On October 18, 2022, the European Data Protection Board (“EDPB”) published a proposed updated version of its regulatory guidance on personal data breaches under the EU GDPR (the “Proposed Updated Guidance”). The Proposed Updated Guidance seeks to … [Read more] about Heavier Breach Notification Obligations for U.S. Companies Subject to the EU GDPR According to Proposed Regulatory Guidance from the EDPB
Today, October 17, 2022, the California Privacy Protection Agency (“CPPA”) published its first set of Modified Proposed Regulations under the California Privacy Rights Act (“CPRA”). The Modified Regulations have been published in preparation for a … [Read more] about California Privacy Protection Agency Publishes Updated CPRA Regulations
On October 4, 2022, the White House Office of Science and Technology released the Blueprint for an AI Bill of Rights (the Bill) to guide the development and use of artificial intelligence (AI) in the United States. The White House recognized that … [Read more] about The White House Introduces new Blueprint for an AI Bill of Rights
On August 9, 2022, the Conference of State Bank Supervisors (CSBS) released two cybersecurity tools for nonbank financial services institutions to help prepare for state cybersecurity exams and, ultimately, improve cybersecurity maturity. Developed … [Read more] about CSBS Releases Cybersecurity Programs to Help Nonbank Financial Services Institutions Improve Cybersecurity Posture
On September 20, 2022, the Securities and Exchange Commission (SEC) settled an enforcement action with a large, registered investment adviser (the Firm) for alleged violations of the Safeguards Rule and the Disposal Rule of Regulation S-P … [Read more] about SEC Sends a Message to Investment Advisers: Take Secure Data Disposal Seriously