Regulatory Playbook | Pillsbury Law | Cybersecurity, Privacy & Data Protection | Insights
Regulatory Playbook
Inside analysis direct from Washington, DC
This links to the home page
Topics

Cybersecurity, Privacy & Data Protection

  • Pillsbury's Post-Election Outlook
    11.07/Alert

    The 2018 Midterm Election played out as most poll forecasters speculated. Although several races have yet to be decided, Republicans have retained control of the Senate, but lost at least 29 seats, allowing the Democrats to wrest back control of the House for the first time since 2010.

  • 2018 Election Night Guide
    11.02/Article

    Pillsbury’s Political Law and Public Policy groups break down the need-to-know numbers for this year’s election. Pillsbury’s biennial Election Night Guide examines the potential outcomes for the 2018 Congressional and Governor’s races. Our Public Policy team is also preparing a post-election guide that will be useful in navigating potential changes in Congress.

  • New EU Data Laws—What Nonprofit Organizations Need To Know
    04.23/Alert

    Nonprofit organizations can often handle large amounts of data originating in the EU. Though it is a common misconception that nonprofits are exempt from GDPR compliance, the fact is they are not.

  • Blockchain and the Legal Landscape
    03.26/Video

    In this video, Pillsbury partner Mercedes Tunstall discusses some of the important legal issues to consider when exploring a blockchain solution.

  • Oh No, Mr. Robot Just Hacked Our Smart Building…
    03.26/Blog

    Despite some very real-world examples, such as a 2017 breach of Dallas' emergency siren system, there seems to be little recognition of the security risk that connected buildings and smart cities entail.

  • Top Ten Emerging Trends in Pay Ratio Disclosure
    03.21/Alert

    Preliminary trends are emerging from the pay ratio disclosures filed by U.S. public companies in 2018.

  • Court of Appeals Rolls Back Portions of the FCC’s 2015 Robocall and Text Ruling
    03.19/Blog

    A recent Court of Appeals decision will rescind some aspects of the Telephone Consumer Protection Act and have significant implications for businesses contacting consumers by telephone or text.

  • Safety from Hackers—and Trial Lawyers
    02.25/Article

    A simple legislative fix would shield cybersecurity innovators from costly nuisance lawsuits.

  • European Businesses Offering Payment Services Told How to Manage Operational and Security Risks
    01.29/Alert

    The European Banking Authority's has unveiled nine operational and risk managment guidelines with which all payment services providers are expected to comply.

  • December 31, 2017 Deadline for Cybersecurity under DFARS 252.204-7012 Re-Interpreted
    12.20/Alert

    With the December 31 deadline for cybersecurity compliance just around the corner, the Department of Defense has clarified some of its expectations.

  • Time Is of the Essence: Multinational Companies Must Respond to Cyber Regulation
    11.30/Blog

    Cyberinsurance could help mitigate risk for companies impacted by the new EU General Data Protection Regulation when it takes effect in May.

  • EU Data Transfer Solutions Under Further Judicial Scrutiny – What Next For Model Contract Clauses?
    11.16/Blog

    Many organizations rely on MCCs to transfer personal data worldwide. That's why data exporters await an EU ruling on the issue with bated breath.

  • The ICO’s Draft Guidance Leaves Unanswered Questions on Processor Obligation to Notify Infringing Instructions
    11.13/Blog

    One GDPR requirement has been a particular source of angst for commercial and data protection professionals--especially those acting for processors and sub-processors.

  • Cyberattacks Are the New Norm
    09.21/Alert

    Attorneys general are increasingly launching investigations and filing lawsuits against companies whose customer databases have been stolen. Because of the significant possibility of government action, companies should fully understand their liability insurance policies, obligations and risks.

  • Disclose or Else: FTC Steps Up Prosecution of Social Media Influencers
    09.14/Blog

    In September 2017, the Federal Trade Commission brought its first-ever action against a social media influencer for failing to make appropriate disclosures on sponsored posts. Going forward, anyone who posts sponsored material or even tags a brand in a post should seriously consider the possibility of FTC prosecution.

  • The Internet Stole My Face: New Advances in Technology Could Make Everyone a Digital Video Puppet
    08.30/Blog

    Visual effects artists can create realistic digital replicas of actors that can be manipulated like puppets, and new developments in software technology could soon make digital puppetry accessible to the masses. Protections against unauthorized use of digital replicas can involve copyright or traditional tort claims, but if this technology continues to spread, the difficulty in controlling one’s own likeness will probably increase.

  • Keeping up with Cayla: Concerns over Interactive Toys Spur an FTC Update of COPPA Guidelines
    07.24/Alert

    Consumer groups have filed a complaint alleging that My Friend Cayla, an internet-connected doll, violates the Children’s Online Privacy Protection Act (COPPA) by facilitating the collection of children’s communications and uploading them for commercial use without verifiable parental consent. The Federal Trade Commission’s June 2017 update to COPPA added internet-connected toys, children’s products that collect personal information, and voice-activated devices to the products and services covered.

  • Executive Order on Cybersecurity: Considerations for Business
    05.31/Alert

    The long-awaited Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure represents the Trump Administration’s first significant action to support cybersecurity and protect critical infrastructure, and the initial days after its release generated a flurry of questions on the specifics of the White House’s cyber agenda.

  • With GDPR, Companies Must Act Now
    05.31/Video

    Pillsbury’s European Data Privacy & Cybersecurity practice leader Rafi Azim-Khan talks to Bloomberg BNA about the global impact of the EU General Data Protection Regulation. The interview explores expanded monetary risk and accountability under the GDPR, and what companies should—and should not—do to become GDPR-ready.

  • Don’t Rock the Vote: Helping State and Local Governments Fend Off Cyber Attacks
    03.21/Alert

    Voting in local, state and national elections could be viewed as a rudimentary form of social media, by which voters share their views and preferences via selection of a candidate or party platform. The distance between this “old school” social media and its multi-headed modern form has shrunk thanks to the advent of electronic voting machines and online voting. But, as always, with the implementation of new technologies comes new risks.

  • Managing the Cybersecurity Risks of the Medical Internet of Things
    02.11/Blog

    The cybersecurity ramifications of the Internet of Things (IoT) are perhaps nowhere more crucial--potentially a matter of life and death, in fact--than in the realm of medical devices. Until recent times, a potential hack of the data-sharing that is a hallmark of the IoT raised far more privacy concerns than actual health risks. However, as medical devices begin to evolve and make use of the connectivity of the IoT, this balance may change.