Cybersecurity

July 17, 2020, Legaltech News

Kristof Van Quathem is quoted in Legaltech News regarding the continuation of shared data between the EU and the United States after the invalidation of the Privacy Shield. Mr. Van Quathem says companies are exploring encryption and other technical safeguards for EU data transferred to the U.S. He added that more organizations are also considering prohibiting ...

July 16, 2020, The Guardian

Lisa Peets spoke with The Guardian about the European Court of Justice’s decision to invalidate the EU-U.S. Privacy Shield, in which social media companies could be prevented from sending data to the United States from Europe. Ms. Peets says the ruling is not a total halt on data transfers between the EU and U.S. The court upheld the use of “standard contractual ...

July 16, 2020, Global Data Review

Lisa Peets is quoted in Global Data Review regarding the European Court of Justice’s decision to invalidate the EU-US Privacy Shield. Ms. Peets, who represented software trade body BSA as an intervening party, says companies are unlikely to immediately stop their SCCs – saying that “halting existing transfers would be all but impossible from a practical ...

July 16, 2020, Law360

Lisa Peets spoke with Law360 about European Court of Justice’s invalidation of the EU-U.S. Privacy Shield. Ms. Peets, who represented the Software Alliance, says the decision to reject the Privacy Shield without holding arguments on the merits of the tool — an issue that wasn't directly before the high court in this dispute — was “disappointing to many.” She ...

July 16, 2020, Law.com

Lisa Peets is quoted in Law.com regarding the European Court of Justice’s judgment in the EU-U.S. Privacy Shield. Ms. Peets says that the judgment means that the 5,000 or so U.S. companies signed up to the Privacy Shield will have to find an interim solution until EU and U.S. officials have worked out a new data protection deal. “The invalidation of the Privacy ...

July 1, 2020, Inside Privacy

In a new post on the Covington Energy & Environment Blog, our colleagues discuss the Federal Energy Regulatory Commission’s Notice of Inquiry on updating reliability standards related to cybersecurity, especially given the threat of a coordinated cyberattack targeting geographically distributed generation resources.  The Commission also issued a staff paper that ...

June 4, 2020, Med City News

Libbie Canter is quoted in Med City News regarding the privacy concerns for employers seeking to track employees in order to limit the spread of COVID-19. Ms. Canter says when it comes to contact tracing and location monitoring, companies should be cautious in the questions they ask and how much data they collect. She adds, “Companies need to think about not ...

May 27, 2020, The American Lawyer

Robert Kayihura is quoted in The American Lawyer regarding COVID-19's impact on the urgent need for African cyber laws. Mr. Kayihura says, “Only nine African countries have data protection legislation and another 22 have draft regulations pending.” He adds that the impetus for change appears to be increasing, not least by way of an ambitious plan to create a ...

May 19, 2020, Bloomberg

Daniel Cooper spoke with Bloomberg about new wearable technology devices that alert users when they are within close proximity of someone with COVID-19. Mr. Cooper notes that businesses are walking a fine line between keeping people safe and protecting their privacy. The absence of clear guidance from European regulators is forcing companies -- who could also be ...

May 15, 2020, Inside Privacy

On May 11, 2020, the State Cryptography Administration (“SCA”) and the State Administration for Market Regulation jointly issued the Commercial Encryption Product Certification Catalogue (First Batch) (“Product Catalogue”) and the Commercial Encryption Product Certification Measures (“Certification Measures”) (the announcement is available here), taking effect ...

May 12, 2020, Global Data Review

Libbie Canter is quoted in Global Data Review regarding a bill that would regulate contact-tracing apps and similar projects geared towards tracking the spread of COVID-19. Ms. Canter says the bill is narrow in scope, but where it does apply, the protections are stronger than those offered by state laws like the CCPA. She raises questions about how the bill ...

April 27, 2020, Inside Privacy

On April 27, 2020, the Cyberspace Administration of China (“CAC”) and other eleven government agencies jointly released the final version of the Measures on Cybersecurity Review (“Measures”) (an official Chinese version of the Measures is available here).  These Measures will take effect on June 1, 2020. Under Article 35 of China’s Cybersecurity Law (“CSL”), ...

April 20, 2020, Inside Privacy

On April 6, 2020, Tapplock, Inc., a Canadian maker of internet-connected smart locks, entered into a settlement with the Federal Trade Commission (“FTC”) to resolve allegations that the company deceived consumers by falsely claiming that it had implemented reasonable steps to secure user data and that its locks were “unbreakable.”  The FTC alleged that these...… ...

