The SEC has recently signaled an increased concern with the offerings and marketing of Initial Coin Offerings (“ICOs”),[1] which should be of interest to companies and institutions involved with ICOs. On November 1, 2017, the SEC Division of Enforcement and Office of Compliance Inspections and Examinations (“OCIE”) jointly issued a public statement warning celebrities and other influencers promoting Initial Coin Offerings (“ICOs”) about potential violations of a host of federal securities laws, including the anti-touting and anti-fraud provisions of the federal securities laws. Specifically, the public statement noted that endorsements may be unlawful if they do not “disclose the nature, source, and amount of any compensation paid, directly or indirectly . . . in exchange for the endorsement.,” and that endorsers may also face liability for potential violations of the anti-fraud provisions, for participation in an unregistered securities offering, and for acting as unregistered brokers. The public statement also noted that investment decisions should not be based solely on an endorsement and cautioned that “celebrity endorsement may appear unbiased, but instead be part of a paid promotion.” The public statement follows an investigative report issued by the Division of Enforcement on July 25, 2017, which announced that blockchain technology-based coins or tokens sold in an ICO may be a form of security under the Securities Act of 1933 and the Securities Exchange Act of 1934.
Continue Reading The SEC Warns That Celebrity Endorsements of Virtual Currency May Violate Federal Securities Laws
Newly Created SEC Cyber Unit Takes First Action Against Allegedly Fraudulent ICO
On Monday, December 4, 2017, the U.S. Securities and Exchange Commission (SEC) obtained an emergency order from a U.S. District Court in New York to enjoin an allegedly fraudulent initial coin offering scheme. The SEC’s complaint alleges that Dominic Lacroix, a recidivist securities law violator, and his company PlexCorps violated the anti-fraud and registration provisions of the U.S. federal securities laws in collecting up to $15 million in investor funds purportedly in exchange for digital tokens and promised returns in excess of 1,000% in 29 days. The complaint also charges Lacroix’s partner Sabrina Paradis-Royer with securities fraud. Among other relief, the district court has granted the SEC’s request to freeze the defendants’ assets.
Continue Reading Newly Created SEC Cyber Unit Takes First Action Against Allegedly Fraudulent ICO
In Wake of the Equifax Breach, New York’s Attorney General Proposes New, Stricter Data Privacy Law
Earlier this month, on November 2, New York Attorney General Eric T. Schneiderman announced that he was working with New York state legislators to introduce comprehensive new legislation to address data breaches and data privacy. After pointing to the Equifax breach as the impetus of the legislation, the Attorney General’s Office also explained that it had received over 1,300 data breach notifications in 2016, affecting 1.6 million New Yorkers. To address these issues, the proposed Stop Hacks and Improve Electronic Data Security (SHIELD) Act would require companies to take steps to protect private information, broadens the type of private information covered, and increases potential penalties for failures to comply with the law. This post summarizes the key aspects of the proposed legislation, and compares it to other recently enacted data privacy legislation.
Continue Reading In Wake of the Equifax Breach, New York’s Attorney General Proposes New, Stricter Data Privacy Law
Hong Kong SFC and HKMA Issue New Guidelines for Reducing and Mitigating Hacking Risks Associated with Internet Trading
On October 27, 2017, the Hong Kong Securities and Futures Commission (“SFC”) issued Guidelines for Reducing and Mitigating Hacking Risks Associated with Internet Trading (the “Guidelines”), a set of baseline cybersecurity requirements that all persons licensed or registered with the SFC and engaged in internet trading will be required to implement. The Hong Kong Monetary
With Equifax Looming, Split On Standing In Data Breach Cases Grows with Recent Decisions
As the Equifax breach litigation gets underway, several recent decisions have widened a split on when and under what conditions customers or other affected individuals may bring claims against a company that suffers a data breach. Late last month, a D.C. federal judge dismissed a lawsuit based on the massive breach at the U.S. Office
NY AG Announces Investigation Following Massive Equifax Breach
New York Attorney General Eric T. Schneiderman announced his office was opening a “formal investigation” into the massive breach disclosed by Equifax. Schneiderman stated that the breach lasted from mid-May through July, when hackers accessed names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. Under New York law, businesses with
NYDFS Cybersecurity Regulations Take Effect
New York’s new cybersecurity regulations (the “Regulations”) become effective on August 28, 2017, marking a significant milestone in what is likely to be a new era in cybersecurity regulation on both a national and international level.
SEC Issues Risk Alert Based on Cybersecurity Survey
The Securities Exchange Commission (“SEC”), Office of Compliance Inspections and Examinations (the “OCIE”), published a Risk Alert describing its findings from its second cybersecurity survey of regulated entities (the “Cybersecurity 2 Initiative”).
D.C. Court Issues Significant Data Breach Decision
On August 1, 2017, the United States Court of Appeals for the D.C. Circuit held that policyholders of the health insurer CareFirst had standing to sue the company after their information was compromised during a cyberattack.
Mitigate Litigation and Regulatory Exposure From Cyber-Attacks
Late last month, Target Corporation reached an $18.5 million settlement with the Attorneys General of 47 states and the District of Columbia, resolving the AGs’ investigation into Target’s 2013 data security breach.
Target’s recent settlement, when viewed in conjunction with other recent developments, provides a roadmap for prophylactic measures that companies may implement to limit