Background
On November 5, 2017 the International Consortium of Investigative Journalists (“ICIJ”) released the “Paradise Papers,” a collection of 13.4 million files that appear to have been hacked from offshore service providers and company registries in 19 tax haven jurisdictions.  Of these 13.4 million files, approximately seven million were obtained … Read More

On Halloween, the New York and Vermont attorneys general obtained a $700,000 settlement from Hilton for, among other violations, late breach notification.  Davis Polk has published a blog post on this increase in cyber regulation enforcement and the effect on breach notification deadlines.  The full blog post is available at … Read More

On October 23, 2017, the Reserve Bank of India (“RBI”) announced that it was fining India’s Yes Bank $1 million USD for failing to comply with RBI’s breach notification requirement, among other violations. Davis Polk has published a blog post on this escalation in breach notification enforcement and what it … Read More

During congressional hearings earlier this month, senators grilled Richard Smith, the former Equifax CEO, on the company’s reporting structure for cybersecurity; specifically, on the appropriateness of Equifax’s CISO reporting to the general counsel.  Davis Polk has published a blog post on the reporting structure for CISOs and factors companies should … Read More

The Davis Polk Cybersecurity Team recently blogged about the breach of the SEC’s EDGAR database:

“…The SEC does not believe that personally identifiable information was exposed, but the investigation is still ongoing and raises questions regarding government agencies’ obligations to protect sensitive information, and the potential litigation challenges facing individuals … Read More

Wednesday, October 11, 2017
12:00 pm – 1:00 pm ET

Register for Webcast

Please join us for a discussion on the evolving law and practice on the document management aspects of cyber security, including:

  • Regulators’ expectation for companies regarding deleting old non-public data to reduce cyber risk.
  • The interactions between
Read More

Yesterday, the Commodity Futures Trading Commission brought an enforcement action against the operators of an alleged Ponzi scheme who, according to the allegations, collected approximately $600,000 from 80 investors in a pooled fund to invest in bitcoin under a high-frequency, algorithmic trading strategy. The operators instead allegedly misappropriated the funds … Read More

In a much-anticipated action, on July 25 the SEC issued a Section 21(a) report of its investigation into an offering of digital tokens by “The DAO,” an unincorporated virtual organization. Though declining to take enforcement action against The DAO, the SEC used the opportunity to warn others engaged in similar … Read More