OCIE has released a risk alert regarding credential stuffing in the context of compliance with Regulation S-P and Regulation S-ID, and is encouraging firms to both (i) review and update their policies and procedures to address the risks associated with credential stuffing and (ii) consider proactive outreach to customers regarding measures taken to safeguard their […]
California Mandates COVID Exposure and Outbreak Reporting to Employees, Government Agencies
On Thursday, September 17, 2020, California Governor Gavin Newsom signed Assembly Bill 685 (“AB685”) into law. AB685 amends a number of portions of California’s Labor Code to address the COVID-19 pandemic. In addition to provisions that regulate reopening activities at California worksites, AB685 introduces two new COVID-related notification obligations for California employers: (1) a requirement […]
DOJ Charges Seven Individuals in Connection with Global Hacking Campaigns Against More Than 100 Companies
On September 16, 2020, the U.S. Department of Justice (DOJ) announced that seven individuals believed to be part of a hacking group known as APT41 or “Wicked Panda,” including five Chinese nationals and two Malaysian nationals, have been charged in connection with a global hacking campaign that affected more than 100 companies around the world. […]
Peter Swire Announced as Key Speaker at FTC Workshop on Data Portability
The Federal Trade Commission (“FTC”) today announced that Peter Swire, Senior Counsel at Alston & Bird LLP and Elizabeth and Thomas Holder Chair at Georgia Tech Scheller College of Business, will deliver a key presentation at the upcoming FTC Workshop on Data Portability (“Workshop”). Data portability refers to the ability of consumers to move data […]
EDPB publishes draft guidelines on the concepts of controller and processor
The European Data Protection Board (“EDPB”) has published draft guidelines on the concepts of controller and processor for public consultation. While its predecessor – the Article 29 Working Party – had issued guidance on the concepts of controller/processor (Opinion 1/2010, WP169) back in 2010, many practical concerns have been raised since the entry into force […]