Reading Materials | NYU School of Law

9:00am – 10:05 am (65 minutes)

Panel: Managing an Effective Privacy Program in a Time of Increasing Regulatory and Legal Risk

Panel Description: The panel will include attorneys who specialize in privacy law and policy and will discuss issues such as: (1) How can companies keep pace with the swift cadence of new privacy laws and growing requirements?; (2) What are the regulatory expectations?; (3) What are some of the common pitfalls and missteps that regulators are seeing?; (4) What are the components of a privacy compliance program?; (5) Should you appoint a chief privacy officer? What about a data protection officer?; (6) How can firms manage cross-border data transfers while minimizing regulatory risk?; (7) How can firms get a grasp on the volume and scope of the personal data they process?; (8) What are the strategies for timely complying with data subject access requests?; (9) Should a company maintain an incident response plan for privacy related incidents?; (10) What are effective oversight tips for managing third parties who process personal data on before of the company?; (11) How does a firm ensure that its written, public-facing privacy policy aligns with how the firm actually processes personal data?; and (12) What advice does the panel have for firms with mature privacy programs? And for those just getting started?

Avi Gesser et al., California Privacy Protection Agency Begins CCPA Rulemaking for Cybersecurity Audits, Debevoise & Plimpton Data Blog (Sept. 20 2023), https://www.debevoisedatablog.com/2023/09/20/california-privacy-protection-agency-begins-ccpa-rulemaking-for-cybersecurity-audits/ .

Avi Gesser et al., Eight GDPR Questions when Adopting Generative AI, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Oct. 11, 2023), https://wp.nyu.edu/compliance_enforcement/2023/10/11/eight-gdpr-questions-when-adopting-generative-ai/ .

Avi Gesser et al., The Digital Services Act (DSA) Transforms Regulation of Online Intermediaries, Debevoise & Plimpton Data Blog (July 18, 2023), https://www.debevoisedatablog.com/2022/07/18/the-digital-services-act-dsa-transforms-regulation-of-online-intermediaries/ .

Avi Gesser et al., The Final Colorado AI Insurance Regulations: What’s new and How to Prepare, Debevoise & Plimpton Data Blog (Oct. 3, 2023), https://www.debevoisedatablog.com/2023/10/03/the-final-colorado-ai-insurance-regulations-what-has-changed-and-how-to-prepare-for-compliance/ .

Avi Gesser et al., The New York Attorney General Issues Guidance on Data Security Best Practices, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (June 27, 2023), https://wp.nyu.edu/compliance_enforcement/2023/06/27/the-new-york-attorney-general-issues-guidance-on-data-security-best-practices/.

Dr. Martin Braun et al., Certification Under the EU-US Data Privacy Framework, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (July 25, 2023), https://wp.nyu.edu/compliance_enforcement/2023/07/25/certification-under-the-eu-u-s-data-privacy-framework/ .

Dr. Martin Braun et al., Significant Improvements for International Transfers of Personal Data – Adequacy Decision for the New EU-U.S. Data Privacy Framework Adopted by the European Commission, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (July 14, 2023), https://wp.nyu.edu/compliance_enforcement/2023/07/14/significant-improvements-for-international-transfers-of-personal-data-adequacy-decision-for-the-new-eu-u-s-data-privacy-framework-adopted-by-the-european-commission/ .

Elisa Jillson, Protecting the Privacy of Health Information: A Baker’s Dozen of Takeaways from FTC Cases, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Sept. 4, 2023), https://wp.nyu.edu/compliance_enforcement/2023/09/04/protecting-the-privacy-of-health-information-a-bakers-dozen-of-takeaways-from-ftc-cases/ .

Federal Trade Commission, Collecting, Using, or Sharing Consumer Health Information? Look to HIPAA, The FTC Act, and the Health Breach Notification Rule, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Oct. 4, 2023), https://wp.nyu.edu/compliance_enforcement/2023/10/04/collecting-using-or-sharing-consumer-health-information-look-to-hipaa-the-ftc-act-and-the-health-breach-notification-rule/ .

