As most readers undoubtedly are aware, the EU’s General Data Protection Regulation went into effect on May 25, 2018. Even though the regulation has only been in effect for a few months, regulators across Europe have already starting levying fines under the regulation’s provisions. In the following guest post, Bill Boeck takes a look at the fines that have been imposed so far and considers their implications. Bill is currently Senior Vice President and Insurance and Claims Counsel with the Lockton Companies. He is Lockton’s global leader for cyber claims and for the development of proprietary cyber wordings and endorsements. Bill also leads Lockton’s US financial lines claims practice. A version of this article previously was published on the Lockton Cyber Risk Update Blog. I would like to thank Bill for his willingness to allow me to publish his article on this site. I welcome guest post submissions from responsible authors on topics of interest to this site’s readers. Please contact me directly if you would like to submit a guest post. Here is Bill’s article. Continue Reading Guest Post: What Can the First GDPR Fines Tell Us?
When news of the recent massive data breach at Marriott began circulating late last week, a colleague emailed and asked me how long I thought it would take for a D&O lawsuit to be filed. I emailed back that I thought there would be a securities class action lawsuit before the end of business on Monday (December 3). Turns out, I didn’t give the plaintiffs’ lawyers nearly enough credit for haste. The plaintiffs’ lawyers managed to file a securities class action lawsuit against the company on December 1, 2018, just one day after Marriott announced the breach. The lawsuit is the latest example both of a data breach-related D&O lawsuit and an event-driven securities suit, as discussed further below. 
One of the important questions about U.S. Department of Justice’s approach following the change of Presidential Administration two years ago was 
Late last month, 
One idea that resurfaces from time to time is the suggestion that companies ought to adopt bylaw or charter provisions mandating the arbitration of shareholder claims, including claims under the federal securities laws. The current SEC Chair, Jay Clayton, 
If the uncertainty creates risk, then the current state of play on the United Kingdom’s efforts to withdraw from the European Union represents risk in a highly concentrated form. On November 25, 2018, the 27 EU members 
The Northern California wildfire known as the 
Unless dramatic counter-measures are taken, annual losses to the U.S. economy from climate change could reach billions of dollars by the end of the century, according to a comprehensive interagency report from the U.S. federal government released last week. Even though the report’s subject arguably is outside this blog’s bailiwick, I am highlighting the report here out of a concern that due to the report’s publication late in the afternoon on the Friday of a holiday weekend many may have missed the report and its message. The report is sober, detailed, and serious, and should be read and studied by anyone concerned about important risks facing our national economy and business environment. The bottom line is that climate change clearly represents a significant risk for all enterprises, regardless of sector and of geographic location. 
The SEC Whistleblower Program had a “record-breaking year” during the 2018 fiscal year that ended on September 30, 2018, according the latest annual report from the agency’s Office of the Whistleblower. During the fiscal year, the agency not only made total awards exceeding the aggregate amount awarded in the entire prior history of the program, but it also made the largest separate awards in the program’s existence. The number of whistleblower reports during the fiscal year also increased over 20 percent, the largest annual increase in the number of reports in the program’s history. The SEC’s Office of the Whistleblower’s 2018 Annual Report can be found 