On March 15, 2023, the U.S. Securities and Exchange Commission (“SEC”) released its proposal to amend Regulation S-P: Privacy of Consumer Financial Information and Safeguarding Customer Information (the “Proposed Amendments”), while simultaneously issuing two additional cybersecurity-related rule proposals and re-opening the comment period for its previously proposed cybersecurity risk management rule released in February 2022. This set of sweeping reforms makes it clear, if not already, that the SEC is serious about implementing comprehensive cybersecurity and privacy standards across its regulated entity population — including investment advisers. However, the Proposed Amendments are already subject to criticism, most notably by Commissioner Pierce in her accompanying Statement, due to the likely burdens and costs of implementation, as well as the potential for conflicts with existing state laws. Moreover, the Proposed Amendments would create additional exam and enforcement risk where disclosure of certain cyber events is deemed – after the fact – not to have been prompt or accurate enough.

Read the full client alert here.

Posted in Cybersecurity, Data Privacy Laws, Legislation, Privacy Law, SEC
Tags: cybersecurity, cybersecurity risk, Division of Enforcement, Division of Examinations, Hedge Funds, Incident Response Plan, Privacy & Cybersecurity, Private Funds, Proposed Regulations, registered investment advisers, Regulation S-P, Safeguards Rule, SECURITIES LITIGATION, U.S. Securities and Exchange Commission (“SEC”)
Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Nolan Goldberg Nolan Goldberg

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range…

Nolan M. Goldberg is a partner in the Litigation Department, co-head of the Data Privacy and Cybersecurity Litigation Group, and a member of the Patent Law Group. His practice focuses on technology-centric litigation, arbitration (including international arbitrations), investigations and counseling, covering a range of types of disputes, including cybersecurity, intellectual property, and commercial.  Nolan’s understanding of technology allows him to develop defenses and strategies that might otherwise be overlooked or less effective and enhances the “story telling” that is critical to bringing a dispute to a successful conclusion.

Nolan is a registered patent attorney before the U.S. Patent & Trademark Office; and an International Association of Privacy Professionals (IAPP) Certified Information Privacy Professional, United States (US CIPP) and Certified Information Privacy Technologist (US CIPT).

Cybersecurity

Nolan’s electrical engineering background, coupled with a litigation and risk management-centric focus, allows him to assist companies in all phases of incident response. Nolan often acts as a bridge between the technical and legal response teams (both inside and outside forensic consultants). Nolan uses this deep familiarity with the company and its systems to defend the company in litigations, arbitrations and regulatory investigations, including before the Federal Communications Commission (FCC); Federal Trade Commission (FTC) and before various State’s Attorneys General, including Multi-State investigations.

Nolan has worked on incidents that range from simple phishing attacks on e-mail accounts by cyber-criminals to intrusions by (formerly) trusted inside employees to complex technical breaches of hosted systems by state-sponsored advanced persistent threats (APTs). These incidents have involved both client systems, and systems of a vendor of a client that hosted its data.

It is often the case (both in response to an incident and for other reasons) that a company will want to undertake an assessment of its security posture, but has concerns about the discoverability of any such analysis.  Accordingly, Nolan also frequently assists companies’ scope and conduct privileged security assessments, including “dual purpose” assessments where privileged analysis are also used for ordinary-course purposes.

Commercial Disputes

Nolan also assists companies with commercial disputes, particularly in cases where there is a technology component, including disputes arising from hosted software agreements; outsourcing and managed services agreements; software and technology development agreements and the dissolution of joint ventures.  When these disputes cannot be amicably resolved, Nolan has litigated them in State and Federal Court and in arbitrations, including international arbitrations.

Intellectual Property

Nolan’s work has included numerous patent and trade secret litigations and negotiations, primarily in cases involving computer and network-related technologies. In particular, the litigations have involved at least the following technologies: hosted software; telecommunications, computer networking; network and computer-related security hardware and software; microprocessors, voice-over Internet protocol (“VoIP”); bar code scanners  financial business methods and software, including securities settlement, fail management and trade execution and reporting software; data compression; handheld computers; pharmaceuticals; cardiac electro-stimulatory devices and prosthetics.

