A recent announcement by California Attorney General Rob Bonta may curtail the relief experienced by California’s largest employers who are benefitting from the delayed enforcement of the newest California Consumer Privacy Act (“CCPA”) regulations. Continue Reading CCPA Relief at Risk: California Attorney General Announces New Investigative Sweep
Much ink has been spilled over the Executive Order Enhancing Safeguards for United States Signals Intelligence Activities (the “Executive Order”) signed by President Biden in early October. The Executive Order is supposed to establish the United States’ commitments reflected in the March 25, 2022 joint EU-U.S. announcement of the Trans-Atlantic Data Privacy Framework (the “Framework”). While the Framework is described as an “agreement in principle” to facilitate cross-border transfer of personal data, the Executive Order is supposed to go further, toward actually implementing the promised protective measures. But does it?
Continue Reading Does the Latest Move in Trans-Atlantic Privacy Really Change the Game?
A recent criminal verdict against a former Uber executive highlights the serious potential risks associated with concealing data breaches and using “bug bounty” programs as a means to hide hacking by threat actors. In early October, former Uber chief security officer Joe Sullivan was convicted of federal charges by unanimous verdict after four days of deliberation. The charges stemmed from payments Sullivan authorized to two hackers who breached the company’s data in 2016. This conviction came as a surprise to many security professionals. Many anticipated his acquittal because Sullivan had kept Uber’s CEO and others who were not charged informed of his actions. However, highlighting the insufficiency of this approach, Sullivan was found guilty of obstructing justice for failing to inform the Federal Trade Commission of the breach and of actively hiding a felony.
Continue Reading Sweeping Data Breaches Under the Bug Bounty Rug: Verdict against former Uber chief security officer highlights the risk of personal criminal liability for executives