Regulation

Features

Companies should be going above and beyond what's legally required to earn leniency from the SEC, its top enforcement official said at a gathering of white collar defense attorneys and in-house counsel

Features

Regulators worldwide — not just in the United States — are putting in place new programs and policies that will make steering clear of enforcement bunkers even more difficult. And one of the most worrisome, according to corporate attorneys, is a new DOJ pilot program that will provide stronger incentives for whistleblowers to rat out their co-workers and employers for misconduct.

Features

Nearly six months after the Cyberspace Administration of China (CAC) was first introduced for public consultation, the much-awaited final rules on Regulating and Facilitating Cross-border Data Flows were published and came into effect on March 22, 2024. The New Regulations largely repeat the Draft Regulations, but now have further relaxed personal data exports from China.

Features

In an era where digital threats loom large, the responsibilities of Chief Information Security Officers have expanded beyond traditional IT security to encompass a broader governance, risk management, and compliance role. The infamous SolarWinds Corp. attack illustrates the complex cybersecurity landscape CISOs navigate.

Features

GIPA litigation remains in its early stages, but the possibility of exorbitant statutory damages could make GIPA the next major trend in privacy class action litigation.

Features

The guidance mirrors the recent, broader impulse among U.S. prosecutors and regulatory agencies to extend application of U.S. law to foreign persons and entities, even when those persons and entities have only threadbare connections to the U.S.

Features

With a view toward injecting some modicum of clarity into the volatile arena of NIL, a plethora of legislation has been enacted at the state level and proposed at the federal level.

Features

With the first cybersecurity rule for public companies, and the landscape of ongoing scrutiny and enforcement, SEC registrants should not lose time in reviewing their cybersecurity postures and policies to ensure compliance and, even ahead of formal adoption of certain still-pending rules, align with best practices.