Tag Archives: new york

Developing Crypto’s Regulatory Landscape: A Survey of Recent Actions by Federal Regulators to Fence Off Jurisdiction Over Virtual Currencies

In the decades that followed the enactment of the Homestead Act of 1862, more than 1.6 million U.S. citizens and intended citizens filed applications with the U.S. government to lay claim to 160 acres of land guaranteed to each applicant willing to settle, farm and improve the lands. Settlers quickly encountered a major problem. The … Continue Reading

Drone Delivery Canada’s Newest UAS to Carry 400 Pounds

Drone Delivery Canada (DDC) began development of its newest drone, the Condor, last week, which is being engineered to provide payload capacities of up to 400 pounds. The Condor will be able to accept pallet-sized payload shipments (for transporting bulk cargo—both in Canada and abroad) and fly approximately 93 miles. Most important, the Condor will … Continue Reading

Northwell Health Seeks to Use Drones and Telehealth for Emergency Care

Northwell Health, a New York-based health system, is seeking to use a fleet of emergency drones, in combination with telehealth technology, to respond to accidents more quickly, treat opioid overdoses and even provide medical attention needed due to terrorists attacks. However, there are still a lot of barriers to burst through before Northwell Health can … Continue Reading

New York Department of Financial Services Updates Cybersecurity Guidance: Coverage of Cybersecurity Requirements Addressed in 4 New FAQs

On March 1, 2018, the New York Department of Financial Services (NYDFS) “cybersecurity regulations” (23 NYCRR Part 500) took effect, placing a number of cybersecurity requirements on banks, insurance companies, and other financial services institutions and licensees regulated by the NYDFS (“Covered Entities”). To aid in compliance with the regulation, the NYDFS recently added new … Continue Reading

New York Financial Services Cybersecurity Regulations Deadline Looming This Week

On March 1, 2018, the one year transition period within which banks, insurance companies, and other financial services institutions and licensees regulated by the New York Department of Financial Services (“Covered Entities”)  must have implemented a cybersecurity program ends. By March 1, the Covered Entities must be in compliance with the following requirements: 23 NYCRR … Continue Reading

New York’s Landmark Cybersecurity Regulation Compliance Deadlines Looming

On February 15, 2018—that is, today—banks, insurance companies and other financial services institutions and licensees regulated by the New York Department of Financial Services (DFS) are required to file their first certification of compliance with DFS’s far reaching cybersecurity regulation (23 NYCRR Part 500) (the “Regulation”). The Regulation, which became effective on March 1, 2017, … Continue Reading

New York Governor Announces Drone Fleet for its State Police

Last week, Governor of New York, Andrew Cuomo, announced the launch of a new State Police Unmanned Aerial System (UAS) program, which will be used for law enforcement missions, including, but not limited to, disaster response, traffic safety and crime scene investigation. To start, the program will launch four state police drones—Troop A, which will … Continue Reading

Initial Coin Offerings and Cryptocurrencies Will be a Priority for FINRA in 2018

In a ten page letter that previews the Financial Industry Regulatory Authority’s (FINRA) priorities for 2018, initial coin offerings (ICOs) and transactions involving cryptocurrencies. This follows previous warnings by both the Securities and Exchange Commission (SEC) and FINRA about the risks associated with investing in ICOs and virtual currencies, including Bitcoin. SEC Chairman Jay Clayton … Continue Reading

Hilton Settles Data Breach Investigations with NY and VT AGs

Hilton Domestic Operating Co., Inc. (Hilton) has agreed to pay the New York and Vermont Attorneys General $700,000 to settle allegations that they violated those state consumer protection and data breach notification laws when it failed to implement reasonable security measures to protect consumer data and for waiting nine months to notify consumers of a … Continue Reading

SEC Brings Fraud Action Against ICO Creator

In its first lawsuit targeting Initial Coin Offerings (ICOs), the Securities and Exchange Commission (SEC) has filed fraud charges against the creator of the ICOs marketed as “REcoin” and “DRC.” The action, filed in the United States District Court for the Eastern District of New York on September 29, 2017, alleges that Maksim Zaslavskiy, operating … Continue Reading

Privacy Tip #106 – Online Romance Scams

I haven’t been in the dating scene for decades but I know it sure has changed. Millions of people participate in online dating, and I even know several couples who have found their significant other using online dating platforms. That’s the good news. The bad news is that the Internet is used for bad intentions, … Continue Reading

CoPilot Provider Support Services Settles with NYAG for $130,000 for Late Breach Notification