April 2, 2020, Inside Privacy

On 1 April 2020, the UK Supreme Court handed down its ruling in WM Morrison Supermarkets plc v Various Claimants [2020] UKSC 12.  The Court ruled that Morrisons was not vicariously liable for a data breach deliberately perpetrated by an employee.  The judgment is significant in that it overturned the decisions of the two lower...… Continue Reading

April 2, 2020, Law360

Mark Young spoke with Law360 about a UK Supreme Court case involving the intentional breach of customer data information by an employee at Morrisons. The court ruled Morrisons will no longer  have to pay a fine. Mr. Young says this is the “dual-edged result” of the Supreme Court judgment. Although a company is off the hook if an employee “goes off the deep end” ...

April 1, 2020, Inside Privacy

In response to the COVID-19 outbreak, several U.S. government entities have released warnings about a rise in scams and fraudulent activity connected to the outbreak.  In a recent bulletin, the FBI warned of a rise in phishing emails, counterfeit treatments or equipment for COVID-19 preparedness, and fake emails from the Centers for Disease Control and...… ...

April 1, 2020, Global Data Review

Daniel Cooper spoke with Global Data Review about a UK high court case involving the deliberate breach of personal information by a supermarket employee from Morrisons. The court ruled that the supermarket was not liable for the actions of the employee. Mr. Cooper described the decision as “dual-edged” and said that “when coupled with the Lloyd Court of Appeal ...

March 22, 2020, Inside Privacy

On March 21, 2020, the data security requirements of the New York SHIELD Act became effective.  The Act, which amends New York’s General Business Law, represents an expansion of New York’s existing cybersecurity and data breach notification laws.  Its two main impacts on businesses are: expanding data breach notification requirements under New York law; and...… ...

March 20, 2020, Global Data Review

Dan Cooper spoke with Global Data Review about how telecommunications companies are providing data regulators location data to track the effects of social distancing in the wake of coronavirus. Mr. Cooper told GDR that the measures in Europe are “not too much of a concern” from a privacy perspective as the data being used by authorities is anonymized and ...

March 19, 2020, Bloomberg

David Stein spoke with Bloomberg about legislation from Senate Democrats to shield U.S. citizens from negative credit reporting for the duration of the new coronavirus crisis. Three senators are looking to throw out a rule where credit bureaus are required under the Fair Credit Reporting Act to collect negative information. Mr. Stein  says, “To the extent that ...

March 16, 2020, Global Data Review

Trisha Anderson spoke with Global Data Review about Congress’s lapse in renewing the Freedom Act while dealing with COVID-19. Ms. Anderson told GDR if Congress doesn’t renew the business records provision, the FBI will have to operate with pre-Patriot Act surveillance tools. She adds that the FBI would still be able to obtain business records via grand jury ...

March 10, 2020, Inside Privacy

Covington experts on issues as varied as supply chain and other commercial contracts, employment, and insurance are supporting companies on the commercial implications of Coronavirus COVID-19.  But this blog post provides a brief overview of some of the key issues that privacy and cybersecurity professionals should have top of mind in dealing with response ...

February 20, 2020, Inside Privacy

On 19 February 2020, the European Commission presented its long-awaited strategies for data and AI.  These follow Commission President Ursula von der Leyen’s commitment upon taking office to put forward legislative proposals for a “coordinated European approach to the human and ethical implications of AI” within the new Commission’s first 100 days.  Although the ...

February 11, 2020, Global Data Review

Libbie Canter is quoted in Global Data Review regarding the California Attorney General Xavier Beccera’s revisions to the California Consumer Privacy Act’s (CCPA)  regulations. The revisions have left many businesses concerned and with unanswered questions. Ms. Canter says despite the revisions “ambiguities” remain for entities that collect data from third ...

February 5, 2020, Law360

Susan Cassidy is quoted in Law360 regarding the DoD’s implementation of cybersecurity requirements for defense contractors. Ms. Cassidy says that questions about the process, such as who will audit the thousands of contractors that need to be certified for cybersecurity compliance, how they will be audited and what options they will have if they disagree with an ...

February 4, 2020, Inside Privacy

Last Friday, the Department of Defense announced the release of Version 1.0 of its Cybersecurity Maturity Model Certification (“CMMC”), which sets forth the cybersecurity requirements that contractors and suppliers must meet to participate in the Department’s supply chain.  A new post on Covington’s Inside Government Contracts blog discusses the release of ...

January 10, 2020, Global Data Review

Daniel Cooper is quoted in Global Data Review regarding the UK ICO’s decision to fine DSG Retail £500,000 under pre-GDPR data protection law. The fine stems from the company being compromised by a cyberattack affecting at least 14 million people.   Mr. Cooper says, “the ICO's imposition of a maximum fine appears due, in part, to the fact that it felt DSG should ...

January 9, 2020, WatersTechnology

Michael Nonaka spoke with WatersTechnology about the impact of the California Consumer Privacy Act on financial institutions. Mr. Nonaka says, “There are exemptions [in the CCPA] for information that is covered by the GLBA. This is consumer information used by FIs, including broker-dealers. But there is not a broad exemption that just takes out the entirety of ...

November 21, 2019, Law360

Micaela McMurrough is quoted in Law360 regarding a recently unveiled cybersecurity protocol guidelines aimed at arbitrators, institutions and arbitration users on topics including baseline security measures. Ms. McMurrough says, "We tried to build in flexibility [so that the] document can be used as guidance, rather than something that's prescriptive.”

October 24, 2019, Law360

Susan Cassidy spoke with Law360 about the Department of Defense’s goal for its Cybersecurity Maturity Model Certification (CMMC) and its impact on join bid contractors.   Ms. Cassidy says such teaming arrangements are already complicated and can take years to put together for big defense procurements. Although the DOD has said cybersecurity compliance will be ...

October 22, 2019, Legaltech News

Trisha Anderson spoke with Legaltech News about a bilateral data access agreement, a new mechanism of the CLOUD Act and its effect on law firms. A year after the CLOUD Act, the first data-sharing agreement is most relevant to U.K. law enforcement agencies having access to the vast data held by U.S.-based tech companies, says Ms. Anderson. She adds, “The most ...

October 2, 2019

Boards and CEOs at companies of all sizes operating around the world list cybersecurity as one of the top concerns keeping them up at night. Cyber threats are in the news on a daily basis and we hear about data breaches all the time. But our practice often helps clients respond to cyber incidents that are much broader than data breaches; they range from small ...

August 4, 2019, CoinTelegraph

Michael Nonaka spoke with CoinTelegraph to discuss cryptocurrency regulation in the U.S.   Mr. Nonaka says, "The U.S. Financial Crimes Enforcement Network issued its first guidance addressing cryptocurrency companies in 2013, and since then regulatory action for digital assets has been slow to develop but has picked up in the past few years as an increasing ...

July 17, 2019, Covington Alert

On July 5, 2019, China’s Standing Committee of the National People's Congress (NPC) published a new draft Encryption Law (“the draft Law”) for public comment. The draft Law, if enacted as drafted, would bring significant new changes to China’s commercial encryption regime.

July 17, 2019, Covington Alert

On July 9, 2019, the European Court of Justice (“ECJ”) heard oral argument in Case C-311/18, Data Protection Commissioner v Facebook Ireland and Maximillian Schrems (“Schrems II”). The primary question before the ECJ is whether the European Commission’s standard contractual clauses (“SCCs”) are valid for transfers of personal data to the United States.1 Given ...

July 4, 2019, The Africa Report

June 18, 2019, GIR - The Guide to Cyber Investigations

June 14, 2019, Government Contracting Law Report

June 4, 2019, Thomson Reuters

Mark Young participated in a Q&A with Thomson Reuters about the EU Cybersecurity Act and its new cybersecurity certification schemes for information and communication technology products, services, and processes, especially internet of things devices. The interview also discusses how the Act supports the EU Directive on the Security of Network and Information ...

April 9, 2019, Global Data Review

Trisha Anderson spoke with the Global Data Review about the U.S.’s encryption law and its role electronic communication. According to Ms. Anderson, authorities in the U.S. have only general legal tools to seek access to encrypted data. Some traditional U.S. investigative tools, issued through courts and codified in law enforcement procedures, contain general ...

2019, American Bar Association

Our cross-disciplinary Internet of Things initiative contributed to the ABA's first book on IoT, The Internet of Things: Legal Issues, Policy, & Practical Strategies.   Laura Kim and Jennifer Johnson authored the chapter “U.S. Regulatory Framework for IoT,” with contributions from Sarah Wilson (product safety); Wade Ackerman, Elizabeth Guo, Christopher Hanson, ...

April 2019, Pratt's Privacy & Cybersecurity Law Report

March 19, 2019, Law360

January 14, 2019, Covington Alert

In the wake of destructive cyber incidents over the past few years, the insurance industry and its regulators have focused more attention on so-called “silent cyber” exposures in traditional property/casualty insurance policy forms and started taking steps to reduce or specifically address those exposures. We explain here what “silent cyber” means, and what the ...

December 26, 2018, Bloomberg Law

Michael Nonaka is quoted Bloomberg Law regarding the Office of the Comptroller of the Currency’s 2019 revamped rules for banks’ community investments. Mr. Nonaka says, “It’ll be interesting to see what the next step is in the rulemaking process, and that will reveal whether there are these differences.” He said the agencies are likely to come together on some ...

September 11, 2018, Am Law Litigation Daily

Terrell McSweeny is quoted in Am Law Litigation Daily regarding her move to the firm. “I am excited to join a firm that is well positioned to guide clients through the increasingly complex global antitrust, cybersecurity and consumer protection landscape,” said Ms. McSweeny.

September 11, 2018, Politico

Politico featured Terrell McSweeny’s recent move to Covington’s antitrust law, data privacy and cybersecurity practice groups.

September 10, 2018

WASHINGTON— Terrell McSweeny has joined Covington as a partner in the Antitrust and Competition Law and Data Privacy and Cybersecurity Practice Groups in Washington. Ms. McSweeny most recently served as a Commissioner at the Federal Trade Commission. Ms. McSweeny has held senior appointments in the FTC, Department of Justice, White House, and United States ...

September 10, 2018, The National Law Journal

Deborah Garza is quoted in The National Law Journal regarding Terrell McSweeny joining the firm. Ms. Garza says, “Having served both at the FTC and in the Antitrust Division, Terrell has an exceptionally broad base of experience to draw upon in helping clients understand and manage the antitrust enforcement, privacy, and data security issues. She also has ...

September 10, 2018, Global Competition Review

Terrell McSweeny and Deborah Garza are quoted in Global Competition Review regarding Ms. McSweeny’s move to the firm. Ms. McSweeny says that Covington is a “wonderful fit” due to its bench of former DOJ and FTC lawyers. She added that it will be good to work with colleagues who have had similar experiences. Ms. Garza praised McSweeny’s excellent reputation and ...

September 10, 2018, Law360

Terrell McSweeny is quoted in Law360 regarding her move to the firm. Ms. McSweeny says, “I am very excited to be joining a terrific firm to deal with the global challenges of antitrust, cybersecurity and consumer protection.”

September 10, 2018, Bloomberg

Terrell McSweeny’s move to Covington’s data privacy and cybersecurity practice group is highlighted in Bloomberg.

September 7, 2018, Global Investigations Review

Trisha Anderson and James Garland are quoted in Global Investigations Review regarding Ms. Anderson rejoining the firm. Mr. Garland believes Ms. Anderson will be a valuable asset to helping navigate the U.S. Cloud Act. He says, “Trisha has that ability to spot the pain points for both the clients and the government and help figure out a way forward. Sometimes ...

August 17, 2018

WASHINGTON— Law360 named Covington lawyers Alexander Berengaut, Michael Nonaka, and Ursula Owczarkowski to its list of “2018 Rising Stars.” This annual recognition honors top attorneys under 40 “whose legal accomplishments transcend their age.” Alex Berengaut represents clients in civil litigation, international arbitrations, and government enforcement ...

August 1, 2018, Bloomberg Law

Michael Nonaka is quoted in Bloomberg Law on the fintech industry’s enthusiasm regarding the Treasury Department’s recommendation that Congress support the “valid when made” doctrine. Mr. Nonaka adds, “The [recommendation] shows that these issues are not going away and that the uncertainty created from a growing body of inconsistent court opinions isn't a stable ...

July 31, 2018, Law360

Michael Nonaka is quoted in Law360 regarding the Office of the Comptroller of the Currency accepting applications for special-purpose national bank charters from financial technology companies. Mr. Nonaka says it will be a while before any fintech firms operate as national banks, and they may ultimately decide the special purpose charter does not suit their ...

