New York’s Department of Financial Services Seeks Comment on the Use of Artificial Intelligence in Insurance Underwriting and Pricing
Patterson Belknap | Data Security Law Blog
by Michael F. Buchanan, Newton Portorreal, Jr.
3w ago
The New York State Department of Financial Services (“DFS”) has entered its voice regarding the use of artificial intelligence (“AI”) by insurers by issuing for public comment a proposed circular letter addressing the use of artificial intelligence, specifically external consumer data and information sources (“ECDIS”) and artificial intelligence systems (“AIS”),  by licensed insurers (the “Circular Letter”).  The Circular Letter defined ECDIS as “data or information used – in whole or in part – to supplement traditional medical, property or casualty underwriting or pricing, as a prox ..read more
Visit website
Markets Promptly See Effect of New SEC Cybersecurity Disclosure Rules
Patterson Belknap | Data Security Law Blog
by H. Gregory Baker, Alejandro H. Cruz, David Erroll
3w ago
On December 18, 2023, prior to the trading session, VF Corp. (NYSE:VFC) issued a press release disclosing that the company was investigating unauthorized activity on its computer systems – and that the intrusion had encrypted some systems and compromised data. [1] The SEC Cited a Number of Factors that Magnify Cybersecurity Risks for Investors: Increased digitalization of operations; Growth of remote work; Ability of criminals to monetize cybersecurity incidents; Use of digital payments; and Increasing reliance on third party IT service providers.[2] As the parent company of numerous iconic ..read more
Visit website
Multistate Coalition of State Attorneys General Secures $49.5 Million from Cloud Company Blackbaud for 2020 Data Breach
Patterson Belknap | Data Security Law Blog
by Alejandro H. Cruz, Sara A. Arrow
3w ago
State regulators across the country continue to increase their focus on cyber security and data privacy compliance and enforcement.  For years, cloud company Blackbaud, a service provider to thousands of nonprofit enterprises, has been in the news following its 2020 disclosure of a massive data breach that impacted over 13,000 Blackbaud customers.  The fallout from that breach has included both private civil litigation and federal inquiries.  Most recently, New York State Attorney General Letitia James, as part of a multistate coalition of 50 attorneys general (the “AGs”), reach ..read more
Visit website
Implementation of DFS Cybersecurity Amendments Continues as Ransomware Attacks Dominate Headlines
Patterson Belknap | Data Security Law Blog
by Alejandro H. Cruz, Sean Lau
3w ago
Last month, as the New York State Department of Financial Services (“DFS”) began phasing in amended cybersecurity regulations and continued enforcement actions against noncompliant entities, a wave of ransomware attacks roiled several high-profile businesses.  The concurrent developments underscore the need for vigilance, not only in response to savvy threat actors, but with respect to a rapidly evolving regulatory scene. On November 1, 2023, DFS amended its cybersecurity regulations, which apply to the financial services industry, including New York branches of foreign banks.  We pr ..read more
Visit website
New York’s Department of Financial Services Amplifies its Cybersecurity Regulations
Patterson Belknap | Data Security Law Blog
by Alejandro H. Cruz, W. Scott Kim
3w ago
On November 1, 2023, the New York State Department of Financial Services (“DFS”) amended its cybersecurity regulations to institute additional standards and controls aimed at securing sensitive data among the financial services industry.  The amendments require more robust governance, additional controls to prevent and mitigate cyber-attacks, enhanced risk and vulnerability assessments, rapid notification for ransomware attacks, and new training for personnel.  DFS’s cybersecurity regulations were the first in the nation to mandate a comprehensive program of technical and governance ..read more
Visit website
Biden Administration Issues Executive Order Regarding Safety, Security, and Trustworthiness of AI
Patterson Belknap | Data Security Law Blog
by Michael F. Buchanan, Gizele Rubeiz
3w ago
On October 30, 2023, the White House issued an Executive Order to address the growing innovations—and attendant concerns—regarding artificial intelligence (“AI”).  The Executive Order is the first federal attempt to broadly address AI, but it certainly won’t be the last.  The Executive Order targeted six goals for the development of standards, legislation, policies, guidance, and best practices: establishing new safety and security standards, protecting individual’s privacy, advancing civil rights and equity, ensuring protections for consumers and workers, promoting innovation and co ..read more
Visit website
House Subcommittees Hold Hearing on Combating Ransomware Attacks
Patterson Belknap | Data Security Law Blog
by Michael F. Buchanan, Sean Lau
3w ago
In late September, two subcommittees of the U.S. House of Representatives held a joint hearing on responding to ransomware attacks.  The hearing—held by the Subcommittee on Cybersecurity, Information Technology, and Government Innovation and the Subcommittee on Economic Growth, Energy Policy, and Regulatory Affairs—signals intense interest by policymakers in preventing the enormous disruptions that threat actors can inflict on both the public and private sectors.  We report on three themes recurring throughout the hearing. A first theme concerned the role of operating budgets in ..read more
Visit website
Zoom Reverses Course on Contemplated Use of Customer Content to Train Artificial Intelligence
Patterson Belknap | Data Security Law Blog
by Christina Seda-Acosta, Sean Lau
3w ago
Zoom’s recent reversal on changes to its terms of service illustrates both data security and privacy minefields particular to the growth of generative AI. Previously, the terms of service of the popular videoconferencing technology stated that it would treat users’ non-public information as confidential.  On March 31, Zoom quietly amended those terms, including by giving itself the right to preserve, process, and disclose “Customer Content” for a range of purposes, including “machine learning” and “artificial intelligence.”  Customer Content included any data or materials originating ..read more
Visit website
New SEC Rules Required Public Companies to Promptly Disclose Cyberattacks
Patterson Belknap | Data Security Law Blog
by Michael F. Buchanan, Rhoda Hassan
3w ago
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted rules requiring public companies to promptly disclose material cybersecurity breaches on Form 8-K and detailed information regarding their cybersecurity risk management and governance in their annual reports on Form 10-K. Such disclosures are to be made in new Item 1.05 of Form 8-K and new Regulation S-K Item 106 included in Form 10-K. These new rules follow a push from the SEC to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and material cybersecurity incidents by ..read more
Visit website
Court Blocks Enforcement of California’s New Data Privacy Regulations—For Now
Patterson Belknap | Data Security Law Blog
by Michael F. Buchanan, Alejandro H. Cruz
3w ago
On June 30, 2023, the California Superior Court issued a decision blocking the California Privacy Protection Agency (“CPPA” or the “Agency”) from enforcing new regulations governing the collection and use of consumer data until March 2024. The CPPA was set to start enforcing the final regulations this month.  But the California Chamber of Commerce sued, arguing that the underlying law—the California Privacy Rights Act (“CPRA”)—required the Agency to provide businesses with more time to prepare to comply with the new regulations before enforcement could begin.  The court agreed, holdi ..read more
Visit website

Follow Patterson Belknap | Data Security Law Blog on FeedSpot

Continue with Google
Continue with Apple
OR