Jeremy Feigelson et al., Getting Ready for 2023: What Companies Can Do Now to Prepare for New Privacy Laws, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Dec. 20, 2021), https://wp.nyu.edu/compliance_enforcement/2021/12/20/getting-ready-for-2023-what-companies-can-do-now-to-prepare-for-new-privacy-laws/ .

Joseph Facciponti, Notes from IAPP’s Global Privacy Summit 2023: Skynet Will Not Become Self-Aware (But Still Presents Risks) and the CFPB Seeks to Hold Individuals Accountable, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Apr. 7, 2023), https://wp.nyu.edu/compliance_enforcement/2023/04/07/notes-from-iapps-global-privacy-summit-2023-skynet-will-not-become-self-aware-but-still-presents-risks-and-the-cfpb-seeks-to-hold-individuals-accountable/.

Jyotin Hamid et al., Notice of Electronic Monitoring to Employees – New Requirements for NY State Employers, Debevoise & Plimpton Data Blog (Feb. 23, 2022), https://www.debevoisedatablog.com/2022/02/23/notice-of-electronic-monitoring-to-employees-new-requirements-for-ny-state-employers/ .

Michael T. Borgia, et al., Delaware’s New Personal Data Privacy Act, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Sept. 19, 2023), https://wp.nyu.edu/compliance_enforcement/2023/09/19/delawares-new-personal-data-privacy-act/ .

Nancy Libin et al., Oregon Consumer Privacy Act Signed Into Law, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Aug. 3, 2023), https://wp.nyu.edu/compliance_enforcement/2023/08/03/oregon-consumer-privacy-act-signed-into-law/ .

Alexander H. Southwell and Snezhana Stadnik Tapia, U.S. Cybersecurity and Data Privacy Outlook and Review – 2023, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Mar. 7, 2022), https://wp.nyu.edu/compliance_enforcement/2023/03/07/u-s-cybersecurity-and-data-privacy-outlook-and-review-2023/ .

10:25 am – 11:05 am (40 minutes)

Presentation and Fireside Chat: Does Regulation Result in Better Privacy Compliance by Firms?

Description: This presentation will consist of a 20-minute presentation by an NYU Law professor followed by a 20-minute fireside chat, with the fireside chat also taking questions from the audience. Topics covered during both the presentation and the fireside chat include: (1) How do you define “privacy”? What privacy interests ought to be protected by law?; (2) What do each of you think of the current patchwork of privacy laws – what’s works and what doesn’t?; (3) How would you feel about a comprehensive national privacy law in the U.S.? What would you like to see in it?; (4) Are there any areas of privacy that particularly concern/interest you right now? How about biometrics? Children’s online privacy? Mass surveillance?; (5) When we talk about privacy, are we talking about different things when we talk about surveillance by the government and surveillance by the private sector? Is either of these more concerning to you?; (6) Do consumers actually care about their personal data?; (7) What can consumers do to ensure that their privacy is protected?

Avi Gesser et al., California’s Age-Appropriate Design Code Act Expands Businesses’s Privacy Obligations Regarding Minors, Debevoise & Plimpton Data Blog (Sept. 19, 2022), https://www.debevoisedatablog.com/2022/09/19/californias-age-appropriate-design-code-act-expands-privacy-obligations-for-minors/ .

Avi Gesser et al., The Arrival of 2023 U.S. State Privacy Laws – Part 2: Colorado Update, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Feb. 7, 2023), https://wp.nyu.edu/compliance_enforcement/2023/02/07/the-arrival-of-2023-u-s-state-privacy-laws-part-2-colorado-update/ .

Elisa Jillson, Protectting the Privacy of Health Information: A Baker’s Dozen of Takeaways from FTC Cases, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Sept. 4, 2023), https://wp.nyu.edu/compliance_enforcement/2023/09/04/protecting-the-privacy-of-health-information-a-bakers-dozen-of-takeaways-from-ftc-cases/ .

