Federal Regulation - U.S.

Momentum is building in Congress for federal privacy legislation and several states have their own privacy laws in the works.  But, as concerns grow that companies are collecting and sharing personal information about U.S. residents without their knowledge and not adequately protecting that data, regulators and plaintiffs aren’t waiting for
Continue Reading

In our first Cyber Blog post, we predicted that the rules-based approach adopted by the NYDFS would become the model for cybersecurity regulation.  Two years later, we’re feeling pretty good about that prediction, as the FTC recently proposed incorporating a number of aspects of the NYDFS cybersecurity rules into
Continue Reading

In the last few years, we have seen a dramatic increase in the purchase and sale of alternative data—a shorthand for big data sets, such as satellite images of parking lots, drug approvals, credit card purchases, cellphone data on retail foot traffic, and construction permits. According to alternativedata.org, the alternative
Continue Reading

In a statement issued on Wednesday, September 20th, the U.S. Securities and Exchange Commission (SEC) revealed that it was investigating a 2016 data breach of its Electronic Data Gathering, Analysis, and Retrieval (EDGAR) database.  The SEC does not believe that personally identifiable information was exposed, but the investigation is still
Continue Reading

We have issued a memo on recent proposed U.S. federal banking regulations that could significantly expand the existing cybersecurity regulatory framework for covered financial institutions. The Enhanced Standards intend to strengthen cyberattack preventative measures and post-attack responses.

Read the Full Memo »
Continue Reading

 FinCEN Issues Advisory and FAQs on Cyber-Events and Cyber-Enabled Crime (10/27)

On October 25, 2016 FinCEN issued an advisory and FAQs to financial institutions regarding their Suspicious Activity Report (SAR) obligations with respect to cyber-events, cyber-enabled crime, and cyber-related information as those terms are defined. The FAQs supersede previous FAQs
Continue Reading