Cryptocurrency

DOJ Announces National Cryptocurrency Enforcement Team

On October 6, the Department of Justice (“DOJ”) announced the creation of a National Cryptocurrency Enforcement Team (“NCET”).  The DOJ press release is set forth in part below, without further commentary, other than to observe that the NCET’s stated goals are to address issues on which we repeatedly have blogged:  crypto exchangers and their AML obligations; the…
Read More
GDPR

UK Ranks Second Highest in GDPR Fines

A new report from cybersecurity company ESET found that the UK ranks second highest in average GDPR fine value ($10 million), despite issuing the lowest number (five) of GDPR fines in the EU. Spain issued the highest number of fines (273), while Luxembourg issued the highest value fines.  The report found that more than 650…
Read More
Ransomware

New Ransomware Guidance Issued

On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued new ransomware guidance, discouraging companies and citizens from paying ransoms. The Updated Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments is the latest step taken by the Biden Administration to curb the increase in ransomware attacks. In…
Read More
Cybersecurity

How Cybersecurity Frameworks Can Protect Your Organization (Even in the Event of a Breach)

It’s certainly no secret how damaging data breaches can be for organizations today. And if lost revenue and a tarnished reputation aren’t enough to make you want to act, your organization could face punitive damages if you fail to protect your customers’ private information. Yes, that’s right—steep fines imposed by regulatory agencies can await those…
Read More
CCPA

CCPA Enforcement is Picking Up. Are you Ready?

Although the California Consumer Privacy Act (“CCPA”) has been in effect since January 1, 2020 and subject to enforcement since July 1, 2020, it seemed until recently that compliance had been somewhat spotty. Well, it’s time to wake from your compliance slumbers and start paying attention because California’s new Attorney General (“AG”) Rob Bonta has…
Read More
GDPR Violators

Cybersecurity and Data Privacy Inextricable According to EU Regulators

The Wall Street Journal has reported on a developing trend in the cybersecurity and data privacy landscape: European Union regulators are cracking down on perpetrators of data privacy breaches and violators of the General Data Protection Regulation (GDPR).  In Croatia, regulators “fined an unnamed technology service provider last week because it lacked proper cyber defenses,…
Read More

FTC Can No Longer Seek Restitution for Consumers

On April 22, the U.S. Supreme Court unanimously ruled that the Federal Trade Commission (FTC) could no longer seek consumer restitution through Section 13(b) of the FTC Act— a provision the FTC has been using for nearly 40 years to impose monetary penalties against companies engaging in deceptive practices. Understanding the impact of this decision…
Read More

New York State Proposes Biometric Privacy Law

New York State legislators have proposed a private right to action with Assembly Bill 27–a proposed amendment to New York’s General Business Law (GBL). This amendment–also called the Biometric Privacy Act (BPA) –would allow consumers to sue companies for improperly collecting or using certain biometric data. Here’s our analysis:  What Qualifies As Biometric Data?  BPA takes…
Read More

2020 News in Review

Week Ending December 28  ICO Warns SolarWinds Victims to Report Breaches  The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…
Read More
Back To Top