Civil Law

China Issues Measures for the Administration of National Cybersecurity Incident Reporting – Published in collaboration with Shanghai Pacific Legal

In a significant regulatory development, the Cyberspace Administration of China (CAC) has officially issued the Measures for the Administration of National Cybersecurity Incident Reporting (the Final Reporting Measures), which will take effect on 1 November 2025. This follows the release of a draft version in late 2023 and marks the first comprehensive, cross-sector regulation governing cybersecurity incident reporting in China.

The Final Reporting Measures represent a major step forward in China’s cybersecurity governance framework, offering more detailed … Read the rest

Civil Law

CFPB Spring 2024 Supervisory Highlights looks at consumer reporting companies and furnishers

The CFPB has released the Spring 2024 edition of Supervisory Highlights.  The report discusses CFPB examinations in connection with credit reporting and furnishing that were completed from April 1, 2023 through December 31, 2023.

Key findings by CFPB examiners are described below.

Examinations of credit reporting companies (CRCs) found the following deficiencies:

  • CRCs failed to timely implement blocks of information after receiving the requisite information relating to an alleged identity theft, without otherwise making a reasonable determination with respect to
Read the rest
Civil Law

For Limited Use Only: Guidance on National Security Delay Determinations under the SEC Cyber Reporting Rule

On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a new Securities and Exchange Commission (“SEC”) rule. As a reminder, the SEC rule (which went into effect on Dec. 18, 2023) requires companies to disclose material cyber incidents via Form 8-K within four days of making a materiality determination. Our colleagues previously discussed the SEC rule … Read the rest

Civil Law

European Commission adopts the European Sustainability Reporting Standards

On 31 July 2023, the European Commission adopted the European Sustainability Reporting Standards (“ESRS“). EU and non-EU entities subject to the new EU Corporate Sustainability Reporting Directive (“CSRD“) will be required to report against the ESRS, making the development of interest to entities preparing for reporting under the CSRD regime.

Background

The CSRD, which entered into force on 5 January 2023, creates detailed sustainability reporting requirements and expands the number of EU and non-EU companies subject … Read the rest

Civil Law

Environmental Disclosures: CDP announces plastics to be added to Reporting Platform for first time

On April 19, 2023, the influential CDP (formerly known as the Carbon Disclosure Project) announced that nearly 7,000 organizations worldwide can disclose their plastic-related impacts for the first time, as CDP’s global environmental disclosure platform opens for 2023 reporting. CDP is adding plastic-related reporting to its online platform in response to a request from more than 740 investors with US$ 136 trillion in assets.

Last October, CDP reported that a record of around 20,000 organizations (over 18,700 companies representing over half of global market capitalization … Read the rest