Nolan also has experience prosecuting patent applications before the U.S. Patent and Trademark Office in encryption, CMOS, HDTV, virtual private networks (“VPN”), e-commerce, XML/XSL, financial instruments, semiconductor electronics, medical device technology, inventory control and analysis, cellular communications, Check 21 and business methods. Nolan also has conducted numerous freedom-to-operate searches, written opinions, and counseled clients in the areas of bar code scanners, imaging, book publishing, computer networking, business methods, Power Over Ethernet (“PoE”), and digital content distribution.

He has assisted in evaluating patents for inclusion in patent pools involving large consumer electronics and entertainment companies concerning CD and DVD technology.

Computer Forensics and Electronic Discovery

Nolan is often called upon to develop e-discovery strategies to be used in all types of litigations, with a particular focus on selecting appropriate tools, developing proportionate discovery plans, cross border electronic discovery, managing the overall burden and cost of the electronic discovery process, and obtaining often overlooked electronic evidence, including computer forensics. He also assists clients to develop and implement information management programs to reduce expense and risk, meet compliance obligations, and tame e-discovery burdens.

Thought Leadership

Nolan has authored numerous articles and given numerous presentations on emerging issues and trends in both technology and law, and has often been called upon to comment on various media outlets including Business Week, IPlaw360, IT Business Edge, CIO.com, Forbes, and The National Law Journal.

Prior to practicing law, Nolan was a computer specialist at Underwriters Laboratories (UL).

Read more about Nolan Goldberg
Show more Show less
Photo of Ryan P. Blaney Ryan P. Blaney

Ryan Blaney represents health care, life science, and technology clients in a range of regulatory, enforcement, internal investigative and transactional matters, with particular expertise in privacy law, life sciences and digital health. He also has expertise in regulatory compliance, counseling clients on a…

Ryan Blaney represents health care, life science, and technology clients in a range of regulatory, enforcement, internal investigative and transactional matters, with particular expertise in privacy law, life sciences and digital health. He also has expertise in regulatory compliance, counseling clients on a range of matters, including health care fraud and abuse, third party reimbursement, data breach issues, data privacy and security, and FDA regulatory matters. He has substantial experience in pharmaceutical lifecycle management and competition issues, including the Hatch- Waxman Act and Biosimilars Price Competition and Innovations Act.

Ryan serves information technology companies, public and private health care companies, hospitals and physician organizations, manufacturers, medical device companies, and health plans. He guides venture capital groups, private equity funds, investment banks, and other investors on health care regulatory issues in connection with financing, mergers and acquisitions, and restructuring.

Ryan’s work is greatly informed by his experience as a teacher. Prior to attending law school, Ryan earned a master’s degree in education and taught at an under-resourced Catholic middle school. He is known for his ability to communicate clearly and to coordinate large teams working on complex matters. Outside of his health law practice, Ryan has been repeatedly recognized for his public service and pro bono work. He has successfully handled numerous education-related cases, helped establish three nonprofit organizations and defended qualified recipients of disability benefits.

Read more about Ryan P. Blaney
Show more Show less
Photo of Robert E. Plaze Robert E. Plaze

Robert Plaze advises investment advisers, investment companies, hedge funds, private equity funds and their service providers on regulatory and compliance issues under the federal securities laws. Following nearly 30 years in the SEC’s Division of Investment Management, most recently as Deputy Director, Bob…

Robert Plaze advises investment advisers, investment companies, hedge funds, private equity funds and their service providers on regulatory and compliance issues under the federal securities laws. Following nearly 30 years in the SEC’s Division of Investment Management, most recently as Deputy Director, Bob is a partner in Proskauer’s Registered Funds Group.

At the SEC, Bob was responsible for policy development and management of the key regulatory initiatives affecting investment companies and investment advisers, including rules governing fund and adviser compliance programs, money market funds, fund corporate governance, personal trading, custody and brokerage practices, prohibitions on “pay to play” practices, and protection of investor privacy. After the passage of the Dodd-Frank Act, Bob was responsible for rulemaking requiring advisers to private funds to register with the SEC, providing new exemptions from registration and requiring reporting by certain exempt advisers.

Bob’s comprehensive outline of the SEC’s regulation of investment advisers is relied on by lawyers and compliance professionals throughout the industry.

Read more about Robert E. Plaze
Show more Show less
Photo of Robert Pommer Robert Pommer

Robert W. Pommer III is a partner in the Litigation Department and a member of Proskauer’s Securities Litigation, White Collar Defense & Investigations groups and the Asset Management Litigation team.

Bob’s practice focuses on a broad range of securities-related enforcement and compliance issues.

