On March 15, 2023, the U.S. Securities and Exchange Commission (“SEC”) released its proposal to amend Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information (the “Proposed Amendments”), while simultaneously issuing two additional cybersecurity-related rule proposals and re-opening the comment period for its previously proposed cybersecurity risk management rule released in February 2022. This set of sweeping reforms makes it clear, if not already, that the SEC is serious about implementing comprehensive cybersecurity and privacy standards across its regulated entity population — including investment advisers. However, the Proposed Amendments are already subject to criticism, most notably by Commissioner Pierce in her accompanying Statement, due to the likely burdens and costs of implementation, as well as the potential for conflicts with existing state laws. Moreover, the Proposed Amendments would create additional exam and enforcement risk where disclosure of certain cyber events is deemed – after the fact – not to have been prompt or accurate enough.

Read the full client alert here.

Posted in Cybersecurity, Data Privacy Laws, Legislation, Privacy Law, SEC
Tags: cybersecurity, cybersecurity risk, Division of Enforcement, Division of Examinations, Hedge Funds, Incident Response Plan, Privacy & Cybersecurity, Private Funds, Proposed Regulations, registered investment advisers, Regulation S-P, Safeguards Rule, SECURITIES LITIGATION, U.S. Securities and Exchange Commission (“SEC”)
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Nolan Goldberg Nolan Goldberg

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range…

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range of types of disputes, including cybersecurity, intellectual property, and commercial.  Nolan’s understanding of technology allows him to develop defenses and strategies that might otherwise be overlooked or less effective and enhances the “story telling” that is critical to bringing a dispute to a successful conclusion.

Nolan is a registered patent attorney before the U.S. Patent & Trademark Office; and an International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional, United States (US CIPP) and Certified Information Privacy Technologist (US CIPT).

Cybersecurity

Nolan’s electrical engineering background, coupled with a litigation and risk management-centric focus, allows him to assist companies in all phases of incident response. Nolan often acts as a bridge between the technical and legal response teams (both inside and outside forensic consultants). Nolan uses this deep familiarity with the company and its systems to defend the company in litigations, arbitrations and regulatory investigations, including before the Federal Communications Commission (FCC); Federal Trade Commission (FTC) and before various State’s Attorneys General, including Multi-State investigations.

Nolan has worked on incidents that range from simple phishing attacks on e-mail accounts by cyber-criminals to intrusions by (formerly) trusted inside employees to complex technical breaches of hosted systems by state-sponsored advanced persistent threats (APTs). These incidents have involved both client systems, and systems of a vendor of a client that hosted its data.

It is often the case (both in response to an incident and for other reasons) that a company will want to undertake an assessment of its security posture, but has concerns about the discoverability of any such analysis.  Accordingly, Nolan also frequently assists companies’ scope and conduct privileged security assessments, including “dual purpose” assessments where privileged analysis are also used for ordinary-course purposes.

Commercial Disputes

Nolan also assists companies with commercial disputes, particularly in cases where there is a technology component, including disputes arising from hosted software agreements; outsourcing and managed services agreements; software and technology development agreements and the dissolution of joint ventures.  When these disputes cannot be amicably resolved, Nolan has litigated them in State and Federal Court and in arbitrations, including international arbitrations.

Intellectual Property

Nolan’s work has included numerous patent and trade secret litigations and negotiations, primarily in cases involving computer and network-related technologies. In particular, the litigations have involved at least the following technologies: hosted software; telecommunications, computer networking; network and computer-related security hardware and software; microprocessors, voice-over Internet protocol (“VoIP”); bar code scanners  financial business methods and software, including securities settlement, fail management and trade execution and reporting software; data compression; handheld computers; pharmaceuticals; cardiac electro-stimulatory devices and prosthetics.

Nolan also has experience prosecuting patent applications before the U.S. Patent and Trademark Office in encryption, CMOS, HDTV, virtual private networks (“VPN”), e-commerce, XML/XSL, financial instruments, semiconductor electronics, medical device technology, inventory control and analysis, cellular communications, Check 21 and business methods. Nolan also has conducted numerous freedom-to-operate searches, written opinions, and counseled clients in the areas of bar code scanners, imaging, book publishing, computer networking, business methods, Power Over Ethernet (“PoE”), and digital content distribution.

He has assisted in evaluating patents for inclusion in patent pools involving large consumer electronics and entertainment companies concerning CD and DVD technology.

