Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Compliance technology; Corporate culture; Culture of compliance; Federal Sentencing Guidelines; Big data; Compliance monitoring and audits; Employee morale; Values based compliance; Command-and control approaches; Self-regulatory approaches; Financial regulation; Criminalized compliance; Corporate policing; Ethical misconduct (1)
- Cybersecurity; Whistleblowers; Internal reporting; Whistleblower protections; Cybersecurity disclosure regulations; Compliance systems; Securities Regulation; Corporate Governance; Retaliation; Dodd-Frank; Corporate compliance culture; Securities and Exchange Commission (SEC) guidelines; White hat hackers/Ethical hackers; Non-binding regulation; Fraud categories; Egan v. TradingScreen (1)
- Inc.; Administrative authority; Shareholder protection; Security breach; Materiality; Cyber-risk (1)
- Privacy law; Cybersecurity; Hackers; FTC v. Wyndham Worldwide Corp.; Data breaches; Data security procedures; Self-regulatory organizations (SROs); Financial Trade Commission (FTC); Corporate privacy; Cyber Crime; Section 5 of the Federal Trade Commission Act; Deceptive or unfair business practice; Congressional inaction; Key principles of compliance; Best Practices Guidelines; Cyber risk insurance; Commercial general liability (CGL) insurance; First party cyber loss; Third party cyber liability; Technical policies and procedures; Written information security plan (WISP) (1)
Articles 1 - 3 of 3
Full-Text Articles in Computer Law
The Question Concerning Technology In Compliance, Sean J. Griffith
The Question Concerning Technology In Compliance, Sean J. Griffith
Brooklyn Journal of Corporate, Financial & Commercial Law
In this symposium Essay, I apply insights from philosophy and psychology to argue that modes of achieving compliance that focus on technology undermine, and are undermined by, modes of achieving compliance that focus on culture. Insisting on both may mean succeeding at neither. How an organization resolves this apparent contradiction in program design, like the broader question of optimal corporate governance arrangements, is highly idiosyncratic. Firms should therefore be accorded maximum freedom in designing their compliance programs, rather than being forced by enforcement authorities into a set of de facto mandatory compliance structures.
The Cybersecurity Threat: Compliance And The Role Of Whistleblowers, Jennifer M. Pacella
The Cybersecurity Threat: Compliance And The Role Of Whistleblowers, Jennifer M. Pacella
Brooklyn Journal of Corporate, Financial & Commercial Law
In today’s technologically dependent world, concerns about cybersecurity, data breaches, and compromised personal information infiltrate the news almost daily. The Securities and Exchange Commission (SEC) has recently emerged as a regulator that is keenly focused on cybersecurity, specifically with respect to encouraging disclosures in this arena by regulated entities. Although the SEC has issued non-binding “guidance” to help companies navigate their reporting obligations in this sector, the agency lacks binding cybersecurity disclosure regulations as they pertain generally to public companies. Given that the SEC has already relied on such guidance in threatening enforcement actions, reporting companies are increasingly pressured for …
Like A Bad Neighbor, Hackers Are There: The Need For Data Security Legislation And Cyber Insurance In Light Of Increasing Ftc Enforcement Actions, Jennifer Gordon
Like A Bad Neighbor, Hackers Are There: The Need For Data Security Legislation And Cyber Insurance In Light Of Increasing Ftc Enforcement Actions, Jennifer Gordon
Brooklyn Journal of Corporate, Financial & Commercial Law
Privacy has come to the forefront of the technology world as third party hackers are constantly attacking companies for their customers’ data. With increasing instances of compromised customer information, the Federal Trade Commission (FTC) has been bringing suit against companies for inadequate data security procedures. The FTC’s newfound authority to bring suit regarding cybersecurity breaches, based on the Third Circuit’s decision in FTC v. Wyndham Worldwide Corp., is a result of inaction—Congress has been unable to pass sufficient cybersecurity legislation, causing the FTC to step in and fill the void in regulation. In the absence of congressional action, this self-proclaimed …