Focused On Privacy

cybersecurity

  • Erin Illman Added to Chambers Global List for Privacy and Data Security

    Erin Illman Added to Chambers Global List for Privacy and Data Security

    I am thrilled to be recognized in the Chambers Global List for Privacy and Data Security: Cybersecurity, highlighting top lawyers and firms based on extensive research and recommendations.

  • CISA Hits Pause: Industry Gets Another Say on Cyber Incident Rule

    CISA Hits Pause: Industry Gets Another Say on Cyber Incident Rule

    CISA is seeking stakeholder feedback on its proposed rule under the Cyber Incident Reporting for Critical Infrastructure Act of 2022. Town hall meetings in March aim to refine the rule’s scope, address compliance concerns, and clarify requirements related to significant cyber incidents.

  • The New Wave of “Shine the Light” Demand Letters under California Law

    The New Wave of “Shine the Light” Demand Letters under California Law

    Although the California Consumer Privacy Act, as amended by the California Privacy Rights Act, (“CCPA”) is the first thing that comes to mind when asked about privacy rights in California, there is another long-standing privacy statute commonly known as the “Shine the Light” (STL) law, codified at California Civil Code § 1798.83 that is seeking…

  • Happy Data Privacy Week! Celebrate this year’s theme.

    Happy Data Privacy Week! Celebrate this year’s theme.

    Today we kick off 2025’s Data Privacy Week, which focuses attention on data governance practices, education, and action items to bolster data privacy and data protection for businesses and individuals, alike. As part of the designation, the National Cybersecurity Alliance has announced that this year’s Data Privacy Week theme is Take Control of Your Data. An…

  • California Usurps Federal Privacy Action (Again)

    California Usurps Federal Privacy Action (Again)

    Most Americans expect the federal government to be involved in international agreements on individual rights affecting U.S. citizens. California has partnered with France on data privacy protections, following the cancellation of a federal privacy rights act discussion. This collaboration signals a shift towards more cohesive global privacy regulations and may influence California’s privacy legislation approach.

  • SEC Guidance: Providing Clarity on Private Sharing of Cybersecurity Incident Information

    SEC Guidance: Providing Clarity on Private Sharing of Cybersecurity Incident Information

    In July 2023, the SEC mandated public companies to annually disclose material cybersecurity incidents and risk management details to protect investors. The new rules aim for consistent disclosure and timely reporting within four business days, but caused confusion about how these disclosures may prohibit or limit the ability to discuss additional details as part of…

  • Privacy and Cybersecurity: Two Very Different Sides of the Same Coin

    Privacy and Cybersecurity: Two Very Different Sides of the Same Coin

    Cybersecurity and privacy are often used interchangeably within business organizations because they both refer to how businesses protect personal data. However, there are also several substantial distinctions between the concepts of privacy and cybersecurity. In this post, I explain the differences between privacy and cybersecurity and do a deeper dive into cybersecurity as a legal…