Happy e-Discovery Day! On December 4, 2025, legal professionals around the globe will unite to celebrate e-Discovery Day, a day where we honor the pivotal 2006 amendments to the Federal Rules of Civil Procedure (FRCP) that marked a turning point
NYDFS releases guidance on third-party service provider risks
On October 21, 2025, the New York Department of Financial Services (NYDFS) issued guidance to help licensees comply with its cybersecurity regulation. The non-exclusive checklists may be of interest to companies not licensed by NYDFS and even those not
Text messages and the new Texas registration requirement
On September 1, 2025, Texas amended its telephone solicitation law to include text messages and to add several new requirements, including a registration requirement with the Texas Secretary of State, plus a form of security (such as a bond) in
NYDFS fines licensee $2 million for lack of email retention policy and MFA
On August 14, 2025, the New York Department of Financial Services (“NYDFS”) entered into a consent order with Healthplex, Inc, (“Healthplex”), which is licensed by NYDFS as an independent claims adjuster and as a life and/or accident health insurance agent.
New Jersey’s proposed privacy rules include some surprises
On June 2, 2025, the New Jersey Attorney General’s Division of Consumer Affairs released proposed rules (57 N.J.R. 1101(a)) pursuant to the New Jersey Data Privacy Act (N.J.S.A. 56:8-166.4 et seq.). Although the proposed rules have many similarities to California’s
FTC’s COPPA Rule changes include AI training consent requirement
The Federal Trade Commission has published a Final Rule relating to changes in the Children’s Online Privacy Protection Act (“COPPA”) regulations, which will go into effect on Monday, June 23, 2025. The final Rule generally provides 365 days from the
North Dakota law heightens data security requirements for some financial institutions
Background
On January 7, 2025, North Dakota’s House Industry, Business, and Labor Committee introduced HB 1127, at the request of the Department of Financial Institutions. HB 1127 successfully passed through both legislative chambers and was signed into law by the
The differences between non-disclosure, exfiltration and notice – a court’s view
By David Kessler and Sue Ross
Although there is scant case law on the question, it is generally accepted that it is not a violation of one’s duty not to disclose information if it is stolen from you. Put another
Happy Information Governance Day
Happy February 20th and Information Governance Day! Today is an opportunity to reflect on the evolution of information governance and, more importantly, its future. In our view, information governance is in its ascendency and is only becoming more and
FTC settlement requires disconnection of hardware from all no longer supported software
On January 16, 2025, the FTC announced a proposed complaint and consent agreement with one of the largest hosting companies in the world: GoDaddy. According to the complaint, the FTC found GoDaddy’s security practices “unreasonable for a company of its