This article focuses on the requirements of CISA's proposed cyber incident reporting rule, the compliance requirements for covered entities and the steps entities can take to protect themselves.
Scientists have been collecting neural data from the brain for medical reasons for years, with myriad regulatory constraints in place. But in 2024, technologies are moving fast and furiously into the realm of consumer products.
Given the DOJ's limited tools to prosecute AI crimes where no one intended for the AI to violate the law, effective compliance likely will be the best defense for companies to avoid criminal charges for AI-based crimes.
While the IRS has new ERC claims on pause and works to investigate possible fraud, business owners still have the opportunity to protect themselves from potential civil and criminal penalties.
Companies should be going above and beyond what's legally required to earn leniency from the SEC, its top enforcement official said at a gathering of white collar defense attorneys and in-house counsel
Regulators worldwide — not just in the United States — are putting in place new programs and policies that will make steering clear of enforcement bunkers even more difficult. And one of the most worrisome, according to corporate attorneys, is a new DOJ pilot program that will provide stronger incentives for whistleblowers to rat out their co-workers and employers for misconduct.
Nearly six months after the Cyberspace Administration of China (CAC) was first introduced for public consultation, the much-awaited final rules on Regulating and Facilitating Cross-border Data Flows were published and came into effect on March 22, 2024. The New Regulations largely repeat the Draft Regulations, but now have further relaxed personal data exports from China.
In an era where digital threats loom large, the responsibilities of Chief Information Security Officers have expanded beyond traditional IT security to encompass a broader governance, risk management, and compliance role. The infamous SolarWinds Corp. attack illustrates the complex cybersecurity landscape CISOs navigate.
GIPA litigation remains in its early stages, but the possibility of exorbitant statutory damages could make GIPA the next major trend in privacy class action litigation.
The guidance mirrors the recent, broader impulse among U.S. prosecutors and regulatory agencies to extend application of U.S. law to foreign persons and entities, even when those persons and entities have only threadbare connections to the U.S.
