On March 25, 2022, European Commissioner for Justice Didier Reynders and U.S. Secretary of Commerce Gina Raimondo issued a joint statement announcing that the negotiations on an enhanced EU-U.S. Privacy Shield framework will intensify. In addition, in a speech given in Brussels, the President of the European Commission, Ursula von der Leyden, and U.S. President Biden indicated that they have found an agreement on data flows between the EU and U.S.
Continue Reading European Commission and United States Announce Agreement in Principle on Trans-Atlantic Data Privacy Framework

On March 11, 2022, the U.S. Senate passed an omnibus spending bill that includes language which would require certain critical infrastructure owners and operators to notify the federal government of cybersecurity incidents in specified circumstances. President Biden has until March 15, 2022, to sign the bill. This blog entry provides a summary of the bill.
Continue Reading Cyber Incident Reporting Language in Omnibus Bill Headed to President Biden’s Desk

On March 1, 2022, President Biden, in his first State of the Union address, called on Congress to strengthen privacy protections for children, including by banning online platforms from excessive data collection and targeted advertising for children and young people.
Continue Reading President Biden Calls for Stronger Privacy Protections for Children in State of the Union

On March 2, 2022, the Senate unanimously passed the Strengthening American Cybersecurity Act of 2022 (“SACA” or the “Bill”). The Bill is now with the House of Representatives for a vote and, if passed, will be sent to President Biden’s desk for signature.

Continue Reading U.S. Senate Unanimously Passes Cybersecurity Legislation Requiring 72 Hour Cyber Incident Notification

On December 27, 2021, the Federal Trade Commission sought public comment on a petition filed by Accountable Tech calling on the FTC to use its rulemaking authority to prohibit “surveillance advertising” as an “unfair method of competition.”
Continue Reading FTC Seeks Comments on Accountable Tech’s Petition for Rulemaking to Prohibit Surveillance Advertising

On November 8, 2021, law enforcement agencies in both the United States and European Union announced that a series of actions, including a number of arrests, were taken against the Russia-linked ransomware group, “REvil.”
Continue Reading Russia-Linked REvil Hackers and Their Affiliates Hit with Arrests by the U.S. and International Allies

On November 3, 2021, the Cybersecurity and Infrastructure Security Agency announced Directive 22-01 – Reducing the Significant Risk of Known Exploited Vulnerabilities, establishing a CISA-managed catalog of vulnerabilities and ordering federal agencies to remediate such vulnerabilities on government information systems.
Continue Reading CISA Issues New Cybersecurity Directive for Federal Agencies