John Busch

Subscribe to all posts by John Busch

New FTC Provides Insights Into Its Plan for a Balanced Approach to Data Privacy and Security

Photo of Carolina AlonsoBy Alan L. Friel, John Busch and Carolina Alonso on Posted in Federal Legislation, GDPR, Online Privacy
This year brought unprecedented focus on consumer privacy – the rollout of the European Union General Data Protection Regulation (GDPR), the Cambridge Analytica controversy and Congressional hearings, a GDPR-light law coming out of California, more and bigger security incidents, and multiple proposals for an omnibus federal data protection law. The Federal Trade Commission (FTC or … Continue Reading

Broker-Dealer and Investment Adviser Agrees to Settle SEC Enforcement Action Arising From a Data Security Incident

By Will R. Daugherty and John Busch on Posted in Enforcement, Incident Response
The U.S. Securities and Exchange Commission (SEC) recently announced a consent order settling an enforcement action brought by the SEC against Voya Financial Advisors Inc. (VFA) in connection with a data security incident that occurred in 2016. VFA is a registered broker-dealer and investment adviser with the SEC. The order memorializes the SEC’s agreement to … Continue Reading

Department of Justice Releases Attorney General’s First Cyber-Digital Task Force Report

By John Busch on Posted in Cybersecurity
The Department of Justice recently released its comprehensive assessment of cyber threats in the United States, titled “Report of the Attorney General’s Cyber-Digital Task Force.” The Report is the result of the establishment of the Attorney General’s Cyber-Digital Task Force by the Department in February 2018. Attorney General Jeff Sessions directed the Task Force to … Continue Reading

The Weekly Privacy Rewind

By Aaron Lancaster and John Busch on Posted in Weekly Privacy Rewind
Class Actions Finkly & Sons Co. Faces Illinois Biometric Information Privacy Act Class Action • A former employee of steelmaker A. Finkly & Sons Co. filed a putative class action against the company in Cook County, Illinois, for violations of the Illinois Biometric Information Privacy Act (BIPA). • The case alleges the company violated BIPA … Continue Reading

The Weekly Privacy Rewind

By John Busch and Aaron Lancaster on Posted in Data Breaches, GDPR, Online Privacy, Privacy Class Actions, State Legislation
Canada Canadian Banks Notify 90,000 Following Breach • Bank of Montreal and Canadian Imperial Bank of Commerce announced that they were contacted by hackers and informed that nearly 90,000 customers’ personal information was accessed. • The banks will notify customers of the breach and indicate they believe they have fixed the vulnerabilities that led to … Continue Reading

SEC Clarifies Existing Cybersecurity Disclosure Guidance

Photo of Craig A. HoffmanPhoto of Jonathan A. FormanBy Craig A. Hoffman, Jonathan A. Forman and John Busch on Posted in Cybersecurity, Data Breach Notification Laws
On February 21, 2018, the U.S. Securities and Exchange Commission (“SEC”) issued cybersecurity disclosure guidance for public companies (“SEC Guidance”) that, according to SEC Chair Jay Clayton, “reinforces and expands” on the SEC Division of Corporation Finance’s prior guidance from 2011 (“Corp Fin Guidance” as we previously covered) regarding disclosure requirements under the federal securities … Continue Reading

Looking Back: The Federal Trade Commission Issues Annual Data Privacy Report for 2017

By John Busch on Posted in Cybersecurity, Enforcement, News
On Jan. 18, 2018, the Federal Trade Commission (FTC) published its Annual Privacy and Data Security Update. The update is helpful to businesses in that it recaps the efforts and areas of involvement the FTC has targeted in the past year as well as guides data protection strategies for 2018. The report provides a detailed … Continue Reading

Coming Full Circle: FTC Recovers BIAS Regulation Jurisdiction Following FCC Vote

By John Busch and Alan L. Friel on Posted in Internet of Things
In a widely publicized decision, the Federal Communication Commission (FCC) voted on Dec. 14, 2017, to repeal the tenets of the Protecting and Promoting the Open Internet Order, or the Open Internet Order, of 2015. See Protecting and Promoting the Open Internet, Report and Order on Remand, 30 FCC Rcd. 5601 (2015). While many have … Continue Reading
LexBlog