Publications

• The Future of AI Regulation (Part 3): The FTC’s New Guidance on Using AI Truthfully, Fairly, and Equitably
  3 May 2021
  Avi Gesser
  ,
  Parker C. Eudy
  ,
  Anna R. Gressel
• The Future of AI Regulation (Part 2): Draft Legislation from the European Commission Shows the Coming AI Legal Landscape
  26 April 2021
  Avi Gesser
  ,
  Anna R. Gressel
  ,
  Steven Tegrar
• Part 1 on the Future of AI Regulation — The RFI on AI from U.S. Banking Regulators
  21 April 2021
  Avi Gesser
  ,
  Anna R. Gressel
  ,
  Amy Aixi Zhang
• Effective Access Controls, Timely Breach Notification and Other Takeaways from the Latest NYDFS Cyber Resolution
  15 April 2021
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Johanna N. Skrzypczyk
  ,
  Parker C. Eudy
  ,
  Christopher S. Ford
  ,
  Mengyi Xu
• The SEC’s Cybersecurity Priorities for Registered Investment Advisers—Looking Back to Anticipate the Road Ahead
  11 March 2021
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Tricia Reville
  ,
  Mengyi Xu
• First DFS Resolution Under Its Cyber Rules Highlights the Risks of Inadequate Cyber Investigations
  8 March 2021
  Luke Dembosky
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Christopher S. Ford
  ,
  Alexandra N. Mogul
• Virginia Enacts a Comprehensive Privacy Law—Similarities and Differences Among VCDPA, CCPA and GDPR
  5 March 2021
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Javier Alvarez-Oviedo
  ,
  Christopher Garrett
  ,
  Anna R. Gressel
  ,
  Robert Maddox
  ,
  Alexandra P. Swain
  ,
  Scott M. Caravello
  ,
  Tricia Reville
• Compliance & Enforcement: Tips for Creating a Sensible Cybersecurity and AI Risk Framework for Critical Vendors
  22 February 2021
  Compliance & Enforcement
  Avi Gesser
  ,
  Anna R. Gressel
  ,
  Zila Reyes Acosta-Grimes
  ,
  Michael Bloom
• Eleven Lessons From Cyber Hack That Forced an Australian Hedge Fund to Close — The Hedge Fund Law Report Interview with Avi Gesser
  17 February 2021
  Avi Gesser
• Tips for Creating a Sensible Cybersecurity and AI Risk Framework for Critical Vendors
  16 February 2021
  Avi Gesser
  ,
  Michael Bloom
  ,
  Anna R. Gressel
  ,
  Zila Reyes Acosta-Grimes
• Law360: SEC Settlement With Hedge Fund Offers Corporate AI Lessons
  28 January 2021
  Law360
  Avi Gesser
  ,
  Robert B. Kaplan
  ,
  Valerie A. Zuckerman
  ,
  James B. Amler
  ,
  Anna R. Gressel
  ,
  Steven Tegrar
  ,
  Tricia Reville
• Compliance & Enforcement: Destruction Emerges as a Powerful Enforcement Measure for AI: FTC Requires Company to Delete Models Trained with Improperly Utilized Consumer Data
  22 January 2021
  Compliance & Enforcement:
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Justin C. Ferrone
  ,
  Anna R. Gressel
  ,
  Paul D. Rubin
  ,
  Melissa Runsten
• Destruction Emerges as a Powerful Enforcement Measure for AI: FTC Requires Company to Delete Models Trained with Improperly Utilized Consumer Data
  19 January 2021
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Paul D. Rubin
  ,
  Justin C. Ferrone
  ,
  Anna R. Gressel
  ,
  Melissa Runsten
• Regulatory Risks for Not Disclosing Trading Algorithms - Five Takeaways from the SEC’s $170 million Settlement with BlueCrest Capital
  12 January 2021
  Avi Gesser
  ,
  Robert B. Kaplan
  ,
  James B. Amler
  ,
  Anna R. Gressel
  ,
  Steven Tegrar
  ,
  Valerie A. Zuckerman
• 2020/2021 Private Equity Year End Review and Outlook
  7 January 2021
  Jonathan Adler
  ,
  William D. Regner
  ,
  John W. Rife III
  ,
  Alisa A. Waxman
  ,
  Jennifer R. Cestaro
  ,
  Katherine Ashton
  ,
  E. Drew Dutton
  ,
  Jane Engelhardt
  ,
  Andrew C. Rearick
  ,
  Eric N. Fischer
  ,
  Thomas Smith
  ,
  Ramya S. Tiller
  ,
  Christopher Anthony
  ,
  Kevin M. Schmidt
  ,
  Maurizio Levi-Minzi
  ,
  Geoffrey P. Burgess
  ,
  Dominic Blaxill
