Given the DOJ's limited tools to prosecute AI crimes where no one intended for the AI to violate the law, effective compliance likely will be the best defense for companies to avoid criminal charges for AI-based crimes.
While the IRS has new ERC claims on pause and works to investigate possible fraud, business owners still have the opportunity to protect themselves from potential civil and criminal penalties.
Companies should be going above and beyond what's legally required to earn leniency from the SEC, its top enforcement official said at a gathering of white collar defense attorneys and in-house counsel
Regulators worldwide — not just in the United States — are putting in place new programs and policies that will make steering clear of enforcement bunkers even more difficult. And one of the most worrisome, according to corporate attorneys, is a new DOJ pilot program that will provide stronger incentives for whistleblowers to rat out their co-workers and employers for misconduct.
Nearly six months after the Cyberspace Administration of China (CAC) was first introduced for public consultation, the much-awaited final rules on Regulating and Facilitating Cross-border Data Flows were published and came into effect on March 22, 2024. The New Regulations largely repeat the Draft Regulations, but now have further relaxed personal data exports from China.
In an era where digital threats loom large, the responsibilities of Chief Information Security Officers have expanded beyond traditional IT security to encompass a broader governance, risk management, and compliance role. The infamous SolarWinds Corp. attack illustrates the complex cybersecurity landscape CISOs navigate.
GIPA litigation remains in its early stages, but the possibility of exorbitant statutory damages could make GIPA the next major trend in privacy class action litigation.
The guidance mirrors the recent, broader impulse among U.S. prosecutors and regulatory agencies to extend application of U.S. law to foreign persons and entities, even when those persons and entities have only threadbare connections to the U.S.
With a view toward injecting some modicum of clarity into the volatile arena of NIL, a plethora of legislation has been enacted at the state level and proposed at the federal level.
With the first cybersecurity rule for public companies, and the landscape of ongoing scrutiny and enforcement, SEC registrants should not lose time in reviewing their cybersecurity postures and policies to ensure compliance and, even ahead of formal adoption of certain still-pending rules, align with best practices.
