On January 26, 2022, the Georgia General Assembly introduced a bill titled the Georgia Computer Data Privacy Act (GCDPA). Despite its title, the GCDPA is not a “computer”-focused bill. It is instead is an omnibus privacy statute modeled after … [Read more] about Georgia Introduces Privacy Bill Stricter than CCPA – the Top 10 Issues
At the heels of a recent Civil Cyber-Fraud Initiative related to cybersecurity practices and the False Claims Act (FCA), a cybersecurity-related FCA case has survived a motion for summary judgment, teeing up a trial to determine if the defendants’ … [Read more] about Incomplete Cybersecurity Compliance Disclosures May Support Fraud Claim Under the False Claims Act, Federal Court Holds
On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund and private fund disclosure requirements and increase regulators’ visibility into the private funds industry. The proposed rules would … [Read more] about SEC Proposed Rule Will Require Private Funds to Report Certain Cyber Events
In a decision of December 16, 2021, the Belgian Data Protection Authority (“DPA”) imposed a EUR 75,000 administrative fine on a bank located in Belgium for failure to comply with the requirement in Article 38.6 of the General Data Protection … [Read more] about Belgian Data Protection Authority Fines Bank for DPO’s Conflicting Roles
On January 28, 2022, the European Data Protection Board (“EDPB”) published draft regulatory guidelines (“draft guidance”) on the right of data subjects to have access to their personal data under the EU General Data Protection Regulation (“GDPR”). In … [Read more] about EDPB Issues Draft Guidelines on Data Subject Access Rights