Florencia Marotta-Wurgler, Self-Regulation and Competition in Privacy Policies (June 2016). Journal of Legal Studies, Vol. 45, No. 2, 2016, NYU Law and Economics Research Paper No. 17-10 https://ssrn.com/abstract=2959102.

Florencia Marotta-Wurgler, Understanding Privacy Policies: Content, Self Regulation, and Markets, NYU Center for Law, Economics and Organization, (Jan. 3, 2016), https://deliverypdf.ssrn.com/delivery.php?ID=624013110082094065000025028107092011052056061029027087091072078125103067125121071074053002099029105061121072065030064070078069039041082054021077087019122121066029058042034096070004077015097029125099064126095107064125126116099091067026102001089091111&EXT=pdf&INDEX=TRUE .

Kevin Davis and Florencia Marotta-Wurgler, Contracting for Personal Data NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Dec. 4, 2019), https://wp.nyu.edu/compliance_enforcement/2019/12/04/contracting-for-personal-data/ .

11:15 am – 12:20pm (65 minutes)

Panel: Effectively Addressing Dark Patterns and the Unfair Manipulation of Consumer Choices

Panel Description: The panel will include attorneys who specialize in privacy law and policy, including the emerging law regulating “dark patterns”, and will discuss issues such as: (1) What are “dark patterns”? When do design features cross the line between merely being persuasive to being unfairly manipulative? How widespread is the use of “dark patterns”?; (2) Why are “dark patterns” a problem and how can they harm consumers?; (3) How do consumers actually make decisions online? What heuristics do they use? What are the ways manipulative design features can hijack consumer choice?; (4) Discussion of actual and hypothetical use cases; (5) Discussion of regulatory enforcement actions. Are the enforcement actions likely to be an effective deterrent to manipulative behavior? Or will they stifle legitimate business activity?; (6) What current U.S. (and maybe EU) laws and regulations expressly or indirectly regulate dark patterns? What laws and regulations are in the pipeline?; and (7) Are the laws effective in protecting consumers? Are the laws overbroad and prohibit legitimate business practices?

Avi Gesser et al., CPRA Rulemaking is Underway – Getting Ahead of Enforcement Risks Debevoise & Plimpton Data Blog (July 28, 2022), https://www.debevoisedatablog.com/2022/07/28/cpra-rulemaking-is-underway-getting-ahead-of-enforcement-risks/ .

Avi Gesser et al., Dark Patterns: What Are They and How Can Companies Avoid Regulatory Scrutiny?, Debevoise & Plimpton Data Blog (Oct. 12, 2022), https://www.debevoisedatablog.com/2022/10/12/dark-patterns-what-are-they-and-how-can-companies-avoid-regulatory-scrutiny/ .

Avi Gesser et al., The Digital Services Act (DSA) Transforms Regulation of Online Intermediaries, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (July 26, 2022), https://wp.nyu.edu/compliance_enforcement/2022/07/26/the-digital-services-act-dsa-transforms-regulation-of-online-intermediaries/ .

Courtney M. Dankworth et al., CFPB Advisory on Placement Practives May Have Broader Market Implications, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Mar. 3, 2022), https://wp.nyu.edu/compliance_enforcement/2023/03/03/cfpb-advisory-on-placement-practices-may-have-broader-market-implications/ .

Courtney M. Dankworth et al., CFPB’s Report on Buy Now, Pay Later, Debevoise & Plimpton Data Blog (Oct. 3, 2022), https://www.debevoisedatablog.com/2022/10/03/cfpbs-report-on-buy-now-pay-later/ .

Courtney M. Dankworth et al., National Association of Attorneys General’s 2023 Consumer Protection Spring Conference, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (June 16, 2023), https://wp.nyu.edu/compliance_enforcement/2023/06/16/national-association-of-attorneys-generals-2023-consumer-protection-spring-conference/ .