Computer Forensics and Electronic Discovery

Nolan is often called upon to develop e-discovery strategies to be used in all types of litigations, with a particular focus on selecting appropriate tools, developing proportionate discovery plans, cross border electronic discovery, managing the overall burden and cost of the electronic discovery process, and obtaining often overlooked electronic evidence, including computer forensics. He also assists clients to develop and implement information management programs to reduce expense and risk, meet compliance obligations, and tame e-discovery burdens.

Thought Leadership

Nolan has authored numerous articles and given numerous presentations on emerging issues and trends in both technology and law, and has often been called upon to comment on various media outlets including Business Week, IPlaw360, IT Business Edge, CIO.com, Forbes, and The National Law Journal.

Prior to practicing law, Nolan was a computer specialist at Underwriters Laboratories (UL).

Read more about Nolan Goldberg
Show more Show less
Photo of Robert Pommer Robert Pommer

Robert W. Pommer III is a partner in the Litigation Department and a member of Proskauer’s Securities Litigation, White Collar Defense & Investigations groups and the Asset Management Litigation team.

Bob’s practice focuses on a broad range of securities-related enforcement and compliance issues.

Robert W. Pommer III is a partner in the Litigation Department and a member of Proskauer’s Securities Litigation, White Collar Defense & Investigations groups and the Asset Management Litigation team.

Bob’s practice focuses on a broad range of securities-related enforcement and compliance issues. He represents private fund managers, financial institutions, public companies, and their senior executives in enforcement investigations and litigation conducted by the SEC, the U.S. Department of Justice, and other governmental entities and financial services regulators. He also conducts internal investigations and counsels investment advisers and public companies on regulatory compliance, corporate governance and other SEC-related issues.

Prior to his career in private practice, Bob served as Assistant Chief Litigation Counsel in the SEC’s Division of Enforcement for nine years. While there, he investigated and litigated several high-profile cases involving complex financial fraud and audit failures. Bob also worked on enforcement actions involving insider trading, investment adviser and broker-dealer issues, market manipulation and other violations of the federal securities laws.

Read more about Robert Pommer
Show more Show less
Photo of Robert Sutton Robert Sutton

Robert Sutton is a partner of the Private Funds Group and a member of the Corporate Department. He is a seasoned practitioner with over 20 years of experience counseling managers and advisers of private funds on regulatory matters, as well as regulatory issues…

Robert Sutton is a partner of the Private Funds Group and a member of the Corporate Department. He is a seasoned practitioner with over 20 years of experience counseling managers and advisers of private funds on regulatory matters, as well as regulatory issues related to the formation and operation of private equity, credit, real estate, infrastructure, hedge and other private funds.

Rob has a deep knowledge of the market practice of asset managers and in particular, as it relates to Advisers Act-related issues. From some of the largest and most sophisticated firms in the global asset management industry to start-ups and mid-sized firms, Rob’s experience includes a wide spectrum of funds and asset classes across their life cycles. Rob regularly advises on matters in connection with: U.S. investment adviser registration and regulation; Advisers Act and other U.S. securities law issues relating to the formation, marketing and offering of private funds; Identifying and managing conflicts of interest, and addressing related Advisers Act risks, SEC examinations, and exam readiness preparation; Design and implementation of investment adviser compliance policies and procedures; U.S. regulatory issues relating to purchases and sales of investment advisory businesses (minority stake and control stake transactions, buy-side and sell-side representations); Advisers Act and other U.S. regulatory issues relating to private fund restructurings and recapitalizations, strip sales, continuation fund formations and similar transactions; Advisers Act issues relating to the formation of SPACs by investment advisers; and, Investment Company Act status analyses of private fund structures, investment transaction structures and other non-registered investment company structures.

Rob has been recognized by his clients and peers for his extraordinary work, gaining various accolades including mentions in preeminent directories such as The Legal 500.  He is also very active within the private funds industry, contributing to numerous publications and collaborating on several speaking engagements.

Read more about Robert Sutton
Show more Show less
Related Posts
SEC Adopts Rule Amendments to Regulation S-P to Enhance Protection of Customer Information
May 28, 2024
Shining a Light on the Corporate Transparency Act: FinCEN’s Rules for Beneficial Ownership Reporting
January 18, 2023
SolarWinds: A Lesson on How Companies Victimized by Data Breaches Can Quickly Become the Target of Litigation and Regulatory Investigations
November 16, 2022