United States:
SEC Reaffirms Commitment To Pursuing Actions Over Cyber Reporting
16 June 2017
by
Daniel J. McLoon
,
Jonathon Little
,
Todd McClelland
,
Adam Salter
,
Undine Von Diemar
,
Olivier Haas
,
Richard Johnson
,
Mauricio Paez
,
Kevin Lyles
,
Jeff Rabkin
,
Michiru Takahashi
,
Jörg Hladjk
,
Anand Varadarajan
and
Nicole Perry
Jones Day
To print this article, all you need is to be registered or login on Mondaq.com.
On April 20, in response to a Jones Day moderator at the 2017 IAPP Global
Privacy Summit, the Securities and Exchange Commission's
("SEC") Acting Enforcement Director commented on the
absence of SEC actions against public companies for failing to
report cyber incidents and risks. She noted that the absence should
not be mistaken for the agency's unwillingness to bring such
actions, but she added that "we [SEC] are not looking to
second-guess good-faith disclosure decisions."
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from United States
State Data Breach Notification Laws
Foley & Lardner
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice.