Tag Archives: Congress

House Passes Two Cybersecurity Bills

Posted on May 1, 2012 by Hunton & Williams LLP

On April 26, 2012, the U.S. House of Representatives approved the Cyber Intelligence Sharing and Protection Act (“CISPA” or H.R. 3523), which is aimed at facilitating the exchange of cyber threat intelligence information between the government and certain private entities. In addition, the House approved the Federal Information Security Amendments Act of 2012 (H.R. 4257), which modifies the Federal Information Security Management Act of 2002 to provide for automated and continuous monitoring of the security of government information systems.

Continue reading…

Tags: , , ,

Sotto Discusses White House Administration’s Consumer Privacy Bill of Rights

Posted on March 8, 2012 by Hunton & Williams LLP

On February 24, 2012, Eric Chabrow of BankInfoSecurity interviewed Lisa J. Sotto, partner and head of the Global Privacy and Data Security practice at Hunton & Williams LLP. Discussing the need for a Consumer Privacy Bill of Rights, Sotto briefly outlined the strengths and weaknesses of the proposed bill, and its potential impact on businesses.

Read the interview or listen to the podcast, which can be streamed or downloaded as an MP3 on the BankInfoSecurity website.

Tags: , , , , ,

White House Announces Its Highly Anticipated Consumer Privacy Bill of Rights

Posted on February 23, 2012 by Hunton & Williams LLP

The White House today released its long-awaited report outlining a framework for U.S. data protection and privacy policy. As expected, “Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Global Innovation in the Global Digital Economy” articulates a Consumer Privacy Bill of Rights based on the individual’s right to exercise control over what personal data companies collect from the individual and how companies use the data. The Consumer Privacy Bill of Rights, which reflects principles of fair information practices and applies to personal data, sets forth individual rights for consumers and corresponding obligations of companies in connection with personal data. It also provides for the consumer’s right to:

  • transparent privacy and data security practices;
  • expect that companies will collect, use and disclose data in a manner consistent with the context in which it was collected;
  • have their data handled in a secure manner;
  • access and correct personal data;
  • set reasonable limits on the personal data that companies collect and retain; and
  • have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.

Continue reading…

Tags: , , , , , , , ,

Netflix Litigation Ordered to Mediation as House Passes VPPA Amendment

Posted on December 15, 2011 by Hunton & Williams LLP

On December 1, 2011, a consolidated litigation against Netflix was ordered to private mediation pursuant to an agreement between the parties. As we previously reported, the plaintiffs allege that Netflix’s practice of maintaining customer movie rental history and recommendations after their subscriptions are cancelled violates the federal Video Privacy Protection Act (“VPPA”). In August 2011, several similar cases against Netflix were consolidated by a federal court in California.

News of the mediation order comes as a significant amendment to the VPPA awaits Senate approval. On December 6, 2011, the House of Representatives passed House Bill 2471 (“H.B. 2471”), which would allow video tape service providers to obtain consumers’ informed, written consent to disclose their personally identifiable information “[i]n advance for a set period of time or until consent is withdrawn.” H.B. 2471 also provides that “informed written consent” may be obtained electronically over the Internet. As we reported earlier this year, concerns regarding potential VPPA violations prompted Netflix to delay the U.S. launch of an integrated service with Facebook that would allow subscribers to share their television and movie viewing information. In July 2011, Netflix’s CEO criticized the VPPA as being “ambiguous” and “poorly drafted.” Discussing H.B. 2471 on the Netflix Blog, the company called on its customers to email Congress “to urge them to pass this modernizing legislation.”

