On December 29, 2023, the Colorado Attorney General (the “AG”) announced that the Global Privacy Control (“GPC”) will become the first universal opt-out mechanism (“UOOM”) the AG considers valid under the Colorado Privacy Act (the “CPA”). Effective … [Read more] about Colorado AG Recognizes Global Privacy Control as the First Valid Universal Opt-Out Mechanism
On December 19, 2023, the Justice Department (“DOJ”) announced a disruption campaign against the Blackcat ransomware group. In the same press release, they also stated that the Federal Bureau of Investigation (“FBI”) had developed a decryption tool … [Read more] about FBI Develops Decryption Tool to Combat Blackcat Ransomware
On 7 December 2023, the Court of Justice of the European Union (CJEU) issued an important decision on how the GDPR governs AI-assisted decisions. The case arose in the financial services context, with the court holding that the GDPR’s AI rules apply … [Read more] about EU’s Highest Court Issues Major AI Decision With Wide-Reaching Impact
After a three-year investigation/enforcement action by the New York Department of Financial Services (“NYDFS”), NYDFS entered into a Consent Order with a large title insurer (the “Company”) for its violation of NYDFS’s Cybersecurity Regulation (23 … [Read more] about NYDFS Releases Consent Order in First Enforcement Action Brought Under the Cybersecurity Regulations
After a decade and a half under the current data breach notification rules for telecommunications carriers and telecommunications relay services (TRS) providers, the FCC recently unveiled plans to update and expand them. On November 22, 2023, the … [Read more] about FCC Plans to Update Data Breach Notification Rules