Christopher Jon Sprigman and Tontrup, Stephan, Privacy Decisions are not Private: How the Notice and Choice Regime Induces us to Ignore Collective Privacy Risks and what Regulation Should Do About It (February 15, 2023). NYU Law and Economics Research Paper No. 23-22, https://ssrn.com/abstract=4359681 or http://dx.doi.org/10.2139/ssrn.4359681

Kirk J. Nahra et al., FTC Warns Companies about Generative AI, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (April 20, 2023), https://wp.nyu.edu/compliance_enforcement/2023/05/22/ftc-warns-companies-about-generative-ai/ .

Kristof Van Quathem et al., EDPB Publishes Report of Cookie Banners Taskforce, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Mar 1, 2023), https://wp.nyu.edu/compliance_enforcement/2023/03/01/edpb-publishes-report-of-cookie-banners-taskforce/ .

Susanna M. Buergel et al., CFPB Issues Policy Statement Taking Expansive View of “Abusive” Practices, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (May 19, 2023), https://wp.nyu.edu/compliance_enforcement/2023/04/20/cfpb-issues-policy-statement-taking-expansive-view-of-abusive-practices/ .

1:30pm – 2:35pm (65 minutes)

Panel: Managing an Effective Cybersecurity Program in a Time of Increasing Threats and Disclosure Requirements

Panel Description: The panel will include attorneys who specialize in cybersecurity law and policy and will discuss issues such as: (1) What are the biggest threats out there now?; (2) How can companies keep pace with the swift cadence of new and evolving cybersecurity laws and growing disclosure requirements?; (3) What compliance issues does the SEC’s new cyber disclosure regulations present to issuers?; (4) How can firms ensure they effectively comply with the 4-day disclosure deadline while in the middle of responding to a cybersecurity incident?; (5) What are the regulatory expectations? What are some of the common pitfalls and missteps that regulators are seeing?; (6) What are the components of an effective cybersecurity compliance program?; (7) Who should be responsible for the cybersecurity program? Should you appoint a CISO?; (8) How can firms identify and assess their vulnerabilities?; (9) What should be included in an incident response plan? How often should firms conduct tabletop exercises?; (10) What are effective oversight tips for managing third party cybersecurity risk? Supply chain risk?; and (11) How can firms identify and mitigate threats from insiders?

Alexander Southwell et al., The Biden Administration Signals New Direction for Cybersecurity, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (May 3, 2023), https://wp.nyu.edu/compliance_enforcement/2023/05/03/the-biden-administration-signals-new-direction-for-cybersecurity/.

Benjamin A. Powell et al., Federal Agencies Publish New Version of the #StopRansomware Guide, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (June 19, 2023), https://wp.nyu.edu/compliance_enforcement/2023/06/19/federal-agencies-publish-new-version-of-the-stopransomware-guide/.

Charu A. Chandrasekhar et al., SEC Adopts New Cybersecurity Rules for Issuers, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Aug. 1, 2023), https://wp.nyu.edu/compliance_enforcement/2023/08/01/sec-adopts-new-cybersecurity-rules-for-issuers/.

Charu Chandrasekhar et al., SEC Adopts New Cybersecurity Rules for Issuers Debevoise & Plimpton Data Blog (July 28, 2023), https://www.debevoisedatablog.com/2023/07/28/sec-adopts-new-cybersecurity-rules-for-issuers/ .

Charu Chandrasekhar et al., SEC Adopts New Cybersecurity Rules for Issuers – Part 2 Key Takeaways Debevoise & Plimpton Data Blog (July 28, 2023), https://www.debevoisedatablog.com/2023/08/07/sec-adopts-new-cybersecurity-rules-for-issuers-part-2-key-takeaways/ .

