Board
Continue Reading

Cryptojacking is the newest cyber threat that companies are facing.  It involves hackers accessing company servers in order to steal processing power, which is then used to mine cryptocurrencies.

With the recent increase in value of digital assets such as bitcoin, Ether, and Monero, it is not surprising that criminal
Continue Reading

Appleby, a multi-national law firm known for its tax planning services, is the latest law firm to suffer a major cyber breach in an event that has been dubbed the “Paradise Papers.”  This breach mirrors the Panama Papers leak from two years ago, which exposed millions of documents from the
Continue Reading