Nov. 20, 2024
Nov. 20, 2024
SEC Charges Four Companies for Misleading Cyber Incident Disclosures: New Expectations?
The SEC has charged four companies for making materially misleading public disclosures of cyber incidents and risks, alleging that each minimized the effects of the 2020 SolarWinds attack on its business. Two commissioners strongly dissented, arguing that the enforcement staff went astray by demanding an array of incident details that muddied the picture for the investor, while not adding clarity about the incident’s impact. This article, the first of a two-part series, examines key takeaways from the actions and discusses the risks and materiality questions spotlighted by the cases and the dissent, with insights from former SEC enforcers now at McGuireWoods and Fenwick & West. Part two will offer practical recommendations about what to include in cybersecurity disclosures and predictions about future enforcement. See “A Framework for Materiality Determinations Under SEC’s Cyber Incident Disclosure Rules” (Jul. 10, 2024). Read full article …
DOJ’s 2024 Edits to the ECCP: Data Analytics to Find Risks and Measure Effectiveness
Principal Deputy Assistant Attorney General Nicole Argentieri gave top billing to the focus on mitigating the risk of misusing AI when she announced recent changes to the Evaluation of Corporate Compliance Programs (2024 Edits). Getting into the weeds, however, a larger proportion of the 2024 Edits relate to how companies use a broader spectrum of data collection and analytics to monitor, optimize and improve their compliance programs. In this second article of our series analyzing the 2024 Edits, we examine the new questions added that implicate use of data and data analytics in compliance programs. The first article focused on the changes related to AI. The third and final article will look at new language related to whistleblowers, compliance resources and incorporating lessons learned. See “Thoughts From DOJ Experts on Using Data Analytics to Strengthen Compliance Programs” (Jul. 17, 2024). Read full article …
CFTC’s Report Calls for Engagement and Development of AI Risk Management Frameworks
The Commodity Futures Trading Commission (CFTC) has sought to position itself on the cutting edge of regulators’ response to the meteoric advances in AI and its use in the financial services industry. Earlier this year, a subcommittee of the CFTC’s Technology Advisory Committee issued a report on responsible AI in financial markets (Report). The Report assesses the opportunities and risks presented by AI and offers recommendations for the CFTC, including engaging with the industry, developing risk management frameworks, assessing existing regulations, aligning with other agencies and gaining AI expertise. This article parses the Report and includes relevant insights from CFTC Commissioner Kristin N. Johnson’s public statement. See “CFTC Commissioner Shares Five Pillars of Cyber Resilience” (Jul. 19, 2023). Read full article …
BakerHostetler Welcomes Former Federal Prosecutor to Privacy and Cybersecurity Litigation Team in Los Angeles
Raymond Aghaian has joined the Los Angeles office of BakerHostetler as a partner in the digital assets and data management practice group, and a member of the privacy and digital class action and litigation team. A former federal prosecutor prior to entering private practice, he arrives from Kilpatrick Townsend & Stockton. For insights from BakerHostetler, see “Deciphering California’s Pioneering Mandate for an AI Nutrition Label” (Oct. 16, 2024), and “A Framework for Materiality Determinations Under SEC’s Cyber Incident Disclosure Rules” (Jul. 10, 2024). Read full article …
Technology and Data Privacy Principal Joins Polsinelli in San Francisco
Laila Paszti has joined Polsinelli as a partner and principal in the firm’s technology transactions and data privacy practice in San Francisco. She arrives from Kirkland & Ellis. For insights from Polsinelli, see “A Look Inside Businesses’ Private Disputes Over Ransomware Costs” (Aug. 18, 2021). Read full article …
Most-Read Articles
-
Oct. 16, 2024
Deciphering California’s Pioneering Mandate for an AI Nutrition Label -
Nov. 13, 2024
Unpacking the Second Circuit’s Bombshell VPPA Ruling -
Oct. 23, 2024
Emerging Issues in Workplace Privacy: Data Collected and Employees’ Perspectives -
Oct. 23, 2024
Aftermath of the Ninth Circuit BIPA Liability Shake‑Up in Zellmer v. Meta -
Oct. 30, 2024
Seventh Circuit Refuses to Compel BIPA Mass Arbitration Against Samsung: Legal Analysis Breakdown
Spotlight on Trailblazing Women
To mark International Women’s Day 2024, women editors and reporters of ION Analytics interviewed outstanding women in the industries and jurisdictions we cover. In this part, Jill Abitbol, Managing Editor of the Cybersecurity Law Report and Anti-Corruption Report, features notable women in data privacy, cybersecurity, white collar defense, compliance and anti-corruption law, including Christina Montgomery, Leslie Shanklin, Palmina Fava, Alexandra Ross and Lucinda Low. Enjoy reading their inspiring remarks here.
