On April 24, 2018, Altaba, formerly known as Yahoo, entered into a settlement with the Securities and Exchange Commission (the “SEC”), pursuant to which Altaba agreed to pay $35 million to resolve allegations that Yahoo violated federal securities laws in connection with the disclosure of the 2014 data breach of its user database.  The case represents the first time a public company has been charged by the SEC for failing to adequately disclose a cyber breach, an area that is expected to face continued heightened scrutiny as enforcement authorities and the public are increasingly focused on the actions taken by companies in response to such incidents.  Altaba’s settlement with the SEC, coming on the heels of its agreement to pay $80 million to civil class action plaintiffs alleging similar disclosure violations, underscores the increasing potential legal exposure for companies based on failing to properly disclose cybersecurity risks and incidents.

Please click here to read the full alert memorandum.

As the implementation of China’s first comprehensive cybersecurity law (the “CCL”) progresses, concern is mounting in the international business community regarding the law’s expansive scope, prescriptive requirements and lack of clarity on a range of critical issues. Vocalizing such concern, on September 25, 2017, the United States government asked China to halt its implementation of the CCL and highlighted potential issues with the CCL to members of the World Trade Organization. Since the CCL’s passage, several regulations have been released by the principal agency responsible for its implementation that were intended to implement the provisions of the CCL, but in some cases appear to have further expanded its scope while leaving some critical questions unanswered. In the face of such uncertainties, foreign companies operating in China are advised to familiarize themselves with the requirements of the CCL and its implementation rules and adopt measures to enhance their preparedness for the full implementation of the CCL.

Click here, to continue reading.

For additional coverage of topics related to cybersecurity and privacy, we invite you to subscribe to our Cybersecurity and Privacy Watch blog, here.