In a landmark decision on July 18, 2024, Judge Paul Englemayer of the Southern District of New York dismissed most charges in the SEC’s enforcement action against SolarWinds and its CISO, Timothy Brown. The court ruled that cybersecurity controls are not part of a company’s “system of internal accounting controls” under Section 13(b)(2)(B)(iii) of the Exchange Act, dismissing these claims. However, the court upheld charges that SolarWinds and Brown misled investors with public statements about their cybersecurity program. This case, stemming from the SUNBURST attack, highlights the importance of detailed risk disclosures and accurate public-facing statements on cybersecurity.

In Snyder v. United States, the Supreme Court, in a 6-3 decision authored by Justice Kavanaugh, significantly limited the federal statute criminalizing gratuities in state and local jurisdictions. Snyder, a mayor, awarded a USD 1.3 million contract and received a USD 13,000 payment from the benefiting company. The Supreme Court ruled that the relevant statute, Title 18 section 666, applies only to bribes paid or promised before an official act, not after-the-fact gratuities.

Federal regulatory agencies have prioritized enforcement efforts that target the mishandling of data by companies that store and monetize large amounts of personal or sensitive information. This issue cuts across multiple regulatory areas which has prompted increased coordination between federal agencies. Notably, on March 26, 2024, the US Federal Communications Commission, Consumer Financial Protection Bureau, and the Federal Trade Commission, publicized a coordinated effort to increase their technological capabilities to address privacy and competition concerns related to the use of data.

While not new, AI is one of the key drivers of change and could boost productivity and cut costs. The use of distributed ledger technology is creating new products and services such as central bank digital currencies that could bring the unbanked to the financial mainstream. And the use of biometrics authentication promises to enhance the security available to users. While quantum computing remains beyond the next decade, it could have wide-ranging benefits to financial institutions but also leave the sector exposed to a higher level of cyberattacks.

On Tuesday, 23 January 2024 we are hosting an in-person client event in our New York office on Generative AI: Harnessing the Power and Mitigating Risk. The program includes an exciting in-house counsel panel featuring key speakers from Calix, Wolters Kluwer and Tiffany & Co. We’ll also hear from a cross-discipline Baker team who will discuss legal and regulatory considerations and mitigating risk when using Gen. AI,

Cybersecurity threats and risks are increasing each day, and cybercriminals are getting more sophisticated in their attacks. Companies need to ensure that their data security measures keep up with ever-changing regulations and that they have protocols in place to deal with cyber threats, breaches, and ransomware attacks. Retail brands recognize that in an increasingly connected world, cybersecurity should remain a top priority.

On 8 November 2023, join thought leaders from government, the judiciary, academia, and private practice for this timely gathering on the Georgetown Law campus in Washington, DC. Laws and policy surrounding the protection of trade secrets are changing as technology evolves. In this first-of-its-kind event at Georgetown, intellectual property experts will discuss the following topics: How generative AI is transforming the trade secret landscape, the role of non-competes, protecting against leaks of confidential information, the impact of China’s emerging trade secret protection landscape on global commerce, and the future of trade secrets in the US and abroad.