July 5, 2018, Covington Alert

On June 27, 2018, China’s Ministry of Public Security (“MPS”) released for public comment a draft of the Regulations on Cybersecurity Multi-level Protection Scheme (“the Draft Regulation”). The highly anticipated Draft Regulation sets out the details of an updated Multi-level Protection Scheme, whereby network operators (defined below) are required to comply ...

March 1, 2018, Covington Alert

On February 21, 2018, the U.S. Securities and Exchange Commission (the “Commission”) approved a statement and interpretive guidance that provides the Commission’s views on a public company’s disclosure obligations concerning cybersecurity risks and incidents (the “2018 Commission Guidance”).

February-March 2018, Pratt’s Privacy & Cybersecurity Law Report

February 15, 2018, Bloomberg Law

Anne Termine is quoted in a Bloomberg Law article regarding the settlement reached with AMP Global Clearing LLC following charges from the CFTC stating that AMP's failure to diligently supervise a cybersecurity vendor resulted in a data breach. According to Termine, cybersecurity is “an area of increasing concern and scrutiny for the CFTC as it goes directly to ...

January 22, 2018, E-Commerce Times

Susan Cassidy is quoted in an E-Commerce Times article regarding efforts to create an online marketplace for government purchasers. "One model that was discussed would require a portal provider to contract with GSA to provide an online interface. Under this approach, suppliers would then sign up to use the portal, potentially via a contract with the portal ...

January 4, 2018, National Defense

January 2, 2018, Politico

Susan Cassidy is quoted in Politico Pro's "Morning Cybersecurity" newsletter regarding the December 31st deadline for defense contractors to meet minimum cybersecurity requirements for the systems they operate for the Pentagon. According to Cassidy, the cybersecurity rule presents “a problem for DoD because there’s a lot of subjectivity in what is ‘adequate ...

November 24, 2017, Los Angeles Business Journal

Susan Cassidy is quoted in a Los Angeles Business Journal article regarding the difficulties that some defense contractors in Southern California were facing trying to meet the Department of Defense deadline of December 31, 2017 for implementing the cybersecurity controls in NIST Special Publication 800-171. Cassidy notes that the definition of the information ...

October 3, 2017, Commercial Dispute Resolution

David Fagan is quoted in a Commercial Dispute Resolution article regarding how companies are bracing for cyber attacks. According to Fagan, cybersecurity is “a one-way ratchet: all constituents, whether customers, regulators, business partners, claimant counsel and finders of fact, are increasingly aware of and focused on the risk [which] arises from operating ...

October 2017

Covington's Data Privacy and Cybersecurity practice is excited to take part in National Cybersecurity Awareness Month. Throughout October, our lawyers will highlight top-of-mind concerns, provide helpful tips, and discuss the cybersecurity landscape more generally through a series of posts on our Inside Privacy blog. Below you can find our most recent content, ...

September 18, 2017, Covington Alert

Last week, in his annual State of the European Union Address, the President of the European Commission Jean-Claude Juncker called out cybersecurity as a key priority for the European Union in the year ahead. In terms of ranking those priorities, President Juncker placed tackling cyber threats just one place below the EU leading the fight against climate change, ...

August 31, 2017, Covington Alert

On August 31, 2017, China’s National Information Security Standardization Technical Committee (“NISSTC”), a standard-setting committee jointly supervised by the Standardization Administration of China (“SAC”) and the Cyberspace Administration of China (“CAC”), released an updated draft of the Information Security Technology - Guidelines for Data Cross-Border ...

August 2, 2017, Law360

Libbie Canter was named a "Rising Star" by Law360, recognizing her as a top lawyer under 40 in Privacy & Cybersecurity law. In its profile of Canter, Law360 highlights her advisory role on significant transactions, including Microsoft’s $8.5 billion acquisition of video call service Skype.

July 28, 2017, Medtech Insight

Marialuisa Gallozzi, John Buchanan, and Jeff Kiburtz are quoted in a Medtech Insight article regarding the growing interest in the healthcare sector in buying cyber insurance. According to Gallozzi, "We are in the midst of an evolution of the insurance market right now in this area." She says cyber insurance policies have been a growing trend but unlike other ...

July 2, 2017, San Antonio Express-News

Susan Cassidy is quoted in a San Antonio Express-News article regarding new cybersecurity requirements for contractors. According to Cassidy, "Essentially, the DOD wants its contractors to protect its information, because the DOD is a huge target, and its contractors are also a target." Commenting on the fact that over the years, contractors have been working ...