Tags: , , , , , , , ,

Congressmen Markey and Barton Address Verizon’s Targeted Advertising Campaign

Posted on November 7, 2011 by Hunton & Williams LLP

On November 4, 2011, Congressmen Edward Markey (D-MA) and Joe Barton (R-TX) reiterated their privacy concerns over the handling of customer preferences in connection with Verizon’s new advertising initiative. After learning that Verizon had notified its customers of the implications of a targeted advertising campaign, on October 6, 2011, Reps. Markey and Barton, Co-Chairmen of the bipartisan Congressional Privacy Caucus, wrote a letter containing several inquiries to both Verizon and Verizon Wireless. In particular, Reps. Markey and Barton requested clarification regarding the companies’ potential disclosure of aggregated customer location information and website viewing history to third parties.

Continue reading…

Tags: , , , , , , ,

Data Breach Bills Clear Senate Judiciary Committee

Posted on September 23, 2011 by Hunton & Williams LLP

On September 22, 2011, the Senate Judiciary Committee approved three separate bills that would establish a national data breach notification standard.  Because the bills were approved on a party-line vote, and several other data breach bills currently are under consideration by other Senate committees, the prospects for these three bills in the full Senate are uncertain.

Continue reading…

Tags: , , , , , ,

Privacy Piracy Host Interviews Sotto

Posted on September 23, 2011 by Hunton & Williams LLP

On September 19, 2011, Privacy Piracy host Mari Frank interviewed Lisa J. Sotto, partner and head of the Global Privacy and Data Security practice at Hunton & Williams LLP, on KUCI 88.9 FM radio in Irvine, California.  In the interview, Ms. Sotto discussed critical current privacy and data security issues, including lessons learned from the recent data breaches, the regulatory framework in the U.S. and EU, and expected legislative changes in the privacy arena globally.

Listen to the Privacy Piracy interview.

Tags: , ,

House Subcommittees Convene Hearing to Launch Review of Internet Privacy

Posted on July 15, 2011 by Hunton & Williams LLP

On July 14, 2011, the U.S. House of Representatives Energy and Commerce Committee convened a joint hearing of the Subcommittee on Commerce, Manufacturing and Trade (chaired by Rep. Mary Bono Mack (R-CA)), and the Subcommittee on Communications and Technology (chaired by Rep. Greg Walden (R-OR)), to launch a comprehensive review of Internet privacy.  The series of hearings began with testimony from officials representing three agencies with jurisdiction over consumer privacy issues: FTC Commissioner Edith Ramirez, FCC Chairman Julius Genachowski, and Department of Commerce Assistant Secretary for Communications and Information Lawrence Strickling. Continue reading…

Tags: , , , , , , , , ,

White House Proposes Cybersecurity Legislation

Posted on May 19, 2011 by Hunton & Williams LLP

As we reported last week, on May 12, 2011, the Obama administration announced a comprehensive cybersecurity legislative proposal in a letter to Congress.  The proposal, which is the culmination of two years of work by an interagency team made up of representatives from multiple departments and agencies, aims to improve the nation’s cybersecurity and protect critical infrastructure.  If enacted, this legislation will affect many government and private-sector owners and operators of cyber systems, including all critical infrastructure, such as energy, financial systems, manufacturing, communications and transportation.  In addition, the proposal includes a wide-reaching data breach notification law that is intended generally to preempt the existing state breach laws in 46 states plus Washington, D.C., Puerto Rico and the U.S. Virgin Islands.

Continue reading…

Tags: , , , , , ,

Another Sony Service Breached by Hackers

Posted on May 3, 2011 by Hunton & Williams LLP

On May 2, 2011, Sony Computer Entertainment America (“Sony”) disclosed that hackers had gained access to the personal information of 24.6 million customers who played games on the Sony Online Entertainment (“SOE”) network.  Sony stated that hackers may have accessed names, addresses and birth dates of SOE gaming customers, as well as credit card data of about 12,700 non-U.S. accounts and 10,700 bank account numbers from “an outdated database from 2007.”  Sony clarified that the SOE breach was not the result of a second attack, but rather occurred as part of the broad incursion against the company that affected 77 million PlayStation accounts, as the company previously disclosed on April 26. Continue reading…

Tags: , , , , ,