Robert W. Pommer III is a partner in the Litigation Department and a member of Proskauer’s Securities Litigation, White Collar Defense & Investigations groups and the Asset Management Litigation team.

Bob’s practice focuses on a broad range of securities-related enforcement and compliance issues. He represents private fund managers, financial institutions, public companies, and their senior executives in enforcement investigations and litigation conducted by the SEC, the U.S. Department of Justice, and other governmental entities and financial services regulators. He also conducts internal investigations and counsels investment advisers and public companies on regulatory compliance, corporate governance and other SEC-related issues.

Prior to his career in private practice, Bob served as Assistant Chief Litigation Counsel in the SEC’s Division of Enforcement for nine years. While there, he investigated and litigated several high-profile cases involving complex financial fraud and audit failures. Bob also worked on enforcement actions involving insider trading, investment adviser and broker-dealer issues, market manipulation and other violations of the federal securities laws.

Read more about Robert Pommer
Show more Show less
Photo of Robert Sutton Robert Sutton

Robert is a partner of the Private Funds Group and a member of the Corporate Department. He is a seasoned practitioner with over 20 years of experience counseling managers and advisers of private funds on regulatory matters, as well as regulatory issues related…

Robert is a partner of the Private Funds Group and a member of the Corporate Department. He is a seasoned practitioner with over 20 years of experience counseling managers and advisers of private funds on regulatory matters, as well as regulatory issues related to the formation and operation of private equity, credit, real estate, infrastructure, hedge and other private funds.

Rob has a deep knowledge of the market practice of asset managers and in particular, as it relates to Advisers Act-related issues. From some of the largest and most sophisticated firms in the global asset management industry to start-ups and mid-sized firms, Rob’s experience includes a wide spectrum of funds and asset classes across their life cycles. Rob regularly advises on matters in connection with: U.S. investment adviser registration and regulation; Advisers Act and other U.S. securities law issues relating to the formation, marketing and offering of private funds; Identifying and managing conflicts of interest, and addressing related Advisers Act risks, SEC examinations, and exam readiness preparation; Design and implementation of investment adviser compliance policies and procedures; U.S. regulatory issues relating to purchases and sales of investment advisory businesses (minority stake and control stake transactions, buy-side and sell-side representations); Advisers Act and other U.S. regulatory issues relating to private fund restructurings and recapitalizations, strip sales, continuation fund formations and similar transactions; Advisers Act issues relating to the formation of SPACs by investment advisers; and, Investment Company Act status analyses of private fund structures, investment transaction structures and other non-registered investment company structures.

Rob has been recognized by his clients and peers for his extraordinary work, gaining various accolades including mentions in preeminent directories such as The Legal 500.  He is also very active within the private funds industry, contributing to numerous publications and collaborating on several speaking engagements.

Prior to joining Proskauer, Rob was a partner in the Investment Funds Group at Kirkland & Ellis.

Read more about Robert Sutton
Show more Show less
Photo of Mark S. Audet Mark S. Audet

Mark Audet is an associate in the Corporate Department and a member of the Private Funds Group.

Mark focuses his practice on counseling investment advisers on regulatory and compliance issues under the federal securities laws. Previously, Mark was a securities compliance examiner in…

Mark Audet is an associate in the Corporate Department and a member of the Private Funds Group.

Mark focuses his practice on counseling investment advisers on regulatory and compliance issues under the federal securities laws. Previously, Mark was a securities compliance examiner in the U.S. Securities and Exchange Commission’s Division of Examinations (formerly the Office of Compliance Inspections and Examinations), where he conducted regulatory examinations of registered investment advisers to hedge funds, private equity funds, credit funds, mutual funds, BDCs, and other asset classes.

Before joining Proskauer, Mark was Chief Compliance Officer and Counsel at Matrix Capital Management, a long/short hedge fund based outside of Boston.

Read more about Mark S. Audet
Show more Show less
Related Posts
Shining a Light on the Corporate Transparency Act: FinCEN’s Rules for Beneficial Ownership Reporting
January 18, 2023
SolarWinds: A Lesson on How Companies Victimized by Data Breaches Can Quickly Become the Target of Litigation and Regulatory Investigations
November 16, 2022
SolarWinds Vendor Supply Chain Attack: A Timely Reason to Review Procedures for Risk Assessments and Vendor Contracts
December 21, 2020