According to the article, there are three key steps to ensuring your organization is privacy compliant:

1. Appoint a designated privacy officer
2. Develop and/or update your privacy policy to ensure compliance with your organizations privacy practices and the current privacy jurisprudence
3. Ensure that the necessary safeguards are in place to protect your organization from privacy breaches and policies in place to quickly respond in the unfortunate event of a privacy breach.

Review the full article on Lawson Lundell LLP's website.

Previous guidance in this area stated that companies may be obligated to disclose cybersecurity risks and incidents, but it did not provide specific disclosure requirements. The new guidance clarifies that the SEC expects companies to disclose cybersecurity risks and incidents that are material to investors, including financial, legal, or reputational consequences.

Review the press release and interpretation on the SEC’s website.

In a unanimous decision, the Court held that employees are not protected under Dodd-Frank unless they report information relating to a violation of the securities laws to the Securities and Exchange Commission (SEC). Employees who only report violations internally within their company, therefore, are not protected by Dodd-Frank’s anti-retaliation provisions.

Review the decision on the Supreme Court's website and an article on Holland & Hart LLP's website.

For mergers and monopolistic practices, the Bureau will continue to apply its traditional framework to market definition, market power and competitive effects. Where issues concerning big data are involved, the Bureau will consider both the efficiencies and consumer benefits from a network, but also whether big data could impose barriers to new competition or soften competition between firms.

Review the report on the Bureau's website.

But what's in a bitcoin? What's in a Smart Contract? And what is an Initial Coin Offering?

Read these article to learn more about cryptocurrency based on blockchain technology.

• What's in a bitcoin?
• What's in a Smart Contract?
• What is an Initial Coin Offering?

An organization should obtain appropriate professional advice when making important decisions about privacy and cyber insurance. Most insurance companies offer insurance policies specifically designed to protect an insured against losses and liabilities arising from privacy breaches and cybersecurity incidents.

The protection afforded by an insurance policy depends on the precise language of the policy (e.g. definitions, coverage descriptions, restrictions and exclusions) interpreted in accordance with legal principles established by Canadian courts.

Review the full article on Borden Ladner Gervais' website.

While there are many questions around the GDPR, one key question that organizations outside of the European Union (the “EU”) are asking is whether they are required to comply with the GDPR, even if they do not have a physical presence within the EU. While the answer will largely depend on the specific activities of each organization, there are good reasons to believe that in many instances, compliance with the GDPR may be required.

Review the full article Miller Thomson's website.

Mr. Jackson and his SEC staff looked at 157 dual-class initial public offerings occurring over the past 15 years, and "immediately noticed some pretty significant differences" between the 71 companies with sunset provisions and the 86 without, and found that over time their predicted valuations diverged.

Seven or more years after their IPOs, firms without sunset provisions traded at a significant discount, and decisions by some firms to drop their dual-class structures later were associated with a significant increase in valuations, he said, noting that the analysis is preliminary but a subject "that deserves much further study."

Review the full speech on the SEC's website.

The complete set of information around the TRG meeting is now available:

• Audio recordings of the individual sessions
• Meeting summary
• Podcast (7 minutes)
• IFRS in Focus — Transition Resource group discusses implementation of IFRS 17 'Insurance Contracts'

Review the press release on the IASB's website.

SEC Chairman Jay Clayton stated: “I believe every ICO I have ever seen is a security. ICOs should be regulated like securities offerings. End of Story.”

Mr. Stark adds that in the coming year or two, the SEC, the U.S. Financial Crimes Enforcement Network (FinCEN), the U.S. Department of Justice (DOJ), the Commodity Futures Trading Commission (CFTC) and a slew of other federal and state agencies will initiate a continuing sweep of ICO-related enforcement actions, triggering a virtual earthquake in the ICO industry.

But an ICO bubble burst will inevitably ensure that whatever cryptocurrency marketplace survives will provide the same customer protections and capital safeguards often taken for granted in the context of the traditional trading of securities. This not only makes for good business, but for a more robust and resilient global financial marketplace as well.

Review the guest post on the D&O Diary's website.