On April 5, 2022, North Carolina became the first state in the U.S. to prohibit state agencies and local government entities from paying a ransom following a ransomware attack.
Continue Reading North Carolina Becomes First State to Prohibit Public Entities from Paying Ransoms
Congress
FTC Chair Speaks at IAPP Global Privacy Summit
Posted on
On April 11, 2022, FTC Chair Lina Khan spoke at the opening of the International Association of Privacy Professionals’ Global Privacy Summit on the FTC’s approach to adapting its existing authority to address and rectify unlawful data practices. …
Continue Reading FTC Chair Speaks at IAPP Global Privacy Summit
Cyber Incident Reporting Language in Omnibus Bill Headed to President Biden’s Desk
Posted on
On March 11, 2022, the U.S. Senate passed an omnibus spending bill that includes language which would require certain critical infrastructure owners and operators to notify the federal government of cybersecurity incidents in specified circumstances. President Biden has until March 15, 2022, to sign the bill. This blog entry provides a summary of the bill.
Continue Reading Cyber Incident Reporting Language in Omnibus Bill Headed to President Biden’s Desk
President Biden Calls for Stronger Privacy Protections for Children in State of the Union
Posted on
On March 1, 2022, President Biden, in his first State of the Union address, called on Congress to strengthen privacy protections for children, including by banning online platforms from excessive data collection and targeted advertising for children and young people. …
Continue Reading President Biden Calls for Stronger Privacy Protections for Children in State of the Union
U.S. Senate Unanimously Passes Cybersecurity Legislation Requiring 72 Hour Cyber Incident Notification
Posted on
Posted in Cybersecurity, U.S. Federal Law
On March 2, 2022, the Senate unanimously passed the Strengthening American Cybersecurity Act of 2022 (“SACA” or the “Bill”). The Bill is now with the House of Representatives for a vote and, if passed, will be sent to President Biden’s desk for signature.
…
Continue Reading U.S. Senate Unanimously Passes Cybersecurity Legislation Requiring 72 Hour Cyber Incident Notification
U.S. Senators Introduce Bipartisan Bill on Reporting Critical Infrastructure Cyber Incidents and Ransomware Payments
Posted on
On September 28, 2021, Senators Gary Peters and Rob Portman, respectively Chairman and Ranking Member of the Homeland Security and Government Affairs Committee, introduced a bipartisan bill that would require owners and operators of critical infrastructure to notify the Director of the Cybersecurity and Infrastructure Security Agency within 72 hours of having a reasonable belief that a covered cyber incident has occurred.
Continue Reading U.S. Senators Introduce Bipartisan Bill on Reporting Critical Infrastructure Cyber Incidents and Ransomware Payments
U.S. House Committee Votes to Create New FTC Privacy Bureau and Appropriate $1 Billion to the Agency
Posted on
Posted in Identity Theft, U.S. Federal Law
On September 14, 2021, the U.S. House Committee on Energy and Commerce voted in favor of a legislative recommendation that would create a new FTC privacy bureau as part of the proposed $3.5 trillion federal budget reconciliation package. …
Continue Reading U.S. House Committee Votes to Create New FTC Privacy Bureau and Appropriate $1 Billion to the Agency
Senators Introduce Cyber Incident Notification Act
Posted on
Posted in Cybersecurity, U.S. Federal Law
A bipartisan group of Senators recently introduced the Cyber Incident Notification Act of 2021. The Act would require federal government agencies, federal contractors and operators of critical infrastructure to notify the federal government in the event of a cybersecurity incident.
Continue Reading Senators Introduce Cyber Incident Notification Act
Colorado Privacy Act Signed Into Law
Posted on
Posted in U.S. State Law
On July 8, 2021, Colorado Governor Jared Polis signed SB21-190, the Colorado Privacy Act, into law, making Colorado the third state to have a comprehensive data privacy law on the books, following California and Virginia. This blog entry provides a summary of the Act.
Continue Reading Colorado Privacy Act Signed Into Law
Senator Gillibrand Announces Renewed Data Protection Act 2021
Posted on
Posted in Online Privacy, U.S. Federal Law
On June 17, 2021, Senator Kirsten Gillibrand (D-NY) announced the reintroduction of the Data Protection Act of 2021, which would create an independent federal agency, the Data Protection Agency, to “regulate high-risk data practices and the collection, processing, and sharing of personal data.”…
Continue Reading Senator Gillibrand Announces Renewed Data Protection Act 2021