Every year after Labor Day, I take a step back to survey the most important current trends and developments in the world of Directors’ and Officers’ liability and insurance. This year’s review is set out below. As the following discussion shows, this is a particularly interesting time in the world of D&O.Continue Reading What to Watch Now in the World of D&O
cybersecurity
Online Retailer Hit with Privacy, Security, and Forced Labor-Related Securities Suit
Here at The D&O Diary, we track new securities class action lawsuit filings to identify emerging litigation trends and to track filings that reflect existing trends. Every now and then, we spot new suits that reflect multiple different trends in a single complaint. A new securities lawsuit filed earlier this week against Chinese online retailer PDD Holdings (formerly known as Pinduoduo) is an example of one of these multi-trend suits. As discussed below, the lawsuit shows how privacy-related issues, cybersecurity issues, and geopolitical issues can translate into securities class action litigation. A copy of the August 13, 2024, complaint against PDD can be found here.Continue Reading Online Retailer Hit with Privacy, Security, and Forced Labor-Related Securities Suit
SEC Files Settled Charges Based on Alleged Cybersecurity-Related Control Deficiencies
In an action the SEC’s two Republican Commissioners sharply criticized in a separately-issued statement, the SEC has filed settled charges against business communications services provider R.R. Donnelly & Sons (RRD) relating to the company’s disclosure and accounting controls in connection with cybersecurity incidents the company suffered in late 2021. The company, which the SEC credited for its cooperation and remedial measures, agreed to pay a $2.125 million civil penalty and voluntarily adopted corrective processes and procedures. The settled action provides strong indications of the measures and controls the agency expects reporting companies to adopt and implement with respect to cybersecurity.Continue Reading SEC Files Settled Charges Based on Alleged Cybersecurity-Related Control Deficiencies
Guest Post: Inigo’s 2024 Defense Counsel Survey
In the following guest post, Ed Whitworth, the Head of Financial Lines at Inigo, and Yera Patel, Chief Legal officer and Head of Financial Lines Claims for Inigo, summarize the results of a recent survey Inigo conducted of U.S. securities litigation defense counsel. The original of the survey summary previously was published on Inigo’s blog, here. I would like to thank Ed, Yera, and Inigo for allowing me to publish the report summary on this site. I welcome guest post submissions from responsible authors on topics of interest to the blog’s readers. Please contact me directly if you would like to submit a guest post. Here is the authors’ article. Continue Reading Guest Post: Inigo’s 2024 Defense Counsel Survey
Alphabet Google+ User Data Privacy-Related Securities Suit Settles for $350 Million
In what is apparently the largest privacy and cybersecurity-related securities class action lawsuit settlement ever, the parties to the Alphabet Google+ user data securities suit have agreed to settle the action for $350 million. As discussed below, this massive settlement, which is subject to court approval, is significant for a number of important reasons. A copy of the parties’ February 5, 2024, Stipulation of Settlement can be found here. The plaintiffs’ February 5, 2024, motion for preliminary settlement approval can be found here.Continue Reading Alphabet Google+ User Data Privacy-Related Securities Suit Settles for $350 Million
Guest Post: Three Industry Predictions. How Did We Do?
In the following guest post, Nelson Kefauver, Head of Profin Underwriting at Intact Insurance, takes a look at how three frequent industry predictions from the recent past have turned out. Nelson’s comments are specific to the private and non-profit D&O insurance space and not do not refer to the public company D&O insurance…
The Top Ten Stories in D&O of 2023
The directors’ and officers’ liability environment is always changing, but 2023 was a particularly eventful year, with important consequences for the D&O insurance marketplace. The past year’s many developments also have significant implications for what may lie ahead in 2024 – and possibly for years to come. I have set out below the Top Ten D&O Stories of 2023, with a focus on future implications. Please note that on Thursday, January 11, 2024 at 11:00 AM EST, my colleagues Marissa Streckfus, Chris Bertola, and I will be conducting a free, hour-long webinar in which we will discuss The Top Ten D&O Stories of 2023. Registration for the webinar can be found here. I hope you can join us for the webinar.Continue Reading The Top Ten Stories in D&O of 2023
What to Watch in the World of D&O
Every year after Labor Day, I take a step back to survey the most important current trends and developments in the world of Directors’ and Officers’ liability and insurance. This year’s review is set out below. As the following discussion shows, this is a particularly interesting time in the world of D&O.Continue Reading What to Watch in the World of D&O
SEC Adopts Final Cybersecurity Disclosure Rules
On July 26, 2023, a divided SEC adopted, by a 3-2 vote, final rules for cybersecurity disclosures. The final rules are based on proposed rules the agency first introduced in March 2022. The rules require companies to disclose material cybersecurity incidents they experience, and also to disclose on an annual basis material information regarding their cybersecurity risk management and governance. The rules will have a significant impact on reporting companies’ disclosure practices and could present a challenge for some companies. A copy of the final cybersecurity disclosure rules can be found here. The SEC’s July 26, 2023, press release about the final cybersecurity disclosure rules can be found here. The SEC’s two-page fact sheet about the new rules can be found here.Continue Reading SEC Adopts Final Cybersecurity Disclosure Rules
Cybersecurity-Related Securities Suit Allegations Against Okta Dismissed
As I noted in my year-end round up of D&O related issues (here), plaintiffs’ lawyers have continued to file securities class action lawsuits following cybersecurity incidents, even though the plaintiffs’ track record in these kinds of lawsuits generally has been poor. Among the cybersecurity-related securities lawsuits filed last year was the suit against cloud-based software company Okta relating in part to the cybersecurity incident at the company earlier in the year. Consistent with the general trend, on March 31, 2023, the court presiding over the Okta securities lawsuit granted the defendants’ motion to dismiss the cybersecurity-related allegations, although the court denied the dismissal motion with respect to certain of the plaintiffs’ other unrelated allegations. The court granted the plaintiff leave to amend the dismissed allegations. The court’s March 31, 2023, order can be found here.Continue Reading Cybersecurity-Related Securities Suit Allegations Against Okta Dismissed