Tag Archives: Congress

Senate Passes Cybersecurity Information Sharing Act

On October 27, 2015, the U.S. Senate passed S.754 - Cybersecurity Information Sharing Act of 2015 by a vote of 74 to 21. This bill is intended to facilitate and encourage the sharing of Internet traffic information between and among companies and the federal government to prevent cyber attacks.… Continue Reading

U.S.-EU Data Transfer Agreement for Law Enforcement Nearing Completion

On September 8, 2015, representatives from the U.S. Government and the European Commission initialed a draft agreement known as the Protection of Personal Information Relating to the Prevention, Investigation, Detection and Prosecution of Criminal Offenses, which is intended to govern the cross-border transfer of personal information for law enforcement purposes. … Continue Reading

Florida Passes Drone Surveillance Bill Requiring Individual Consent

On April 28, 2015, the Florida House of Representatives passed a bill (SB 766) that prohibits businesses and government agencies from using drones to conduct surveillance by capturing images of private real property or individuals on such property without valid written consent under circumstances where a reasonable expectation of privacy exists.… Continue Reading

Industry, Privacy Advocates Join Microsoft to Protect Customer Emails in Foreign Servers

On December 15, 2014, Microsoft reported the filing of 10 amicus briefs in the 2nd Circuit Court of Appeals signed by leading technology and media companies, computer scientists and trade associations and advocacy organizations, in support of Microsoft's litigation to resist a U.S. Government's search warrant purporting to compel the production of Microsoft customer emails that are stored in Ireland.… Continue Reading

In a Surprising Move, Congress Passes Four Cybersecurity Bills

In a flurry of activity on cybersecurity, the U.S. Congress unexpectedly approved four cybersecurity bills that clarify the role of the Department of Homeland Security in private-sector information sharing, codify the National Institute of Standards and Technology’s cybersecurity framework, reform oversight of federal information systems, and enhance the cybersecurity workforce. … Continue Reading

Obama’s New Executive Order Focuses on Securing Consumer Payments

Today, the White House announced that the President signed a new executive order focused on cybersecurity. The signed executive order, entitled Improving the Security of Consumer Financial Transactions, focuses on securing consumer transactions and sensitive personal data handled by the U.S. Federal Government.… Continue Reading

FTC Issues Report on Data Broker Industry, Recommends Legislation

On May 27, 2014, the Federal Trade Commission announced the release of a new report recommending that Congress consider enacting legislation that would increase transparency in the data broker industry and give consumers more control over how data brokers collect and share their personal information. … Continue Reading

House Passes Bill Limiting NSA Data Collection

On May 22, 2014, the United States House of Representatives passed H.R. 3361, a bill aimed at limiting the federal government's ability to collect bulk phone records and increasing transparency regarding decisions by the Foreign Intelligence Surveillance Court.… Continue Reading

White House Releases Report on Big Data

On May 1, 2014, the White House released a report examining how big data is affecting government, society and commerce. In addition to questioning longstanding tenets of privacy legislation, such as notice and consent requirements, the report recommends (1) passing national data breach legislation, (2) revising the Electronic Communications Privacy Act, and (3) advancing the Consumer Privacy Bill of Rights.… Continue Reading

NIST Releases Final Cybersecurity Framework

On February 12, 2014, the National Institute of Standards and Technology issued the final Cybersecurity Framework, as required under Section 7 of the Obama Administration's February 2013 Executive Order, Improving Critical Infrastructure Cybersecurity. This blog entry highlights the final Framework and offers comparisons to the preliminary framework released in October of last year.… Continue Reading

Senators Renew Efforts to Pass Data Privacy Legislation

On January 8, 2014, Senator Patrick Leahy reintroduced comprehensive information security legislation that would establish a national standard for data breach notification and require businesses to safeguard customers' sensitive personal information from cyber threats. The bill also would establish criminal penalties for individuals who intentionally or willfully conceal security breaches, and would authorize the FTC to write and enforce rules regarding the protection of personal information and breach notification. … Continue Reading

GAO Report Highlights Gaps in U.S. Privacy Laws

On November 15, 2013, the U.S. Government Accountability Office released a report finding that the current federal statutory privacy scheme contains "gaps" and "does not fully reflect" the Fair Information Practice Principles.… Continue Reading

NIST Issues Preliminary Cybersecurity Framework

On October 22, 2013, the National Institute of Standards and Technology issued the Preliminary Cybersecurity Framework, as required under Section 7 of the Obama Administration's February 2013 executive order, Improving Critical Infrastructure Cybersecurity. The Preliminary Framework includes standards, procedures and processes for reducing cyber risks to critical infrastructure.… Continue Reading