What the Proposed North Carolina Regulatory Sandbox Could Mean for Fintech and the Financial Services CommunityTechnology is booming and financial technology (“fintech”) is advancing society in new and innovative ways. In 2021 alone, North Carolina has been the target for some very high-profile technology announcements, including Google’s plans to open a cloud engineering hub in Durham and Apple’s new campus in Research Triangle Park. Given the upward trajectory of this

New Cyber Insurance Risk Framework Provides Best Practices for the Insurance IndustryThe cyber insurance market size is currently valued in the billions, and this does not include insurance policies that do not explicitly mention cyber incidents but may nevertheless cover them. With this in mind, policyholders and insurance carriers should be aware of the recently released Cyber Insurance Framework (the “Framework”) issued by the New York

The Perils of Responding to Cyber-Incidents Just Got More ComplicatedIt’s 8 a.m., and you just learned that a material cyber-incident occurred in your organization. You fire up your Incident Response Plan. You engage outside counsel, and outside counsel engages a forensic firm. Your company, your outside counsel, and your forensic firm all sign an agreement that the forensic firm will work at the direction

What You Need to Know About Address Confidentiality Programs

The High-Stakes Compliance Risk You Probably Haven’t Heard Of

This is the first installment in Bradley’s series on Address Confidentiality Programs.

While many businesses have been focused on CCPA compliance, there is another set of state privacy laws that may be flying under your organization’s radar. These lesser known statutes are often referred to as

The Top 5 Reasons Your CCPA Work Is Far from OverSo, you managed to get your California Consumer Privacy Act disclosures and privacy policy up on your website and you can finally take some much-needed rest, right? Think again. And no, it’s not because of the “CCPA-like” statutes coming to a state near you that you’re undoubtedly reading about (and yes, they are coming). It’s

California’s Bot Transparency Law Goes into Effect on July 1, 2019California wants to ensure that consumers know what they are talking to.

On July 1, 2019, California’s new bot disclosure law will take effect, requiring bots to be upfront about their inhumanity.  The law prohibits bots from communicating with a person in California with the intent to mislead as to their artificial identity for the

New “Do Not Sell” Nevada Privacy Law Requirement Rolls Out Ahead of CCPA DeadlineStates across the country are floating privacy-related legislation in many forms, and California continues to consider many potential amendments to the landmark California Consumer Privacy Act (Cal. Civ. Code 1798.100 et seq., “CCPA”), which goes into effect on January 1, 2020. On May 30, a law of significance to sellers of consumer personal information was

New Year, New Data Security Requirement: South Carolina Adopts New Data Security LawOn January 1st, South Carolina became the first state to adopt the model insurance data security law requiring certain insurance licensees to investigate and report cybersecurity events in the state of South Carolina. The law also requires licensees to develop, implement and maintain written information security programs that are tailored to the size,

To Catch a Terrorist – Innovation, AI, and Public/Private Partnerships in the World of BSA/AMLOn the heels of FinCen and Federal Banking Agencies releasing a joint statement “Encouraging Innovative Industry Approaches to AML Compliance,” Under Secretary for Terrorism and Financial Intelligence Sigal Mandelker announced a new collaborative era during the American Bankers Association’s Financial Crimes Conference, and emphasized the need for private/governmental working relationships and partnerships in order to

Canadian Confidential: Mandatory Data Breach Notifications under PIPEDAWhile businesses and consumers were all agog to see the latest variation of the California Consumer Privacy Act passed earlier this year, Canada quietly introduced its latest permutation to the Personal Information Protection and Electronic Documents Act (PIPEDA), which imposes new mandatory breach notification obligations on companies engaged in the collection of Canadians’ personal information.