On March 7, 2018, Hunton & Williams LLP hosted a webinar with partners Lisa Sotto, Aaron Simpson and Scott Kimpel, and senior associate Brittany Bacon on the Securities and Exchange Commission’s (“SEC’s”) recently released cybersecurity guidance. For the first time since its last major staff pronouncement on cybersecurity in 2011, the SEC has released new interpretive guidance for public companies that will change the way issuers approach cybersecurity risk. Continue Reading Webinar Recording Available on SEC Cybersecurity Guidance
On February 6, 2018, the Federal Trade Commission (“FTC”) released its agenda for PrivacyCon 2018, which will take place on February 28. Following recent FTC trends, PrivacyCon 2018 will focus on privacy and data security considerations associated with emerging technologies, including the Internet of Things, artificial intelligence and virtual reality. The event will feature four panel presentations by over 20 researchers, including (1) collection, exfiltration and leakage of private information; (2) consumer preferences, expectations and behaviors; (3) economics, markets and experiments and (4) tools and ratings for privacy management. The FTC’s press release emphasizes the event’s focus on the economics of privacy, including “how to quantify the harms that result when companies fail to secure consumer information, and how to balance the costs and benefits of privacy-protective technologies and practices.” Continue Reading FTC Releases PrivacyCon 2018 Agenda
On December 12, 2017, the Federal Trade Commission hosted a workshop on informational injury in Washington, D.C., where industry experts, policymakers, researchers and legal professionals considered how to best characterize and measure potential injuries and resulting harms to consumers when information about them is misused or inappropriately protected. Continue Reading FTC Hosts Workshop on Informational Injury
On December 11, 2017, Lisa Sotto, chair of Hunton & Williams LLP’s Global Privacy and Cybersecurity practice, was one of 54 women in the legal profession honored at the New York County Lawyers Association’s (“NYCLA’s) 103rd annual dinner. “NYCLA has long been at the forefront of equality…At this year’s annual dinner, we are thrilled to honor the contributions of women lawyers and focus a spotlight on their accomplishments,” said NYCLA President Michael McNamara. Among the women honored were judges, prosecutors, district attorneys, general counsel, partners and executives.
On November 3, 2017, Securityroundtable.org published an article highlighting the vulnerabilities businesses face in a world of e-commerce and interconnectivity, and spotlighted a crisis-planning panel hosted by Hunton & Williams held on November 1. Speakers at the event included Lisa Sotto, chair of the Global Privacy and Cybersecurity practice at Hunton & Williams; Eric Friedberg, Co-President of Stroz Friedberg; Stephen Gannon, General Counsel and Chief Legal Officer of Citizens Financial Group; Rick Howard, Chief Security Officer of Palo Alto Networks; Bryan Rose, Managing Director of Stroz Friedberg; Ari Mahairas, Special Agent in Charge of Special Operations/Cyber Division of the FBI; Walter Andrews, Partner at Hunton & Williams; and Tom Ricketts, Senior Vice President and Executive Director of Aon Risk Solutions. Continue Reading Hunton Privacy and Insurance Leaders Address Prevention and Insurability of Cyber Attacks
On October 4, 2017, the Federal Trade Commission and the Department of Education (“DOE”) announced that they will co-host a workshop to explore privacy issues related to education technology. The Ed Tech Workshop, which will take place on December 1, 2017 in Washington, D.C., will examine how the FTC’s Rule implementing the Children’s Online Privacy Protection Act (“COPPA”) applies to schools and intersects with the Family Educational Rights and Privacy Act (“FERPA”), which is administered by the DOE.
Last week, at the 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong, data protection authorities from around the world issued non-binding guidance on the processing of personal data collected by connected cars (the “Guidance”). Noting the ubiquity of connected cars and the rapidity of the industry’s evolution, the officials voiced their collective concern about potential risks to consumers’ data privacy and security. The Guidance identifies as its main concern the lack of available information, user choice, data control and valid consent mechanisms for consumers to control the access to and use of their vehicle and driving-related data. Building on existing international guidelines and resolutions, the Guidance urges the automobile industry to follow privacy by design principles “at every stage of the creation and development of new devices or services.”
Last week, the Centre for Information Policy Leadership (“CIPL”) and several privacy team members at Hunton & Williams LLP attended the 39th International Conference of Data Protection and Privacy Commissioners in Hong Kong (the “Conference”). The weeklong event hosted by Stephen Kai-yi Wong, Privacy Commissioner for Personal Data, Hong Kong was attended by over 3000 privacy professionals from data protection authorities (“DPAs”), industry and research sectors. CIPL hosted two events at the conference, as well as a joint roundtable with Hunton & Williams and Citibank, throughout the week.
The Federal Trade Commission will host a workshop on informational injury on December 12, 2017. The FTC’s three main goals for hosting the workshop are to:
- “Better identify the qualitatively different types of injury to consumers and businesses from privacy and data security incidents;”
- “Explore frameworks for how the FTC might approach quantitatively measuring such injuries and estimate the risk of their occurrence;” and
- “Better understand how consumers and businesses weigh these injuries and risks when evaluating the tradeoffs to sharing, collecting, storing and using information.”
On September 18, 2017, the European Commission (“Commission”) and U.S. Department of Commerce (“Department”) kicked off their first annual joint review of the EU-U.S. Privacy Shield (“Privacy Shield”). To aid in the review, the Department invited a few industry leaders, including Hunton & Williams’ partner Lisa J. Sotto, who chairs the firm’s Global Privacy and Cybersecurity practice and the U.S. Department of Homeland Security’s Data Privacy and Integrity Advisory Committee, to speak about their experiences during the first year of the Privacy Shield.