Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe.
To read more issues of Katten's Privacy, Data and Cybersecurity Quick Clicks, please click here.
SEC Adopts Rules on Cybersecurity Risk Management, Strategy, Governance and Incident Disclosure by Public Companies
By Danette Edwards, Richard Marshall and Trisha Sircar
On July 26, the Securities and Exchange Commission (SEC) adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy and governance. The SEC also adopted rules requiring foreign private issuers to make comparable disclosures. The final rules will become effective 30 days following publication of the adopting release in the Federal Register. Read more about these new rules' requirements and effective dates.
Federal Reserve Warns Against Potential Risks Posed by Quantum Computers and AI
By Dan Davis and Gary DeWaal
In an August 1 report issued to Congress (the Report), the Board of Governors of the Federal Reserve System warned that the advent of quantum computing and generative artificial intelligence could potentially pose new risks to the US financial system. The report states that these threats and others warrant unspecified "collective actions across government and strong collaboration with the private sector in advancing measures to understand and mitigate risks." Read more about the emerging threats of quantum computing through the use of machine learning tools.
Seven Leading AI Development Firms Agree to Conduct Principles That May Be Regarded as Initial Industry 'Best Practices'
By Dan Davis and Gary DeWaal
During a July 21 ceremony at the White House, seven leading developers of artificial intelligence technology voluntarily agreed to comply with eight specific commitments to help mitigate the risks of AI. The commitments emanate from three core principles that are fundamental to the future of AI according to the White House: "safety, security and trust." These commitments may be important for all firms – not just the firms that agreed to them – to consider as part of any governance implemented for developing and/or deploying AI for their own purposes (to the extent relevant). Read more about the agreements and their potential significance in the absence of relevant legislation.
India's Data Protection Law Passes Parliament Despite Privacy Concerns
By Trisha Sircar
India's Digital Personal Data Protection Bill of 2023 passed in the lower and upper houses of Parliament and now must be approved by the Indian president before it becomes law. The bill will allow private companies to transfer some Indian citizens' personal data outside of India while permitting "any instrumentality of the state" to use personal data due to national security and maintaining public order. Read more about how the bill will impact the way personal data is processed.
