Photo of Brandon Robinson

The Federal Financial Institutions Examination Council (FFIEC) has issued a joint statement providing guidance for financial institutions about the role of cyber insurance in risk management of informational technology systems. The FFIEC comprises the principals of the following: The Board of Governors of the Federal Reserve System, Federal Deposit Insurance Corporation, National Credit Union Administration,

On Wednesday, March 28, 2018, the Alabama Data Breach Notification Act of 2018 (SB318) was signed into law by the Governor, making Alabama round out the roster of 50 states with data breach notification laws.  (South Dakota’s data breach notification was signed by its governor on March 21, 2018, making it the 49

On February 21, 2018, the Securities and Exchange Commission (SEC) published a release entitled “Commission Statement and Guidance on Public Company Cybersecurity Disclosures” (“Release”).  Designed to assist public companies in preparing disclosures concerning cybersecurity risk and incidents, the release expands upon the SEC’s previous guidance in 2011 to emphasize particular areas, including board

A Berlin regional court recently ruled that Facebook’s use of personal data was illegal because the social media platform did not adequately secure the informed consent of its users. A German consumer rights group, the Federal of German Consumer Organisations (vzvb) said that Facebook’s default settings and some of its terms of service were in

With the May 25, 2018 deadline quickly approaching, many businesses are scrambling to prepare for compliance with the EU’s General Data Protection Regulation (GDPR), and questions and conversations are heating up.  Still others are still trying to wrap their arms around what GDPR is and what it means for U.S. businesses.  For those of you

Today, the FTC issued its National Do Not Call Registry Data book for Fiscal Year 2017 (October 1, 2016 to September 30, 2017).

The National Do Not Call Registry Data Book contains statistical data about phone numbers on the Registry, telemarketers and sellers accessing phone numbers on the Registry, and complaints consumers submit to the

Today, the FCC voted to pass the Restoring Internet Freedom order, which repeals the 2015 “net neutrality” rules and reverts back to the “light regulatory” touch the FCC previously had in place regarding internet service providers (“ISPs”).  Of primary importance, the FCC restored the classification of Broadband Internet Access Services as “information services” under Title

Yesterday, the Federal Trade Commission (FTC) and Federal Communications Commission (FCC) announced their intent to coordinate which of the two agencies would coordinate online consumer protection efforts following the adoption of the Restore Internet Freedom Order, and published a draft Memorandum of Understanding (MOU) that outlines those efforts.

The draft MOU outlines a number of

On December 5, 2017, NIST published a revised version of the NIST Cybersecurity Framework (i.e., Draft 2 of Version 1.1) (“Framework”).  According to NIST, Version 1.1 of the Framework refines, clarifies, and enhances Version 1.0 of the Framework issued in February 2014, and the recently published Draft 2 of Version 1.1 is informed by over