Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

Taking a stand on standing in data breach cases

At the crossroads of the California Consumer Privacy Act and Article III standing: Plaintiffs continue to test the boundaries of the CCPA’s Private Right of Action for data breaches;Courts, however, are standing firm on Article III standing requirements;That said, the costs of data breaches are rising with increased litigation and regulatory risk, so to reduce the chances of a breach,...

Standard Contractual Clauses and EDPB Recommendations

The European Data Protection Board (EDPB), a collective of representatives from European data privacy regulators, published important recommendations on the Schrems II judgment, the seismic European decision that invalidated the EU-US Privacy Shield and called into question the continuing viability of personal data transfers from the EU and UK to third countries, particularly the...

A Cybersecurity Storm and Winds of Change: NY DFS requires all New York financial institutions to report effects of SolarWinds hack

The New York Department of Financial Services (NY DFS) issued an alert on Friday, December 18, 2020, requiring all NY DFS regulated entities to immediately report whether they have been affected in any way by the massive, state-sponsored security breach of SolarWinds.  NY DFS’s request for immediate notification from all affected entities goes beyond what is normally required...

Only YOU can prevent IoT network shutdowns

As tens of billions of additional Internet of Things (IoT) devices are poised to enter the market and infuse our supply chains, on December 4, 2020, President Donald Trump signed the first ever federal law governing IoT devices. The IoT Cybersecurity Improvement Act (the Act) will result in new national rules for federal procurement of IoT devices which, along...

Once more unto the breach: The Supreme Court weighs in on a circuit split on what constitutes a hack

The United States Supreme Court hears arguments to decide the reach of the Computer Fraud and Abuse Act (CFAA). The Court is poised to decide whether to “exceed authorized access” constitutes a hack.The CFAA’s ambiguous language has created a circuit split the Supreme Court will now resolve.This decision will have far reaching implications for employers, employees, and...

No rest for the weary: cybersecurity and privacy enforcement actions heat up

A recent wave of cybersecurity and privacy enforcement actions cautions businesses dealing in personal data to strengthen their security and compliance plans. The New York Department of Financial Services recently announced its first enforcement action under its cybersecurity regulation. The California Attorney General began enforcement-related inquiries under the newly enacted...

« Older Entries Next Entries »