Consumer Financial Protection Bureau, Policy Statement on Abusive Acts or Practices, CFPB (Apr. 03, 2023), https://www.consumerfinance.gov/compliance/supervisory-guidance/policy-statement-on-abusiveness/#:~:text=In%20CFPA%20section%201031%2C%20Congress,consumer%20financial%20products%20or%20services. .

Edward Stroz and Carl S. Young, Cyber Security Governance for Board of Directors, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & ENF’T BLOG (Aug. 18, 2023), https://wp.nyu.edu/compliance_enforcement/2023/08/18/cyber-security-governance-for-boards-of-directors/ .

John F. Savarese & Wayne M. Carlin, A Sign of the Times in SEC Cyber Enforcement, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Apr. 12, 2023), https://wp.nyu.edu/compliance_enforcement/2023/04/12/a-sign-of-the-times-in-sec-cyber-enforcement/.

John F. Savarese et al., Cybersecurity Oversight and Defense – A Board and Management Imperative, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (May 12, 2021), https://wp.nyu.edu/compliance_enforcement/2021/05/12/cybersecurity-oversight-and-defense-a-board-and-management-imperative/ .

Kathleen McGee et al., Biden Administration Aims to Shift Liability for Cyberattacks to Software Developers, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Apr. 12, 2023), https://wp.nyu.edu/compliance_enforcement/2023/04/12/biden-administration-aims-to-shift-liability-for-cyberattacks-to-software-developers/.

Luke Dembosky et al., A Late Winter Blizzard of SEC Cybersecurity Rulemaking: the Proposed BD Cybersecurity Rules and Expanded Reg S-P and Reg SCI Obligations, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Mar. 30, 2023), https://wp.nyu.edu/compliance_enforcement/2023/03/30/a-late-winter-blizzard-of-sec-cybersecurity-rulemaking-the-proposed-bd-cybersecurity-rules-and-expanded-reg-s-p-and-reg-sci-obligations/.

Luke Dembosky et al., Security by Design and Default: CISA Looks to Drive Changes in Manufacturer Responsibility, Consumer Education and Private-Public Information Sharing Debevoise & Plimpton Data Blog (Aug. 14, 2023), https://www.debevoisedatablog.com/2023/08/14/security-by-design-and-default-cisa-looks-to-drive-changes-in-manufacturer-responsibility-consumer-education-and-private-public-information-sharing/ .

Susanna M. Buergel et al., CFPB Issues Policy Statement Taking Expansive View of “Abusive” Practices, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & ENF’T BLOG (Apr. 20, 2021), https://wp.nyu.edu/compliance_enforcement/2023/04/20/cfpb-issues-policy-statement-taking-expansive-view-of-abusive-practices/ .

2:55pm – 4:00pm (65 minutes)

Panel: The NYDFS Cybersecurity Rule Amendments and Their Implications for Firms Beyond the Financial Sector

Panel Description: The panel will include attorneys who specialize in cybersecurity law and policy, including the NYDFS cybersecurity rules and enforcement actions, and will discuss issues such as: (1) How can covered entities best implement, and what are the issues with, requirements such as: senior government body approval of cybersecurity policies; annual risk assessments; new reporting obligations; ransomware reporting obligations; the provision of resources to the CISO; and new enforcement provisions; (2) What will the NYDFS be looking for in terms of reporting, compliance, cooperation, incident response, mitigation, and remediation of issues?; (3) How are the Part 500 amendments likely to drive cybersecurity compliance for non-covered entities and entities beyond the financial sector?; and (4) What obligations do law firms that represent covered entities have under the revised rules?

H. Southwell and Snezhana Stadnik Tapia, U.S. Cybersecurity and Data Privacy Outlook and Review – 2023, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Mar. 7, 2022), https://wp.nyu.edu/compliance_enforcement/2023/03/07/u-s-cybersecurity-and-data-privacy-outlook-and-review-2023/ .