May 23, 2017, Cloud, Big Data and AI Conference, Seattle, Washington

May 23, 2017, Cloud, Big Data and AI Conference, Seattle, Washington

May 17, 2017, The Cybersecurity Law Report

May 3, 2017, The Cybersecurity Law Report

May 3, 2017, Covington Alert

On May 2, 2017, the Cyberspace Administration of China (“CAC”) released the final version of the Measures on the Security Review of Network Products and Services (Trial) (“the Measures”), with an effective date of June 1, 2017 (official Chinese version available here). The issuance of the Measures marks a critical first step toward implementing China’s ...

April 21, 2017, Luxembourg Forum (Triannual Meeting Between the United States Supreme Court and the European Court of Justice), Washington, DC

April 12, 2017, Covington Alert

On April 11, 2017, the Cyberspace Administration of China (“CAC”) released a draft of the Measures on Security Assessment of Cross-border Data Transfer of Personal Information and Important Data (“the Draft Measures”) for public comment (official Chinese version available here; Covington’s translation of the Draft Measures is appended at the end of this alert).

March 30, 2017, Business Forums International Ltd.

March 4, 2017, ABA Insurance Coverage Litigation Committee CLE Seminar

March 2017, National Defense

March 2017, Pratt's Government Contracting Law Report

February 22, 2017, The Cybersecurity Law Report

Steve Surdu was interviewed by The Cybersecurity Law Report for a three-part series on the role of forensic firms during a cyber breach. Part one discusses how to understand and leverage the expertise of forensic firms from the start. According to Surdu, forensic consultants have specialized skills and knowledge “that are very difficult for most organizations to ...

February 7, 2017, Covington Alert

On February 4, 2017, the Cyberspace Administration of China (“CAC”) released the draft Measures on the Security Review of Network Products and Services (“the draft Measures”) for public comment (official Chinese version available here; Covington’s translation of the draft Measures is here). The comment period ends on March 4, 2017.

January 24, 2017, Law360

Mark Young and Ian Hargreaves are quoted in a Law360 article regarding the high level of cyberattacks on the financial services industry and the resulting regulatory pressures. According to Young, “The GDPR [General Data Protection Regulation] is a massive text with groundbreaking change in the data privacy area, in terms of compliance requirements and the new ...

January 17, 2017, Federal Contracts Report

Susan Cassidy is quoted in a Federal Contracts Report article regarding the fate of cybersecurity improvements made by the DoD under President Trump. According to Cassidy, “I would expect those to continue forward because I don't see a political will to say, ‘No you shouldn't protect this.’”  The nomination of former Sen. Dan Coats (R-Ind.) to serve as director ...

January 4, 2017, Covington Alert

President Obama announced several actions on December 29 to respond to Russian cyber operations that the U.S. intelligence community previously had concluded were intended to influence the U.S. presidential election. Specifically, the President revised and expanded an earlier executive order that blocks the property and interests in property of persons that ...

October 20, 2016, Covington Alert

On October 19, 2016, the Board of Governors of the Federal Reserve System (Federal Reserve), Office of the Comptroller of the Currency (OCC), and Federal Deposit Insurance Corporation (FDIC) (collectively the “Agencies”) released a joint Advance Notice of Proposed Rulemaking (ANPR) requesting public comment on enhanced cybersecurity standards that would apply to ...

July 27, 2016, Global Investigations Review

Stephen Surdu and James Garland are quoted in a GIR article regarding Surdu’s arrival to Covington as a Senior Cybersecurity Advisor. “In the fog of war, companies do not think clearly,” Surdu says. “They want to do the right thing, but they do not quite know what that is. As someone who has handled many cybersecurity investigations, I can help calm the ship.” ...

July 25, 2016, Covington Alert

Search warrants served on U.S. Internet companies and cloud service providers cannot obtain customer data stored overseas, the U.S. Court of Appeals for the Second Circuit ruled on July 14. The federal appellate decision focuses on warrants issued under the federal Electronic Communications Privacy Act (“ECPA”) and formally applies only in the Second Circuit, ...

July 21, 2016, Law360

David Fagan and Stephen Surdu are quoted in a Law360 article regarding the launch of Covington’s new Cybersecurity Incident Response Team in conjunction with the arrival of Surdu and Jenny Martin. According to Fagan, “We’re a big firm with clients that span the globe. They can’t control when they have incidents, and you can get calls on a Friday afternoon from ...

