On September 20, 2022, the Securities and Exchange Commission (SEC) settled an enforcement action with a large, registered investment adviser (the Firm) for alleged violations of the Safeguards Rule and the Disposal Rule of Regulation S-P … [Read more] about SEC Sends a Message to Investment Advisers: Take Secure Data Disposal Seriously
On September 7, 2022 the U.S. Department of Transportation’s National Highway Traffic Safety Administration (NHTSA) released an updated edition of its Cybersecurity Best Practices for the Safety of Modern Vehicles, the last edition of … [Read more] about NHTSA Updates its Guidance on Cybersecurity Best Practices for the Safety of Modern Vehicles
On September 12, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) issued a request for information (RFI) seeking input from stakeholders on the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). Signed by … [Read more] about CISA Issues Request for Information Prior to Required CIRCIA Rulemaking
On August 24, 2022, California Attorney General Rob Bonta announced a $1.2 million dollar settlement with Sephora to account for alleged violations of the California Consumer Privacy Act (CCPA). This is the first CCPA enforcement action taken by the … [Read more] about Sephora Ordered to “Make-Up” for CCPA Violations
On August 22, 2022, the Federal Trade Commission (FTC) published its advance notice of proposed rulemaking (ANPR) to request public comment on commercial surveillance and data security practices. The ANPR comes at the same time as Congress is … [Read more] about FTC Issues Advance Notice of Proposed Rulemaking on Commercial Surveillance and Data Security