Christopher W. Gerold speaks to The Wall Street Journal about Kim Kardashian’s $1.26 million settlement with the Securities and Exchange Commission (SEC) over her social media promotion of a cryptocurrency. Gerold, former Chief of the New Jersey Bureau of Securities, notes that the SEC uses a specific test to see what falls under the definition of a security: “whether something includes an investment contract, a test met when it involves investment of money in a common enterprise with a reasonable expectation of profits to be derived from the efforts of others.”  He adds: “There’s a lot of debate still to this—What is a security? What is a commodity? What is something else?... Over time, especially in the crypto space, we’ve seen [people] try to call it different things to avoid the securities laws.” Gerold cautions that celebrities touting crypto on television commercials may not be immune, either: “If they are making more general statements about the platforms, that is considered to be different than giving investment advice about a specific security.”

In SC Magazine, Kathleen A. McGee comments on the conviction of Uber’s former Chief Information & Security Officer for misleading regulators about a data breach. “Traditionally, CISO are responsible for, among other things, ensuring that accurate information regarding a data compromise is accurately conveyed to both corporate executives and regulators,” McGee says. “In this case, the CISO was also a former DOJ attorney, which frankly increased his basis of knowledge beyond a traditional CISO, whether he was practicing law at the time or not. Sullivan should have been well-aware of his obligation to continue informing federal regulators and the state attorneys general about this additional incident and should have been well-positioned to assess the risk involved in misleading authorities regarding the hacking.”