DoD Issues Final CMMC Framework for Defense Contractors
After a nearly five-year rulemaking process, the U.S. Department of Defense (DoD) published the Final Cybersecurity Maturity Model Certification 2.0 (CMMC) program rule in the Federal Register on Oct....
View ArticleSEC Settles Charges for Alleged Misleading Disclosures, Shedding Light on...
On Oct. 22, 2024, the Securities and Exchange Commission (SEC) announced settled charges against four current and former public companies, Unisys, Avaya Holdings, Check Point Software Technologies and...
View ArticleThe SEC’s Cybersecurity Incident, Governance, and Management Reporting...
As public companies’ reliance on remote work, cloud computing and digital payments increases, so too does the cybersecurity risk. Recognizing this, the SEC finalized rules and regulations in September...
View ArticleHHS Proposed Rule May Enhance HIPAA Security but Leaves AI Questions Open
In response to increased cybersecurity threats and significant regulatory enforcement actions, on Dec. 27, 2024, the Department of Health and Human Services (HHS) issued a Notice of Proposed...
View ArticleDelayed One-to-One Consent Rule Gives Companies Reprieve, Plus Other TCPA...
The Federal Communications Commission (FCC) announced on Jan. 24, 2025, that its highly anticipated one-to-one consent rule was postponed by at least one year. This is big news for companies that were...
View ArticleCFPB Explores the Need for Greater Financial Privacy
On January 10, 2025, in the waning days of the Biden Administration, the Consumer Financial Protection Bureau issued a Request for Information Regarding the Collection, Use, and Monetization of...
View ArticleBusinesses Beware: The California Privacy Protection Agency Is Taking a...
On March 7, 2025, the California Privacy Protection Agency (“CPPA”), which is tasked with enforcing the California Consumer Privacy Act (“CCPA”) entered a Stipulated Final Order (“Order”) with...
View ArticleBroad Interpretation of CCPA’s Private Right of Action Increases Business...
In a recent decision, the U.S. District Court for the Northern District of California has construed the private right of action provision under the California Consumer Privacy Act (CCPA) broadly,...
View ArticleEmerging Defense in CIPA Lawsuits: Potent Yet Constrained by Legal and...
On June 3, 2025, the California Senate unanimously voted to amend the California Invasion of Privacy Act (“CIPA”) to exclude cookies and other commonly used internet tracking technologies from CIPA...
View ArticleWhat’s New in Digital Asset Policy?
On May 20, 2025, the Senate cleared procedural obstacles to consider the GENIUS Act on the Senate floor. Originally introduced on Feb. 4, by Senator Bill Hagerty, R-TN, along with Senate Banking...
View Article