Womble Bond Dickinson attorneys Ted Claypoole and Tara Cho were quoted in Legaltech News discussing the biggest developments in data privacy and cybersecurity during 2023.
Ted Claypoole commented that “2023 saw a return to simple fraud and brazen extortion from cybercriminals as instances of man-in-the-middle attacks and false invoice presentation exploded and one ransomware group actually filed a complaint with the SEC to force its victim to pay. The Black Cat/ALPHV ransomware group filed an SEC complaint under new reporting rules alleging that one of their victims failed to disclose a cyberattack to the SEC within the required four days. This was likely not what the SEC anticipated by requiring public companies to report cyberattacks.”
Tara Cho noted that “an amended CCPA and four new state privacy laws became effective in 2023, and seven other states enacted comprehensive privacy laws effective in 2024 and beyond. A common thread across those laws relates to consumer rights to receive notice of and the ability to limit or opt out of certain online tracking, targeting and profiling. As companies tried to address those requirements with preference centers, universal opt out mechanisms and global privacy controls, a wave of litigation claims and arbitration demands emerged. These complaints alleged violations of state invasion of privacy laws and wiretap laws, among others, all associated with the use of certain pixels and similar technologies.”