  ,
  William Y. Chua
  ,
  Wen-Wei Lai
  ,
  Jyotin Hamid
  ,
  Morgan J. Hayes
  ,
  Steven J. Slutzky
  ,
  David L. Wayne
  ,
  Richard Ward
  ,
  Jennifer Wheater
  ,
  Paul Eastham
  ,
  Peter A. Furci
  ,
  Rafael Kariyev
  ,
  Jay E. Evans
  ,
  Samuel D. Krawiecz
  ,
  Andrew L. Bab
  ,
  Jennifer L. Chu
  ,
  Paul D. Rubin
  ,
  Jacob W. Stahl
  ,
  Kim Le
  ,
  Jyotin Hamid
  ,
  Meir D. Katz
  ,
  Jonathan F. Lewis
  ,
  Tricia Bozyk Sherno
  ,
  Ezra Borut
  ,
  Jeffrey P. Cunard
  ,
  Marc Ponchione
  ,
  Kenneth J. Berman
  ,
  Gregory T. Larkin
  ,
  Norma Angelica Freeland
  ,
  Patricia Volhard
  ,
  Christopher Dortschy
  ,
  Jin-Hyuk Jang
  ,
  John Young
  ,
  Andrew J. Ceresney
  ,
  Robert B. Kaplan
  ,
  Julie M. Riewe
  ,
  Merryl Lawry-White
  ,
  Sally Bergmann
  ,
  Scott B. Selinger
  ,
  Stuart Hammer
  ,
  Luke Dembosky
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Megan K. Bannigan
  ,
  David H. Bernstein
  ,
  M. Natasha Labovitz
  ,
  Sidney P. Levinson
  ,
  Peter J. Irwin
  ,
  Malina Welman
  ,
  Paul S. Bird
• Banking Agencies Propose 36-Hour Data Breach Reporting Rules for Significant Incidents
  18 December 2020
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Satish M. Kini
  ,
  Gregory J. Lyons
  ,
  Jim Pastore
  ,
  Zila Reyes Acosta-Grimes
  ,
  Alex Henry
  ,
  Alexandra N. Mogul
  ,
  Courtney Bradford Pike
  ,
  Amy Aixi Zhang
• SEC Enforcement Highlights the Risks of Not Preserving Text/Chat Messages—Practical Tips for Aligning Policies with Practices to Reduce Risk
  14 December 2020
  Avi Gesser
  ,
  Julie M. Riewe
  ,
  Jeff Robins
  ,
  Chana Zuckier
• Compliance & Enforcement: Post-Election Law Privacy Law Prospects
  6 November 2020
  Compliance & Enforcement
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Frank Colleluori
  ,
  Mengyi Xu
  ,
  Jeffrey P. Cunard
  ,
  Luke Dembosky
  ,
  Tigist Kassahun
• CFPB Seeks Public Comment in Implementing Dodd-Frank’s Consumer Right of Access to Financial Records
  2 November 2020
  Courtney M. Dankworth
  ,
  Avi Gesser
  ,
  James B. Amler
  ,
  Anna R. Gressel
  ,
  Christian J. Clark
• Companies Face Increased Sanctions Risk for Making Ransomware Payments — Takeaways from the Latest OFAC and FinCEN Advisories
  7 October 2020
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Satish M. Kini
  ,
  Paul M. Rodel
  ,
  David G. Sewell
  ,
  Zila Reyes Acosta-Grimes
  ,
  Martha Hirst
  ,
  Robert Maddox
  ,
  Mengyi Xu
• It’s Time to Take Credential Stuffing Seriously
  30 September 2020
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Marc Ponchione
  ,
  Gregory T. Larkin
  ,
  Norma Angelica Freeland
  ,
  Robert Maddox
• A Top Five Checklist for Automated Back-to-Work Covid Questionnaires
  22 September 2020
  Avi Gesser
  ,
  Tricia Bozyk Sherno
  ,
  Joshua B. Pickar
• Bloomberg Law: AI Legal Work Is Mirroring Cybersecurity Practice Path
  10 September 2020
  Bloomberg Law
  Luke Dembosky
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Anna R. Gressel
• The UK School Algorithm Debacle: Five Lessons for Corporate AI Programs
  25 August 2020
  Avi Gesser
  ,
  Robin Lööf
  ,
  Anna R. Gressel
• Compliance & Enforcement: Cybersecurity Requirements for Insurance Companies – The NYDFS Rules as the Emerging Standard
  19 August 2020
  Compliance & Enforcement
  Luke Dembosky
  ,
  Avi Gesser
  ,
  AJ Salomon
• Cybersecurity Requirements for Insurance Companies – The NYDFS Rules as the Emerging Standard
  12 August 2020
  Luke Dembosky
  ,
  Avi Gesser
  ,
  AJ Salomon
• Developing Regulatory Scrutiny of Underwriting Factors
  5 August 2020
  Eric R. Dinallo
  ,
  Avi Gesser
  ,
  Susan Reagan Gittes
  ,
  Maeve O'Connor
  ,
  Robert M. Fettman
  ,
  AJ Salomon
• Compliance & Enforcement: Schrems II – Where are we now?