CoPilot Provider Support Services, Inc. (CoPilot), which provides health care companies with billing and insurance support services, has settled allegations by the New York Attorney General of failing to notify individuals of a data breach in a reasonable time for $130,000. CoPilot began investigating an unauthorized access to, and downloading of its reimbursement records through … Continue Reading

Misconfigured Backup Server Exposes 7,000+ Medical Records

A misconfigured backup server hosted by medical records technology vendor iHealth Solutions resulted in exposure of over 7,000 medical records, some containing sensitive information. The records, involving patients seen at Bronx-Lebanon Hospital Center in New York, New York, between 2014 – 2017, include patients’ names, addresses, HIV status, mental health diagnoses and addiction histories, as … Continue Reading

State of Colorado Proposes Financial Services Cybersecurity Requirements

Following in the footsteps of the State of New York, the Colorado Department of Regulatory Agencies has proposed amendments to the Colorado Securities Act to require investment advisers and broker-dealers to implement new cybersecurity requirements to ensure security of the information in their possession. As we have predicted before, this is probably just the beginning … Continue Reading

NY AG Announces Settlements with Three Mobile-Health App Developers Over Privacy, Marketing Concerns

On March 23, 2017, New York State Attorney General Eric T. Schneiderman announced settlements with three mobile health application (app) development companies aimed at curbing deceptive marketing practices and inadequate privacy disclosures to consumers. The settlements – reached with Cardiio, Inc., Matis Ltd., and Runtastic GmbH, respectively – target health measurement apps that “purport to … Continue Reading

Sony Cyber-Attackers Lurking at Financial Supervisor “Watering Hole” Target Banks and Others

Cybersecurity specialists at BAE Systems and Symantec announced last week new evidence suggesting that the criminals behind the notorious 2014 attack on Sony Corp. are also responsible for recent cyber-attacks involving 104 organizations in 31 countries. Researchers and investigators have long attributed the 2014 Sony attack, which crippled computer systems and revealed internal emails, to … Continue Reading

Governor Cuomo Unveils Cybersecurity Proposals Including Cyber Incident Response Team

New York Governor Andrew Cuomo announced a series of cybersecurity proposals that are designed to protect consumers and government entities from cybercrime and identity theft. One of the proposals includes the creation of a Cyber Incident Response Team that would support state and local government bodies, critical infrastructure and schools. It will be led by … Continue Reading

501(c)(3) Public Charities Subject to New Donor Disclosure Requirements in New York

Since 1958, when the Supreme Court held that the State of Alabama’s attempt to compel the NAACP to disclose its membership lists infringed on the members’ constitutional rights to freedom of speech and assembly, charities and donors have expected donor information to remain confidential. However, recent developments in New York have thrown that expectation into … Continue Reading

American Eagle Settles TCPA Class Action for $14.5 Million

American Eagle Outfitters (American Eagle) settled a class action filed against it for alleged Telephone Consumer Protection Act (TCPA) violations for $14.5 million last week. The class action complaint alleged that American Eagle send unsolicited text message messages to over 600,000 unique cell phone numbers without prior written consent as required by the TCPA. The … Continue Reading

The ‘Silicon Valley’ for UAS: From New York’s Griffiss International Airport to Hancock International Airport, UAS are Welcome

From the Griffiss International Airport in Rome, New York to the Hancock International Airport in Syracuse, New York, unmanned aerial systems (UAS or drones) may freely fly the 50-mile stretch in an effort to increase technological advancement for developers of UAS. Executive Director of the NUAIR Alliance, Larry Brinker, says that “companies are going to … Continue Reading

The Cyber Regulation Drops

On September 13, 2016, Governor Andrew Cuomo announced the first proposed broadly applicable cyber regulation in the U.S. (the “Regulation”). The Regulation covers banks, insurance companies and other financial institutions (Covered Entities) regulated by the New York Department of Financial Services (the “DFS”). The Regulation is tightly focused, but with broad reach. It appears to … Continue Reading

Trump Hotel Settles with NY Attorney General Over Credit Card Breaches

Trump International Hotels Management has agreed to pay the State of New York $50,000 for two data breaches that exposed over 70,000 customer credit card numbers and other personal information, according to New York Attorney General Eric Schneiderman. The first data breach involved the infection of the Trump Hotels’ system with malware that affected hotels … Continue Reading

The (Regulated) Rise of the CISO

The proposed New York Department of Financial Services Cybersecurity Requirements for Financial Institutions (the “Regulation”) has many different aspects that are designed to bring about overall improvement in cybersecurity programs. One that has yet to be explored is how the Regulation elevates the role of the Chief Information Security Officer (the “CISO”) beyond the traditional … Continue Reading
LexBlog