On June 6, 2025, President Trump issued a new executive order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), signaling the construction of a fortified cyber defense across federal operations. This directive updates the nation’s digital stronghold, modernizing risk management, defending against quantum and artificial intelligence (AI) threats, and drawing sharper lines in the battle against foreign cyber adversaries. For technology companies and federal suppliers, this is a clarion call to reinforce their digital walls and sharpen their defenses. Agencies will soon build these secure-by-design principles into every contract and procurement decision. In this era of fortress-building, failing to meet these standards not only will leave your gates unguarded but also could bar you from the entire federal marketplace. The EO may read like ordinary policy, but don’t be misled: It’s a direct command for companies to strengthen their cyber defenses or be locked out of federal opportunities altogether.

Continue Reading Building the Cyber Fortress: New Cybersecurity Executive Order Targets Quantum, AI, and Supply Chain Security

The Department of Defense (DoD) is revving its engines again—this time to rocket past its own software acquisition drag. Launched via an April 24 memo from Acting DoD CIO Katie Arrington, the DoD’s Software Fast Track (SWFT) Initiative entered a 90‑day sprint to redefine Accelerating the Authority to Operate (ATOs), aiming to replace the outdated Risk Management Framework (RMF) with AI‑enabled, continuous compliance workflows. Officially live on June 1, 2025, SWFT isn’t a fully cleared runway—it’s a mission in motion, with Requests for Information (RFIs) out and industry poised to respond. But the real turbulence won’t be technical—it’ll be cultural: Can Pentagon policy and personnel move at Top Gun pace?

Continue Reading The Need for Speed: DoD’s “Software Fast Track” Targets Bureaucracy at Mach 2

Beware the Jabberwock, my son! The jaws that bite! The claws that catch!”

– Lewis Carroll: “Jabberwocky,” Through the Looking-Glass, and What Alice Found There (1872)

There is a growing sense of confusion and unease among many federal contractors and grant recipients in these early days of the second Trump administration. In a time when some agencies face dislocation and downsizing (or, as with USAID, effective disbandment), contractors may feel like Alice stepping through the Looking Glass into a world strangely inverted from the one they knew. This shift is especially evident in the administration’s rejection of seemingly all diversity, equity, and inclusion (DEI) policies—long used to prevent discrimination, comply with civil rights laws, and foster inclusive environments in the American workforce.

Continue Reading Through the Looking Glass: Shifting DEI Standards Expose Contractors to False Claims Act Risk

The California Privacy Protection Agency (CPPA) recently fined clothing retailer Todd Snyder almost $350,000 for two types of consumer privacy errors. Due to technical errors during a 40-day period, it was impossible for Todd Snyder website users to request to opt out of having their information sold or shared. When users clicked the button for the Cookie Preferences Center, the consent banner would appear but instantly disappear, thus making it impossible for anyone to actually opt out. For those who were able to actually access the preferences center, Todd Snyder over-collected information from its users who wanted to opt out of having their information sold or shared. Todd Snyder’s data request form required users to verify their identity by submitting a photograph of themselves holding their identity document, even when they wanted to opt out.

Continue Reading Check Your Process or Pay Your Fine: Recent 6-Figure Fines from the California Privacy Protection Agency

Zachary Myers, the former United States Attorney for the Southern District of Indiana, has officially joined McCarter & English’s Indianapolis office as a partner in the Business Litigation group. He will also serve as a co-leader of the firm’s multidisciplinary Cybersecurity & Data Privacy team. Zach brings extensive experience in high-stakes litigation and cybersecurity. As part of his practice, he will counsel clients in navigating federal government issues, including congressional inquiries and regulatory matters.

Continue Reading Former US Attorney Zach Myers Joins McCarter & English

On April 15, 2025, President Trump issued a sweeping executive order (EO), “Restoring Common Sense to Federal Procurement.” As reflected in its accompanying Fact Sheet, the EO promises to rewrite the Federal Acquisition Regulation (FAR), eliminate most non-statutory provisions, and usher in the “most agile, effective, and efficient procurement system possible.” As the first comprehensive overhaul of the FAR in its nearly 40-year history, the forthcoming changes may dramatically reshape how businesses of all stripes engage with the federal government. But beyond its big promises and patriotic flair, the proposed overhaul raises critical questions: Can it really be done in six months? What happens to the thousands of existing regulations around which contractors have built compliance programs?

Continue Reading Hold My Beer: The Trump Administration’s Bold Plan to Rewrite the FAR

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed that contractors must continue complying with Revision 2 thanks to a previously issued class deviation. What does this mean in plain terms? The DoD is slowly pulling back the curtain on the next major shift in cybersecurity compliance. Still, the full prestige hasn’t happened yet.

Continue Reading The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

New Hart-Scott-Rodino premerger notification rules, which took effect in February, require that companies now provide more information than ever before about their prospective mergers. Meanwhile, both federal and state antitrust enforcers continue to step up scrutiny of data-related antitrust harms such as information sharing, monopolization, and price coordination, and private litigants are also filing claims. Data has long been used by companies to benchmark performance metrics, from pricing to inventory levels, and to manage revenue. But as data volume has increased, so too has the risk of violating antitrust laws through higher levels of interconnection. Big data could facilitate price coordination, potentially rising to the level of price fixing, and could thus entrench the market power of companies that have amassed data critical to the ability to compete.

Continue Reading Mo’ Data, Mo’ Problems: Antitrust Risk in the Age of Big Data

The Department of Justice (DOJ) recently announced a task force designed to eliminate anticompetitive state and federal laws and regulations that “undermine free market competition and harm consumers, workers, and businesses.” This followed President Trump’s Executive Order 14192, which had similar goals, and the Federal Trade Commission joined the DOJ in its announcement.

Continue Reading The US Antitrust Agencies Join Forces to Cut the Red Tape 

23andMe, a pioneer in the DNA testing kit industry, announced that it has filed for Chapter 11 bankruptcy protection and recently asked to select an independent customer data representative regarding any sale of user data. Its bankruptcy raises issues about data privacy and what companies must do to protect that data for the benefit of their customers and to protect themselves from litigation or violations of US and international privacy laws.

Continue Reading Follow the Breadcrumbs: Where Does Consumer Data Go as 23andMe Goes Bankrupt?