AI

SEC Proposes Rules Limiting the Use of Artificial Intelligence by Registered Investment Advisers and Broker-Dealers

Asia

Navigating the Complex Regulation of Privacy and Data ProtectionCISA Alert: North Korean Cyber Threat Poses Increased Risk for Financial Institutions2019 Cybersecurity Developments: A Year in Review

Blockchain

DFS Enters Consent Order with Robinhood Crypto for Deficiencies in AML, Cybersecurity, and Virtual Currency ComplianceSEC Takes Aim at Crypto Lending in BlockFi Settlement; Calls on Market to “Come into Compliance”: Is Regulatory Clarity Coming Soon?SEC Expands on Its Digital Asset Guidance: At Inception, (Nearly) Every New Token Is a Security

Brazil

Recent Developments In Data Privacy Enforcement In Brazil And A Comparison With The U.S. Regime

Breach Notifications

SEC Charges Public Company For Alleged Misleading Disclosures Surrounding Ransomware AttackPrivacy and Data Protection Compliance Will Remain a Top Priority in 2023Cybersecurity: Continued Cyberattacks and New Regulations Result in Increased Risk

BREXIT

The New Commission SCCs for Data Transfers under GDPR – More Questions than Answers?European Commission Provides Further Hints at Post-Brexit Adequacy Decision for the UK

Canada

Canadian Financial Regulator Publishes New Cyber Incident Reporting Guidelines Effective March 2019

CFTC Guidance

Leaders of the SEC, CFTC, and FinCEN Issue Joint Statement Reminding Market Participants of Their AML/CFT Obligations for Digital Asset ActivitiesThe CFTC Releases Primer on Smart Contract Use in Financial Markets

Covid-19

New York Department of Financial Services Issues New Guidance on Cyber Threats2020 Cybersecurity and Privacy Developments: A Year in ReviewCybersecurity: Another Year of Intrusions and Regulation Punctuated by a Pandemic

Cybersecurity

Key Takeaway’s from the Irish Data Protection Commission’s decision on Meta Data TransfersNew SEC Disclosure Rules for Cybersecurity Incidents and Governance and Key TakeawaysEU-U.S. Data Privacy Framework

DOJ Guidance

Developments at Justice: The Deputy Attorney General Talks Cybersecurity and the National Cryptocurrency Enforcement Team Gets its First DirectorCleary Gottlieb Welcomes Back Anthony M. Shults, Former Acting Deputy Assistant Attorney General and Senior Counsel at the Department of JusticeDOJ Charges Former Uber Executive for Alleged Role in Attempted Cover-Up of 2016 Data Breach

Enforcement

SEC Proposes Rules Limiting the Use of Artificial Intelligence by Registered Investment Advisers and Broker-DealersSEC Continues to Shine Light on Cyber and Data Security: Proposes Amendments to Regulation S-PCalifornia Refuses to “Kid Around” on Children’s Privacy With Enactment of the California Age Appropriate Design Code

ESG

The SEC’s Climate Proposal – Top Points for Comment

European Union

Key Takeaway’s from the Irish Data Protection Commission’s decision on Meta Data TransfersEU-U.S. Data Privacy FrameworkKey Takeaways from the EDPB’s Cookie Banner Taskforce Report

Financial Institutions

SEC Proposes Rules Limiting the Use of Artificial Intelligence by Registered Investment Advisers and Broker-DealersSEC Chair Previews Ramp Up in Regulation and Enforcement in the Cybersecurity ContextThe Office of the Comptroller of the Currency Warns of Increasingly Complex Cyber Risks for Banks

FINRA

FINRA Releases Notice On Cybersecurity Measures In light of COVID-19 PandemicFINRA 2019 Examination Priorities Letter Includes Focus on FinTech and CybersecurityFINRA Provides Updated Cybersecurity Guidance to Broker-Dealer Firms

FinTech

DFS Enters Consent Order with Robinhood Crypto for Deficiencies in AML, Cybersecurity, and Virtual Currency ComplianceEuropean Health Data Space – The Commission’s Proposal on a Single Market For Digital Health Services, Products, and DataSEC Nearly Doubles Size of Digital Asset Enforcement Team

FTC Guidance

Regulators Impose Epic Consequences for Children’s Privacy Rights ViolationsNavigating the Complex Regulation of Privacy and Data ProtectionThe Federal Trade Commission Warns Companies to Remediate the “Log4j” Software Security Vulnerability

GDPR

Key Takeaway’s from the Irish Data Protection Commission’s decision on Meta Data TransfersEU-U.S. Data Privacy FrameworkIowa Becomes the Sixth State to Enact a Comprehensive Privacy Law

ICOs

SEC Issues Enforcement Action Against Unikrn, Inc. for its ICO, Prompting Rare Public Dissent from Commissioner Hester PeirceSEC Issues First ICO Enforcement Action Against a Self-Reporting Token IssuerCalifornia District Court Denies SEC Preliminary Injunction in ICO Case, Says Tokens’ Status As Securities Is Question of Fact

Italy

Italian National Cybersecurity Perimeter: Some Considerations Following Completion of the Regulatory Framework

Litigation

Schrems III? The European Commission and U.S. Government Announce New Trans-Atlantic Data Privacy Framework2021 Cybersecurity and Privacy Developments in the United StatesData Breach Class Action Against Bonobos Dismissed For Lack of Standing

NISD

Cybersecurity in the EU - The New Regime under the GDPR and NISD

NYDFS Guidance

DFS Enters Consent Order with Robinhood Crypto for Deficiencies in AML, Cybersecurity, and Virtual Currency ComplianceNew York Department of Financial Services Issues New Guidance on Cyber ThreatsFS-ISAC Warns that Cyberattacks Against Financial Services Firms Increased Substantially in Response to COVID-19 Mitigation Efforts

Privacy

Key Takeaway’s from the Irish Data Protection Commission’s decision on Meta Data TransfersEU-U.S. Data Privacy FrameworkDetermining Applicability of Newly Enacted Comprehensive U.S. Privacy Laws

Regulatory

Determining Applicability of Newly Enacted Comprehensive U.S. Privacy LawsItalian National Cybersecurity Perimeter: Some Considerations Following Completion of the Regulatory FrameworkEuropean Health Data Space – The Commission’s Proposal on a Single Market For Digital Health Services, Products, and Data

Russia

U.S. Senate Fast Tracks Major Cybersecurity Legislation in Response to Russia Threat

SEC Guidance

New SEC Disclosure Rules for Cybersecurity Incidents and Governance and Key TakeawaysSEC Proposes Rules Limiting the Use of Artificial Intelligence by Registered Investment Advisers and Broker-DealersSEC Continues to Shine Light on Cyber and Data Security: Proposes Amendments to Regulation S-P

Smart Contracts

The CFTC Releases Primer on Smart Contract Use in Financial Markets

United Kingdom

The UK Government Publishes the New Data Protection BillThe United Kingdom and the Republic of Korea Finalize Data Sharing AgreementUK ICO Issues Draft Guidance on Monitoring at Work

United States

New SEC Disclosure Rules for Cybersecurity Incidents and Governance and Key TakeawaysEU-U.S. Data Privacy FrameworkSEC Proposes Rules Limiting the Use of Artificial Intelligence by Registered Investment Advisers and Broker-Dealers