Tag Archives: Shoba Pillay

SCOTUS Overrules Roe v. Wade – Part IV: The Impact of Dobbs on Data Privacy – FTC v. Kochava

by Shoba Pillay, Madeleine V. Findley, Ann M. O’Leary, Anne Cortina Perry, Dawn L. Smalls, Alison Stein, and Philip B. Sailer

The Federal Trade Commission (FTC) recently filed a complaint against a data broker alleging that the collection and sale of precise location data significantly harms consumers, especially if the data contains information regarding travel to and from specific sensitive locations, such as reproductive healthcare clinics. The outcome of the case could have a substantial impact on the FTC’s authority to enforce consumer protection laws and will likely inform how companies handle consumer data to which they have access. The FTC’s complaint follows guidance the Biden administration issued to federal agencies, including the FTC, to take actions to protect consumers’ privacy in connection with reproductive healthcare services  after the Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization (“Dobbs”)[1]. The outcome of the case could have a substantial impact on the sale and collection of consumer location data and the FTC’s authority to enforce consumer privacy protections.

Continue reading

New Civil Cyber-Fraud Initiative Uses False Claims Act to Enforce Cybersecurity Requirements

by David Bitkower, Brandon D. Fox, Shoba PillayDavid B. Robbins, and Moshe Broder

The Department of Justice (DOJ) announced a new Civil Cyber-Fraud initiative which will use the False Claims Act (FCA) to enforce government contract cybersecurity requirements. The initiative will be led by the Fraud Section of the DOJ Civil Division’s Commercial Litigation Branch. DOJ believes it can bring its experience and resources from its civil fraud enforcement, procurement, and cybersecurity focused attorneys to make this a successful initiative.

Continue reading

Biden Administration Expands Cybersecurity Requirements for Government Contractors that Are Likely to Have a Broad Impact on the Private Sector

by David Bitkower, David Robbins, Shoba Pillay, Aaron Cooper, and Tali Leinwand

An Executive Order released by the Biden administration last month (the Cybersecurity EO) seeks to bolster the federal government’s cybersecurity defenses and resilience by imposing a variety of requirements on federal agencies and government contractors that are likely to have spillover effects in the private sector.[1] While many federal agencies and contractors already abide by existing agency-specific cybersecurity measures, the Cybersecurity EO establishes additional criteria to ensure that all information systems used or operated by federal agencies “meet or exceed” the cybersecurity requirements set forth in the Cybersecurity EO.[2] In particular, the Cybersecurity EO will directly affect companies that provide information technology (IT) and operational technology (OT) services, cloud computing software, and other technology to the federal government. In turn, the private sector, even when not servicing the federal government, is expected to see a renewed emphasis on security requirements and assessment standards.  

Continue reading

Lessons from the SAP SE Settlement on the Benefits of Self-Reporting Corporate Export Control and Sanctions Violations

by Rachel K. AlpertShoba Pillay, and Emily A. Merrifield

On April 29, 2021, the Boston U.S. Attorney’s Office announced that SAP SE, a multinational software company headquartered in Walldorf, Germany, entered into the first non-prosecution agreement under the Department of Justice’s (DOJ) revised Voluntary Self-Disclosure Policy, announced on December 13, 2019. Continue reading