May 22, 2024

Proposed Broad Private Right of Action Under a New Federal Privacy Law Could Be a Plaintiff’s Paradise

The proposed comprehensive federal privacy law, the American Privacy Rights Act (APRA), entitles individuals to bring civil suits against entities that violate their rights under the law. As drafted, the APRA marks a monumental departure from the limited private enforcement available under current state privacy laws. In this guest article, Pillsbury attorneys Jeewon K. Serrato, Shruti Bhutani Arora and Christine Mastromonaco review the details of potential claims under the APRA’s private right of action, the remedies available to individuals and the preemptive effect of the APRA. See our two-part series on private actions under the California Privacy Rights Act: “Key Issues and Defense Strategies” (Oct. 18, 2023), and “Settlement Considerations and Mitigating Risk” (Oct. 25, 2023).

How the FTC Non‑Compete Ban Could Impact CPOs, CCOs and Other Top Executives

Compliance, privacy and information security officers, and other senior figures, have ample reason to take notice of the FTC’s Non-Compete Clause Rule (Final Rule), which would almost entirely ban non-compete clauses with retroactive effect for most workers. Company leaders could feel the effects of the Final Rule both in their management roles and in their own employment contracts. This article examines the implications of the Final Rule, which could become effective in September 2024, and offers analysis on its exceptions, alternatives for employers, potential workplace benefits and the procedural road ahead. See “What Employers Should Know About the FTC’s Proposed Ban on Non-Compete Provisions” (Mar. 8, 2023).

SEC Enforcement Actions Target “AI Washing”

The SEC has targeted AI as a potential risk area for investors that needs to be monitored. Much like how companies were incentivized to exaggerate or make misleading statements about their environmental, social, and governance activities or products, which prompted the SEC to bring enforcement actions for “greenwashing,” similar conduct is occurring with AI, Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, recently noted. Accordingly, the SEC has already settled charges against two registered investment advisers this year for AI washing. This article summarizes the two settlement orders, which Grewal said should “put the industry on notice,” and includes key takeaways from industry experts. See “E.U. Takes Lead on AI and Climate Change Via ESG Regulation” (Jan. 10, 2024).

Winstead Welcomes Seasoned Cybersecurity and Data Privacy Attorney in Austin

Elizabeth Rogers has joined Winstead as of counsel in the firm’s cybersecurity and data privacy group in Austin. Rogers arrives from Michael Best where she was a partner and chair of the firm’s privacy & cybersecurity group. For commentary from Rogers, see “Using Big Data Legally and Ethically While Leveraging Its Value (Part Two of Two)” (May 31, 2017).

Former DOJ Deputy Chief for Cybersecurity Joins Day Pitney As Partner

Day Pitney has welcomed Stephen B. Reynolds as a partner in its government enforcement and white collar criminal defense practice in Stamford, Connecticut. The former DOJ Deputy Chief for Cybersecurity arrives from The Cigna Group, a Fortune 15 health services company, where he served as CCO for Federal Programs. For insights from Day Pitney, see our two-part series “Designing and Implementing a Three-Step Cybersecurity Framework for Assessing and Vetting Third Parties”: Part One (Apr. 8, 2015), and Part Two (Apr. 22, 2015).