This Locke Lord memo highlights that all 50 states now have data breach notification laws, and several states have recently amended their laws (including Delaware). Most states require companies to notify the state attorney general or regulator of a breach, in addition to the affected individuals – and a growing number outline how companies should handle data security. Meanwhile, This D&O Diary blog & NYT article discuss California’s new “GDPR-like” privacy law, to take effect in 2020 – which also heightens liability exposure for companies.
And for public companies, there’s a really important corollary to these laws, which often gets lost in the shuffle – information from state notices can find its way to the market even if you don’t file a Form 8-K. SEC Commissioner Robert Jackson has noted that this presents an arbitrage opportunity – and may weigh in favor of proactive, voluntary disclosure.
See our “Cybersecurity” Practice Area for the latest info – including this handy chart from Perkins Coie and this Cleary Gottlieb memo for key US & EU notice requirements. And as I previously blogged on “The Mentor Blog,” Reed Smith also has an app to help parse state law notice requirements…
Cybersecurity Committees: On the Rise
This Kral Ussery memo summarizes the growing trend of standalone cybersecurity committees. Although most companies still assign cybersecurity oversight to the audit committee due to that committee’s involvement with SEC disclosure, audit committees have growing workloads and cybersecurity is an increasingly demanding topic. The memo identifies ten companies that have standing cybersecurity committees – five of which were created in the last year.
Tomorrow’s Webcast: “Retaining Key Employees in a Deal”
Tune in tomorrow for the DealLawyers.com webcast – “Retaining Key Employees in a Deal” to hear Morgan Lewis’ Jeanie Cogill, Andrews Kurth Kenyon’s Tony Eppert, & Proskauer’s Josh Miller discuss the latest developments on compensation strategies to retain key employees in M&A transactions.
– Liz Dunshee