Insights Search

On January 13, 2025, Texas Attorney General Ken Paxton (“Texas AG”) filed the first-ever enforcement action under the Texas Data Privacy and Security Act (“TDPSA”) against insurance company Allstate and its subsidiary, Arity (collectively, “Defendants”).

On October 15, 2024, the Department of Defense (“DoD”) released its final rule (the “Final Rule”) formally establishing the Cybersecurity Maturity Model Certification (“CMMC”) program, nearly three years after first announcing its plan for the initiative.

The Texas Data Privacy and Security Act (“TDPSA” or the “Act”) came into effect on July 1, 2024.

The story of artificial intelligence (“AI”) is one of technological promise and societal challenge, and its impact on the U.S. electric power grid is fast becoming a pivotal chapter.

On February 28, 2024, President Joe Biden issued a landmark Executive Order titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” (the “Order”).

On February 8, Vinson & Elkins Partner Palmina Fava joined Jill Malandrino on Nasdaq TradeTalks.

On December 8, 2023, representatives of the European Council and the European Parliament reached a provisional agreement on the EU’s Artificial Intelligence Act (“AI Act”).

On October 30, 2023, President Biden issued an Executive Order (“Order”) that drastically increased the U.S. government’s engagement with artificial intelligence (“AI”).

Welcome to Vinson & Elkins’ Securities and ESG Updates. Our aim is to provide insights into notable developments in securities reporting and the environmental, social and governance space over the quarter.

On September 12, 2023, Delaware governor John Carney signed the Delaware Personal Data Privacy Act (the “DPDPA” or the “Act”) into law.

The Department of Homeland Security’s Transportation Security Administration (“TSA”) has issued an amended directive on pipeline security, SD-Pipeline-2021-02D (the “Directive”).

On July 10, 2023, the European Commission adopted an adequacy decision for the EU-U.S. Data Privacy Framework.