Avi Gesser et al., NYDFS Publishes Official Amendments to Its Cybersecurity Regulation (Part 2) – Answers to the Top Questions from Our Webcast, Debevoise & Plimpton Data Blog (Nov. 30, 2022), https://www.debevoisedatablog.com/2022/11/30/top-questions-from-our-nydfs-webcast-part2/ .

Derek Bush, et al., Recent Government Bank Failure Reports Point to Increased Regulation and Examination Scrutiny, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (May 31, 2023), https://wp.nyu.edu/compliance_enforcement/2023/05/31/recent-government-bank-failure-reports-point-to-increased-regulation-and-examination-scrutiny/ .

Eric Dinallo et al., NYDFS Proposes Significant Changes to Its Cybersecurity Rules (Part 2) – Answers to the Top 10 Questions from Our Webcast, Debevoise & Plimpton Data Blog (Aug. 10, 2022), https://www.debevoisedatablog.com/2022/08/08/nydfs-proposes-significant-changes-to-its-cybersecurity-rules-part-2-answers-to-the-top-10-questions-from-our-webcast/ .

Lisa Sotto and Michael La Marca, NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (July 10, 2023), https://wp.nyu.edu/compliance_enforcement/2023/07/10/nydfs-proposes-updated-second-amendment-to-its-cybersecurity-regulation/ .

Lisa Sotto and Sam Grogan, CPPA Issues Draft CPRA Regulations on Risk Assessment and Cybersecurity Audit, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Aug. 31, 2023), https://wp.nyu.edu/compliance_enforcement/2023/08/31/cppa-issues-draft-cpra-regulations-on-risk-assessment-and-cybersecurity-audit/ .

Luigi L. De Ghenghi et al., NYDFS’ Virtual Currency Guidance for Banking Organizations, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Dec. 22, 2022), https://wp.nyu.edu/compliance_enforcement/2022/12/22/ny-dfs-virtual-currency-guidance-for-banking-organizations/ .

Luke Dembosky et al., Lessons from The Financial Stability Board’s Report on Cyber Incident Reporting, Debevoise & Plimpton Data Blog (May 31, 2023), https://www.debevoisedatablog.com/2023/05/31/lessons-from-the-financial-stability-boards-report-on-cyber-incident-reporting/ .

Luke Dembosky et al., NYDFS Publishes Revised Amendments to Its Cybersecurity Regulation - What Got Fixed, and What Still Needs Fixing, Debevoise & Plimpton Data Blog (July 10, 2023), https://www.debevoisedatablog.com/2023/07/10/nydfs-publishes-revised-amendments-to-its-cybersecurity-regulation/ .

Matthew L. Levine, NYDFS Monitorships: Is There an Emerging Trend?, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Feb. 3, 2023), https://wp.nyu.edu/compliance_enforcement/2023/02/03/nydfs-monitorships-is-there-an-emerging-trend/ .

Matthew L. Levine, Reading the Fine Print: The NYDFS Assessment of Comments on its Proposed Cybersecurity Amendments, NYU School of Law Program on Corporate Compliance and Enforcement: Compliance & Enf’t Blog (Oct. 5, 2023), https://wp.nyu.edu/compliance_enforcement/2023/10/05/reading-the-fine-print-the-nydfs-assessment-of-comments-on-its-proposed-cybersecurity-amendments/ .

4:15pm – 4:50pm (35 minutes)

Fireside Chat with Adrienne Harris, Moderated by Joseph Facciponti

Keynote Topics: Superintendent Harris will deliver an address that includes a discussion of the amendments to the NYDFS cybersecurity rules, the NYDFS’s policies on enforcement for cybersecurity failures, and the NYDFS’s positon on cryptocurrency regulation.

New York Department of Financial Services, DFS Superintendent Adrienne A. Harris Announces Update on Two Year Transformational Initiative to Strenghthen DFS’ Nation-Leading Virtual Currency Oversight (Sept. 18, 2023) https://www.dfs.ny.gov/reports_and_publications/press_releases/pr202309181 .