On December 8, 2023, the California Privacy Protection Agency (CPPA) will hold a board meeting seeking public comment on various privacy regulations. The meeting, which will take place on Zoom, will cover several topics listed in its published … [Read more] about CPPA Publishes Revised Cybersecurity Audit Regulations in Advance of Board Meeting
On November 21, 2023, the Colorado Attorney General (the “AG”) published a shortlist of potential universal opt-out mechanisms (“UOOMs”) that the AG is considering recognizing as binding under the Colorado Privacy Act (the “CPA”). Beginning on … [Read more] about Colorado AG Publishes Shortlist of Universal Opt-Out Mechanisms
Just a month before the Security and Exchange Commission’s (“SEC’s”) Material Cybersecurity Incidents Rule is set to take effect, a ransomware group has apparently taken compliance with reporting requirements into its own hands. On November 15, … [Read more] about Ransomware Group, in Midst of Extortion Attempt, Files Regulatory Notice with SEC
On October 27, 2023, the FTC approved an amendment to the Safeguards Rule (the “Amendment”) requiring that non-banking financial institutions notify the FTC in the event of a defined “Notification Event” where customer information of 500 or … [Read more] about FTC Approves New Data Breach Notification Requirement for Non-Banking Financial Institutions
At the end of September 2023, the Cyberspace Administration of China (CAC) released draft regulations (see the unofficial English translation) regulating the cross-border flow of personal information and important data out of the Peoples Republic of … [Read more] about China Releases Major Changes in its Draft Regulations on Cross-border Data Flows