We Celebrate Data Privacy Day 2024
Read the full brief here.
Spotlight on Trailblazing Women
In honor of International Women’s Day, some of ION Analytics' editorial teams led by women interviewed notable women in the markets and industries we cover. In this part, the Cybersecurity Law Report highlighted notable women in compliance and hedge fund, data privacy and cybersecurity, and anti-corruption law, including Amii Barnard-Bahn, Abigail Bell, Genna Garver, Jane Horvath, Barbara Li, Amy Mushahwar, Mara Senn and Carol Widger. The interviews are here.
Webinar on Compliant International Data Transfers
Listen here to our discussion with our colleagues at Ethos Privacy, which took place on March 1, 2022, on how to approach international data transfer challenges.
Webinar on Getting a Handle on Vendor Contracts
A recording of the March 10 webinar can be accessed here.
Cybersecurity Resolutions for 2021
In this quick take video, we talk about some of our cybersecurity resolutions for 2021.
Facial Recognition Concerns
In this short video, we discuss the privacy and bias concerns with facial recognition technology.
ACR and CSLR Spring Update 2020
The Senior Editors of the Anti-Corruption Report and the Cybersecurity Law Report recently teamed up to present an update on the trends and hot topics in the anti-corruption, cybersecurity and data privacy spaces since the beginning of the year and what the publications will be focusing on in the coming months. A complimentary download of the webinar is available here.
Upcoming Webinar: Companywide Work From Home - Cybersecurity and Privacy Best Practices
Please join us on Monday, March 23, 2020, from 12:00 p.m.- 12:30 p.m. EDT for a complimentary webinar discussing the cybersecurity and privacy challenges the shift to remote working has created and how to overcome them. Registration information for the webinar is here.
Upcoming Webinar to Explore Best Practices for Alternative Data Use
Please join us on Wednesday, January 15, 2020, at 11:00 a.m. EST for a complimentary webinar hosted by our sister publication, the Hedge Fund Law Report, discussing issues relating to the use of alternative data by private fund managers. To register for the webinar, click here.
Upcoming HFLR/CSLR Webinar to Explore Strategies and Tactics for Conducting an Effective Tabletop Exercise
Please join the Hedge Fund Law Report and the Cybersecurity Law Report on Tuesday, July 30, 2019, at 1:00 p.m. ET for a complimentary webinar discussing the strategies and tactics companies can employ to conduct an effective tabletop exercise. GCs and CCOs are encouraged to invite their CISOs and CTOs to join as well. The webinar will be moderated by Shaw Horton, Associate Editor of the Hedge Fund Law Report, and will feature Luke Dembosky, partner at Debevoise, John “Four” Flynn, chief information security officer at Uber, and Jill Abitbol, Senior Editor of the Cybersecurity Law Report. Registration for the webinar is available here.
Anti-Corruption Webinar: How HPE Is Using Its New T&E Tool to Generate Compliance Metrics
Measuring the effectiveness of a compliance program can be tricky, but some companies are finding ways to use their existing internal controls to generate useful data. Join our sister publication the Anti-Corruption Report (ACR) for a complimentary webinar that explores Hewlett Packard Enterprises’ new travel-and-entertainment-approval tool. On Wednesday, March 27, 2019, from 1:00 p.m. to 2:00 p.m. EDT, the ACR’s Megan Zwiebel will interview Becky Rohr, vice-president of anti-corruption and global trade at Hewlett Packard Enterprises, about how they are using their T&E tool to measure and improve compliance. Registration information is here.