Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Navigating global regulations – GDPR is now in effect

The General Data Protection Regulation (GDPR) took effect last week after two years of anticipation and preparation. Even though the GDPR is now in effect, US-based companies are still working to make sense of whether the GDPR applies to them, and what their obligations are if it does: What questions should US companies be asking about GDPR compliance now that the regulation has come...

FERC Clarifies FAST Act Regulations and Proposes Rules on Geomagnetic Disturbance Events

FERC has clarified its regulations implementing the Fixing America’s Surface Transportation Act (FAST Act) related to Critical Energy/Electric Infrastructure Information (CEII). In Order No. 833-A, issued May 17, 2018, FERC clarified that it would consider “public safety benefits” in evaluating a request for CEII, and that its CEII Coordinator may solicit input from affected parties in...

Protecting your assets Block and tackle—unclaimed property and cryptocurrency

As promoters of cryptocurrencies and digital-asset exchanges face intense scrutiny from tax, securities and other financial services regulators, they will soon have to contend with unclaimed property (or escheat) laws in the United States. This article explores how these laws could apply to cryptocurrency exchanges, hosted wallets, and other market participants, such as banks,...

It’s a material world—why the SEC’s Yahoo! penalty really matters

Determining whether to notify when struck by a cyberattack can be a complex undertaking, but the SEC’s recent $35 million penalty levied on Yahoo! Inc. for untimely disclosure of its breach raises the stakes for corporations. The need for a proactive, well-thought out regulatory notification strategy, and an awareness of the dangers of default non-disclosure positions, has never been...