Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe.

To read more issues of Katten's Privacy, Data and Cybersecurity Quick Clicks, please click here.

President Biden Issues Executive Order on Safe, Secure and Trustworthy Artificial Intelligence

By Trisha Sircar

Pursuant to the Fact Sheet published on October 30, 2023, by the White House, President Biden issued a landmark Executive Order to ensure that America leads the way in seizing the promise and managing the risks of artificial intelligence (AI). The Executive Order establishes new standards for AI safety and security, protects Americans’ privacy, advances equity and civil rights, stands up for consumers and workers, promotes innovation and competition, advances American leadership around the world, and more. As part of the Biden-Harris Administration’s comprehensive strategy for responsible innovation, the Executive Order builds on previous actions the President has taken, including work that led to voluntary commitments from 15 leading companies to drive safe, secure, and trustworthy development of AI. Read more about the actions directed by President Biden.

New FTC Rule Requires Certain Financial Institutions to Report Loss of Unencrypted Customer Data

By Christina Grigorian, Eric Hail, Ted Huffman and Trisha Sircar

On October 27, the Federal Trade Commission (FTC) published a final rule expanding data breach notification requirements for certain financial institutions. Federal Register will require entities within its scope to report certain details to the FTC no later than 30 days after unencrypted customer information involving more than 500 consumers is acquired without authorization, including the number of consumers affected, a general description of the notification event and more. Read more about the reporting requirements and why they matter.

SEC Sues SolarWinds and its CISO for Fraud and Other Violations Related to Massive Data Breach

By Danette Edwards

On October 30, the US Securities and Exchange Commission (SEC) sued SolarWinds and its Chief Information Security Officer (CISO) for fraud, false reporting, and internal and disclosure control violations related to the massive SUNBURST cybersecurity attack. The SEC was unable to reach a settlement with the company or the CISO following the conclusion of the Commission’s enforcement investigation and was forced to file a litigated action against the defendants. Notably, the CISO is the only individual defendant named in the suit, even though the SEC previously sent Wells Notices to other SolarWinds officers and employees. Read more about the allegations and key takeaways from the SEC’s lengthy complaint.

During Cybersecurity Awareness Month, California Attorney General Bonta Provides Tips to Protect Against Online Threats

By Trisha Sircar

For Cybersecurity Awareness Month, which is recognized every October, California Attorney General Rob Bonta provided consumers and businesses with tips to defend against cybersecurity threats. For consumers, his tips include the use of strong passwords and password managers, multi-factor authentication, antivirus software and more. For businesses, Rob suggests the implementation of firewall security for internet connections, secure Wi-Fi networks, passwords and authentication, and others. Read more about the tips for consumers and businesses.