July 18, 2016

WASHINGTON—Covington has formed an enhanced team of lawyers and advisors to provide cybersecurity incident response services to clients, highlighted by Stephen Surdu, who formerly led the professional services group of Mandiant, joining the team as a Senior Cybersecurity Advisor.  Through the formation of the Cybersecurity Incident Response Team with members on ...

July 18, 2016, The American Lawyer

James Garland and Steve Surdu are quoted in an American Lawyer article regarding the launch of Covington’s Cybersecurity Incident Response Team, highlighted by Surdu’s recent arrival as a Senior Cybersecurity Advisor. According to Garland, "The lawyers that do the interviews and oversee the forensic investigation, we're experienced but we're not engineers." He ...

July 7, 2016, Covington Alert

The Brazilian financial industry has long been a target of cyber criminals, and with the continued growth of sophisticated online banking services in Brazil, such systems are a prime target for organized crime. In addition, among the emerging BRICS countries (Brazil, Russia, India, China, and South Africa), Brazil is on a par with China and Russia in terms of ...

June 21, 2016, Webinar

May 2, 2016, Law360

May 2016, National Defense Magazine

April 8, 2016, Covington Alert

On April 6, the National Telecommunications and Information Administration (NTIA), part of the U.S. Department of Commerce, issued a Request for Comment (RFC) seeking public feedback on the benefits, challenges, and potential roles for the government in fostering the advancement of the Internet of Things (IoT). NTIA issued the RFC as part of the Commerce ...

March 2016, Cyber Security Law & Practice

February 19, 2016, Law360

Mark Young and Libbie Canter are quoted in this Law360 article offering tips on how deal makers can mitigate cybersecurity risks.  According to Young, any discovered incidents can give buyers pause on how  — and if — they want to move forward. “We’ve dealt with at least a couple examples where deals were at least delayed if not reconsidered because of ...

January 12, 2016, Covington Alert

December 2015, Privacy & Data Protection

October 13, 2015

WASHINGTON, DC, October 13, 2015 - Covington addresses the critical issue of how to manage risks associated with third-party outsourcing in Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers. Published in collaboration with Palo Alto Networks and the New York Stock Exchange, the book provides boards, executives and ...

October 6, 2015, Covington Alert

October 2015, Navigating the Digital Age: The Definitive Cybersecurity Guide for Directors and Officers

September 2015, Bloomberg BNA World Data Protection Report

August 27, 2015, Inside Cybersecurity

Susan Cassidy was quoted in this article.

August 13, 2015, Inside Cybersecurity

Susan Cassidy was quoted in this article.

August 12, 2015, The Cybersecurity Law Report

August 11, 2015

WASHINGTON, DC, August 11, 2015  —The Los Angeles Business Journal has named Covington partner and former federal prosecutor Daniel Shallman to its list of the city’s “Most Influential Lawyers” in the white collar and cyber practice areas. In selecting Mr. Shallman, the publication noted that he has handled “a string of impressive matters” since joining the firm ...

August 2015, Bloomberg BNA World Data Protection Report

July 17, 2015, Webinar

July 13, 2015, China Law & Practice

July 10, 2015, Covington Alert

July 2, 2015, Covington Alert

June 12, 2015, InsidePrivacyBlog

June 9, 2015, InsideCounsel

May 12, 2015, Inside Counsel

May 2015, Privacy Laws & Business UK Report

March 13, 2015, CDR News

March 12, 2015, InsideCounsel

March 9, 2015, The National Law Journal

February 28, 2015, InsidePrivacy Blog

February 19, 2015, Inside Counsel

February 2015, Bloomberg BNA World Data Protection Report

January 2015, Regulatory Rapporteur

November/December 2014, E-Commerce Law Reports

2014, Data Protection and Privacy Law (2nd Edition, Thomson Reuters)

June 2014, E-Commerce Law & Policy

May 14, 2014, InsidePrivacy Blog

April 8, 2014, InsidePrivacy Blog

April 2014, West Briefing Papers

November 27, 2013, Covington E-Alert

October 24, 2013, Covington E-Alert

October 8, 2013, Law360

April 25, 2013, Law360

April 2013, World Data Protection Report

May 21, 2012, Corporate Counsel

May 2010, Privacy Law & Business

October 2009, The Privacy Advisor

November 24, 2008, Covington E-Alert