Alston & Bird Privacy, Cyber & Data Strategy Blog

James Harvey

Avatar photo

About James Harvey

Jim Harvey advises clients on a wide range of data, privacy, cybersecurity, and technology services initiatives. Jim founded and co-chairs ourPrivacy, Cyber & Data Strategy team. His practice crosses all data, privacy, and security lines and ranges from all aspects of breach and incident response to board-level advice to proactive data transfer and data governance counseling.

[Read Bio]

New York and Illinois Regulators Recommend Third Party Cybersecurity Review For Specific Vulnerabilities

By and

This month, the Illinois Department of Insurance issued guidance to insurers recommending assessments in response to a Microsoft Exchange vulnerability, detailed in the guidance.  In the Bulletin dated May 5, the Department encourages regulated entities to “assess the risk to their systems and consumers and take steps necessary to address vulnerabilities and customer impact.” The […]

NYDFS Reports Major Cybersecurity Settlement

By and

In early March, the New York Department of Financial Services (NYDFS) announced a settlement involving a $1.5M penalty and mandatory remediation in response to a mortgage lender’s alleged failure to report a cyber breach, and other alleged cybersecurity failures. This enforcement action marks the second public enforcement action under 23 NYCRR Part 500 (the “Cybersecurity […]

U.S. Department of Commerce Releases White Paper to Assist Organizations in Conducting Schrems II Assessments

By

In a letter from Deputy Assistant Secretary James Sullivan, the U.S. Department of Commerce introduced a white paper, “Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II,” to assist organizations in conducting independent analyses of data transfers in light of the July 16, 2020 […]

CCPA Plaintiffs Testing whether Any CCPA Violation Can be Used to Bring Class Actions

By , and

Plaintiffs’  counsel  have  started  to  lay  the  groundwork  in the last few weeks for  a  broad  private  right  of action under the California Consumer Privacy Act (the “CCPA”).  Alston & Bird has published an Advisory that evaluates this recent CCPA litigation, and offers practical advice to companies as they build CCPA compliance.  In this Advisory, […]

Warning: Iranian Cyber Response Possible Against Private Industry

By and

After Friday’s announcement of the killing of Major General Qassem Soleimani, a leader of Iran’s Quds Force, several regulators have put industry on high alert of the increased potential for cyber-attack.  Iran has a known history of launching cyber-attacks against US industry, and regulators warn industry to prepare for a possible rise in cyber-attacks. The […]