In this edition of our Privacy & Cybersecurity Update, we examine the Sixth Circuit's decision to allow injury-in-fact to be established by alleging a "substantial risk of harm" in a data breach case, New York state's proposed cybersecurity regulations for financial institutions and the FTC's comments on whether compliance with the NIST Cybersecurity Framework ensures compliance with the agency's cybersecurity requirements. We also discuss FTC Chairwoman Edith Ramirez's comments on the need to protect against ransomware attacks, a German Data Protection Authority's guidelines on companies using the Privacy Shield and the CFTC's finalization of its systems safeguards rule.

Click here to read more.