Abe Rein and Laily Sheybani Explore Criminal Enforcement of Data Security and Privacy Obligations in PACDL’s For the Defense
For decades, the government’s primary mode of enforcing data security and privacy obligations was through civil enforcement actions by various federal and state agencies. In the most recent issue of the Pennsylvania Association of Criminal Defense Lawyers’ publication, For the Defense, Post & Schell’s Abe Rein and Laily Sheybani explore a rapidly-emerging new enforcement regime, which can involve criminal sanctions against companies or even individual executives who fail to properly secure sensitive data.
As Rein and Sheybani explain, recent years have seen a wave of new federal initiatives, expanding enforcement of data security and privacy rules to levels not previously seen. This includes the conviction of Uber’s former Chief Security Officer on “misprision of a felony” charges – essentially, knowingly concealing a felony – after Uber suffered a data breach; a new DOJ “Data Security Program” which threatens criminal penalties for willful violations; DOJ’s “Cyber Fraud Initiative,” which, while civil in scope, puts government contractors in the crosshairs if they fail to meet cybersecurity requirements; and new SEC disclosure rules.
Read the article here.
For questions or more information, please contact Abe Rein, Chair of the firm's White Collar Defense and Investigations Practice Group at 215-587-1057 or arein@postschell.com.