High-profile data breaches seem to hit the headlines almost every day. These breaches have proved terrifying for many companies, particularly as the attackers release embarrassing emails and other information. The frequency of attacks is accelerating. Respondents from a PricewaterhouseCoopers survey (PwC) reported (click the report) a 38 percent increase in cyber-attacks from 2014. Companies
Clare M. Lewis
Clare represents venture capital and private equity fund investors, as well as emerging growth and middle market companies, generally and in connection with mergers and acquisitions, equity financings, corporate governance, fund formations and other specialist matters. Having represented companies, investors, and lenders, as well as both financial and strategic buyers and sellers, Clare has experience with many sides and aspects of capital raising, strategic partnering and mergers and acquisitions.
Rhode Island Governor Signs Comprehensive Identity Theft Protection Act
On June 26, Rhode Island Governor Gina Raimondo (D) signed into law Senate Bill 0134, the Rhode Island Identity Theft Protection Act of 2015 (the Act), which clarifies data security measures, expands protection to health data and information in paper form, sets a 45-day notice deadline, requires notification to the state attorney general for some…
Fitbit IPO Cyber Risk Disclosures
Earlier this month, fitness-tracking company Fitbit, Inc. filed a Form S-1 Registration Statement for an IPO of up to $100 million that exhaustively disclosed potential cybersecurity risks with respect to the personal data the company collects. As businesses collect and process voluminous amounts of consumer data, and as data breaches become more widespread, registration statement…
Virginia Workplace Social Media Password Privacy Bill Signed
On March 23, 2015, Virginia Gov. Terry McAuliffe approved a social media password privacy bill (H.B. 2081) that limits employers access to employees’ and job applicants’ personal social media accounts. Effective July 1, Virginia employers are prohibited from requiring current or prospective employees to share login credentials or add a supervisor as a contact on…
Spanish Data Protection Authority Issues New Privacy Guidelines
The Spanish Data Protection Agency (AEPD) recently issued new privacy guidelines designed to identify and avoid privacy risks. The AEPD’s guidance on data protection impact assessments (PIAs) encourages privacy by design – i.e., building privacy protections into products or services and maintaining throughout their life. Since PIAs are commonly used in the U.S. and…