  5 August 2020
  Compliance & Enforcement
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Dr. Friedrich Popp
  ,
  Christopher Garrett
  ,
  Fanny Gauthier
  ,
  Robert Maddox
  ,
  Mengyi Xu
• Data Accountability and Transparency Act of 2020
  4 August 2020
  Eric R. Dinallo
  ,
  Susan Reagan Gittes
  ,
  Avi Gesser
  ,
  Maeve O'Connor
  ,
  Robert M. Fettman
  ,
  AJ Salomon
• Schrems II: Privacy Shield Invalid and Severe Challenges for Standard Contractual Clauses
  17 July 2020
  Jeffrey P. Cunard
  ,
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Dr. Thomas Schürrle
  ,
  Alexandre Bisch
  ,
  Christopher Garrett
  ,
  Fanny Gauthier
  ,
  Anna R. Gressel
  ,
  Robert Maddox
  ,
  Dr. Friedrich Popp
• OCC Invites Public Comment on Potential Revisions to Rules Affecting Bank Fintech Activities
  8 June 2020
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Satish M. Kini
  ,
  Gregory J. Lyons
  ,
  Jeff Robins
  ,
  Alison M. Hashmall
  ,
  David G. Sewell
  ,
  Danjie Fang
  ,
  Anna R. Gressel
• CCPA Regulations Submitted to the California Office of Administrative Law for Publication
  4 June 2020
  Jeffrey P. Cunard
  ,
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Lisa Zornberg
  ,
  H Jacqueline Brehmer
  ,
  Christopher S. Ford
  ,
  Alexandra P. Swain
• French Authorities’ Cybersecurity Tips for Companies and Their Employees Working from Home
  21 May 2020
  Antoine F. Kirry
  ,
  Alexandre Bisch
  ,
  Alice Stosskopf
  ,
  Fanny Gauthier
  ,
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
• Can Contact Tracing Apps Help Get Many of Us Back to Work Soon? A Framework for Evaluating the Various Options and Legal Concerns
  24 April 2020
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Anna R. Gressel
  ,
  Joshua B. Pickar
  ,
  Suchita Mandavilli Brundage
  ,
  Samantha B. Singh
• COVID-19: Three Data Protection Tips for the EU and the UK
  23 March 2020
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jane Shvets
  ,
  Alexandre Bisch
  ,
  Fanny Gauthier
  ,
  Robert Maddox
  ,
  Dr. Friedrich Popp
• California AG Updates Draft CCPA Regulations (Again)
  19 March 2020
  Jeffrey P. Cunard
  ,
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Henry Lebowitz
  ,
  Jim Pastore
  ,
  Lisa Zornberg
• U.S. Legal Considerations for Remote Work Arrangements in the Wake of COVID-19
  17 March 2020
  Tricia Bozyk Sherno
  ,
  Jyotin Hamid
  ,
  Avi Gesser
  ,
  Jeremy Feigelson
• Debevoise Coronavirus Checklists—Cybersecurity
  10 March 2020
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Lisa Zornberg
  ,
  Tricia Bozyk Sherno
  ,
  Hilary Davidson
  ,
  Christopher S. Ford
• In re: Marriott International Inc., Customer Data Security Breach Litigation
  27 February 2020
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Lisa Zornberg
  ,
  Suchita Mandavilli Brundage
• Fifteen Ways to Reduce Regulatory and Reputational Risks for Your AI-Powered Applications – Lessons from Recent Court Decisions and Regulatory Activity
  20 February 2020
  Jeffrey P. Cunard
  ,
  Luke Dembosky
  ,
  Avi Gesser
  ,
  Henry Lebowitz
  ,
  Jim Pastore
  ,
  Lisa Zornberg
  ,
  Anna R. Gressel
  ,
  Steven Tegrar
• Proposed Modifications to CCPA Regulations - Top Takeaways
  12 February 2020
  Jeffrey P. Cunard
  ,
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Javier Alvarez-Oviedo
  ,
  H Jacqueline Brehmer
  ,
  Christopher S. Ford
• The Practical Implications of the National Securities Clearing Corporation’s New Cybersecurity Rules
  7 February 2020
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Jim Pastore
  ,
  Julie M. Riewe
  ,
  Paul M. Rodel
  ,
  Lisa Zornberg
  ,
  H Jacqueline Brehmer
• SEC’s New Cyber Observations Highlight Operational Resiliency
  4 February 2020
  Luke Dembosky
  ,
  Jeremy Feigelson
  ,
  Avi Gesser
  ,
  Robert B. Kaplan
  ,
  Jim Pastore
  ,
  Julie M. Riewe
  ,
  Lisa Zornberg
  ,
  H Jacqueline Brehmer
  ,
  Stephanie M. Cipolla
  ,
  Christopher S. Ford