Yesterday, October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued its “Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments." The advisory begins with the observation that … [Read more] about OFAC Ransomware Advisory Warns Companies of Potential Civil Liability
In a letter from Deputy Assistant Secretary James Sullivan, the U.S. Department of Commerce introduced a white paper, “Information on U.S. Privacy Safeguards Relevant to SCCs and Other EU Legal Bases for EU-U.S. Data Transfers after Schrems II,” to … [Read more] about U.S. Department of Commerce Releases White Paper to Assist Organizations in Conducting Schrems II Assessments
OCIE has released a risk alert regarding credential stuffing in the context of compliance with Regulation S-P and Regulation S-ID, and is encouraging firms to both (i) review and update their policies and procedures to address the risks associated … [Read more] about SEC Focused on Protecting Customer Accounts from Credential Stuffing Attacks
On Thursday, September 17, 2020, California Governor Gavin Newsom signed Assembly Bill 685 (“AB685”) into law. AB685 amends a number of portions of California’s Labor Code to address the COVID-19 pandemic. In addition to provisions that regulate … [Read more] about California Mandates COVID Exposure and Outbreak Reporting to Employees, Government Agencies
Brazil’s General Data Protection Law (the “LGPD”), a law similar to the European Union’s General Data Protection Regulation (the “GDPR”) is now effective. On April 29 of this year, Brazil’s President issued Provisional Measure 959 that, amongst … [Read more] about Brazil’s General Data Protection Law: A Comparison Between Brazil’s Newly Effective Law and the GDPR