In early March, the New York Department of Financial Services (NYDFS) announced a settlement involving a $1.5M penalty and mandatory remediation in response to a mortgage lender’s alleged failure to report a cyber breach, and other alleged … [Read more] about NYDFS Reports Major Cybersecurity Settlement
Yesterday, Virginia became the second state after California to pass a comprehensive privacy law when Governor Ralph Northam signed the Consumer Data Protection Act (CDPA). The CDPA contains many elements found in the California Consumer Privacy Act … [Read more] about Virginia Becomes First State with Comprehensive Privacy Law after CCPA
On February 24, 2021, President Biden announced a new Executive Order on America’s Supply Chains. The Order provides for two key initiatives, including a 100-day review of the supply chains for certain vital products and a long-term review of supply … [Read more] about President Biden Issues Executive Order on America’s Supply Chains
As part of a growing trend, the Eleventh Circuit recently held that an alleged risk of future identity theft does not establish standing where the plaintiff does not allege any information has actually been misused. Tsao v. Captiva MVP Rest. … [Read more] about Eleventh Circuit Holds Risk of Future Harm Does Not Establish Article III Standing
On February 19, 2021, the European Commission adopted a draft ‘adequacy decision’ in favor of the UK. The adoption of the draft adequacy decision marks the first step in ensuring the continued free flow of personal data from EEA countries to the UK … [Read more] about European Commission Adopts Draft UK Adequacy Decision