Perkins on Privacy
Privacy and Security related image, digital thumbprint

Perkins on Privacy

Perkins on Privacy keeps you informed about the latest developments in privacy and data security law. Our insights are provided by Perkins Coie's Privacy & Security practice, recognized by Chambers as a leading firm in the field. 
Business
December 4, 2025 Regulatory Enforcement Data Security Data Breach and Incident Response

SEC Dismisses Cyber Disclosure Case Against SolarWinds and CISO

Key Takeaways

 View blog post
signature, gavel, balance
November 14, 2025 Legislative Developments National Security Data Security Cybersecurity

President Trump Approves Short-Term Renewal of CISA 2015

Congress included in the appropriations bill of November 12, 2025, an extension of the Cybersecurity Information Sharing Act of 2015 (CISA 2015), 6 U.S.C. §§ 1501–10, through January 30, 2026. 

 View blog post
World Cybersecurity
November 7, 2025 Legislative Developments National Security Data Security

House Bill Introduced to Shield the U.S. From Cybersecurity Risks Posed by Quantum Computing

Congress members have proposed legislation that would introduce new measures to enhance the United States’ cybersecurity resilience in the face of advancing quantum computing capabilities.

 View blog post
Government Contracts, Privacy & Security
October 30, 2025 Data Security CCPA Regulatory Enforcement Privacy Compliance State Privacy Laws Data Breach and Incident Response Legislative Developments

Preparing for the California Cyber Audit Regulations

On September 23, 2025, the California Privacy Protection Agency confirmed that their cyber audit regulations will at long last go into effect on January 1, 2026. 

You can be forgiven for losing track since these were first proposed in September 2023, but now is the time to start considering how they will apply to your company and budgeting for that impact. 

 View blog post
Data Center
October 15, 2025 Data Breach and Incident Response Data Security Legislative Developments

2025 Breach Notification Law Update

State Updates, Security Mandates, and the Federal Regulatory Horizon

 View blog post
bank
September 25, 2025 AdTech Cybersecurity Data Security Federal Developments National Security Privacy Compliance Regulatory Enforcement

DOJ Posts New FAQ for the “Bulk Data” Rule

The U.S. Department of Justice (DOJ) “Data Security Program” (DSP), also known as the “Sensitive Data Rule” or “Bulk Data Rule,” has prompted numerous questions about its scope and application. 

 View blog post
Key Asset Data
September 15, 2025 Data Security National Security

Salt Typhoon Cyberattacks: Updated Threat Assessment and Recommended Mitigations

Key Takeaways

 View blog post
Security
December 4, 2024 Privacy Compliance New Administration Regulatory Enforcement Federal Trade Commission

How the FTC’s Approach to Privacy, Security, and AI Enforcement May Change

 The new administration is likely to have a significant impact on the Federal Trade Commission’s (FTC’s) approach to privacy, data security, and other technology-related aspects of consumer protection, including artificial intelligence (AI). View blog post
Data
December 3, 2024 National Security Regulatory Enforcement

CISA Security Requirements for Restricted Data Transactions Under New DOJ Rule

CISA has proposed security requirements for certain categories of restricted data transfers. Any U.S. business that transfers its data outside the United States or gives businesses or people outside the United States access to its data should review and work with security and legal professionals to ensure compliance.

 View blog post
bell on front desk at hotel
November 7, 2024 Regulatory Enforcement Data Security Data Breach and Incident Response Federal Trade Commission

FTC and State Coalition Settle Data Breach Cases with Marriott

 In 2018, Marriott announced a data breach affecting its Starwood reservation system, thought at the time to have affected up to 500 million people worldwide. These settlements arise from that incident, as well as two smaller incidents that also affected Starwood and Marriott. The FTC alleges these incidents exposed payment card information, unencrypted passport numbers, and loyalty account information, along with other information like names, dates of birth, and contact information. View blog post
AI finger touch screen
September 30, 2024 Data Breach and Incident Response Data Security

2024 Breach Notification Law Update: Unique New State Obligations and Widespread New Federal Obligations

 Amid intense focus on AI and a flurry of consumer privacy law updates, legislative activity has continued to change data breach notification requirements in a variety of ways. Similar to 2023, a handful of changes to generally applicable state breach notification statutes were accompanied by steady sectoral activity at the state level and significant updates at the federal level, including new obligations from both the Federal Trade Commission (FTC) and the U.S. Securities and Exchange Commission (SEC). View blog post
Woman on a laptop
September 19, 2023 Data Security Data Breach and Incident Response

Updating Corporate and Cybersecurity Practices To Satisfy the SEC’s Final Cybersecurity Disclosure Rules: Assessing Materiality of Cybersecurity Incidents

 In the wake of the SEC's new rule requiring prompt disclosure of cybersecurity incidents, incident response (IR) teams have asked how they should modify IR plans to promote compliance with the new rule. View blog post
Cellphone Privacy Security
September 11, 2023 Data Security Data Breach and Incident Response

A Deep Dive Into the SEC’s Materiality Trigger for Cybersecurity Incident Disclosures

The U.S. Securities and Exchange Commission (SEC) adopted final rules relating to cybersecurity disclosure on July 26, 2023, which will take effect on December 18, 2023. 

 View blog post
© 2025 Perkins Coie LLP