On March 11, 2022, the U.S. Senate passed an omnibus spending bill that includes language which would require certain critical infrastructure owners and operators to notify the federal government of cybersecurity incidents in specified circumstances. President Biden has until March 15, 2022, to sign the bill. This blog entry provides a summary of the bill.
Continue Reading Cyber Incident Reporting Language in Omnibus Bill Headed to President Biden’s Desk
Congress
President Biden Calls for Stronger Privacy Protections for Children in State of the Union
On March 1, 2022, President Biden, in his first State of the Union address, called on Congress to strengthen privacy protections for children, including by banning online platforms from excessive data collection and targeted advertising for children and young people. …
Continue Reading President Biden Calls for Stronger Privacy Protections for Children in State of the Union
U.S. Senate Unanimously Passes Cybersecurity Legislation Requiring 72 Hour Cyber Incident Notification
On March 2, 2022, the Senate unanimously passed the Strengthening American Cybersecurity Act of 2022 (“SACA” or the “Bill”). The Bill is now with the House of Representatives for a vote and, if passed, will be sent to President Biden’s desk for signature.
…
Continue Reading U.S. Senate Unanimously Passes Cybersecurity Legislation Requiring 72 Hour Cyber Incident Notification
U.S. Senators Introduce Bipartisan Bill on Reporting Critical Infrastructure Cyber Incidents and Ransomware Payments
On September 28, 2021, Senators Gary Peters and Rob Portman, respectively Chairman and Ranking Member of the Homeland Security and Government Affairs Committee, introduced a bipartisan bill that would require owners and operators of critical infrastructure to notify the Director of the Cybersecurity and Infrastructure Security Agency within 72 hours of having a reasonable belief that a covered cyber incident has occurred.
Continue Reading U.S. Senators Introduce Bipartisan Bill on Reporting Critical Infrastructure Cyber Incidents and Ransomware Payments
U.S. House Committee Votes to Create New FTC Privacy Bureau and Appropriate $1 Billion to the Agency
On September 14, 2021, the U.S. House Committee on Energy and Commerce voted in favor of a legislative recommendation that would create a new FTC privacy bureau as part of the proposed $3.5 trillion federal budget reconciliation package. …
Continue Reading U.S. House Committee Votes to Create New FTC Privacy Bureau and Appropriate $1 Billion to the Agency
Senators Introduce Cyber Incident Notification Act
A bipartisan group of Senators recently introduced the Cyber Incident Notification Act of 2021. The Act would require federal government agencies, federal contractors and operators of critical infrastructure to notify the federal government in the event of a cybersecurity incident.
Continue Reading Senators Introduce Cyber Incident Notification Act
Colorado Privacy Act Signed Into Law
On July 8, 2021, Colorado Governor Jared Polis signed SB21-190, the Colorado Privacy Act, into law, making Colorado the third state to have a comprehensive data privacy law on the books, following California and Virginia. This blog entry provides a summary of the Act.
Continue Reading Colorado Privacy Act Signed Into Law
Senator Gillibrand Announces Renewed Data Protection Act 2021
On June 17, 2021, Senator Kirsten Gillibrand (D-NY) announced the reintroduction of the Data Protection Act of 2021, which would create an independent federal agency, the Data Protection Agency, to “regulate high-risk data practices and the collection, processing, and sharing of personal data.”…
Continue Reading Senator Gillibrand Announces Renewed Data Protection Act 2021
Senate Confirms New FTC Commissioner
On June 15, 2021, the U.S. Senate confirmed Lina Khan to the Federal Trade Commission by a vote of 69-28.
Continue Reading Senate Confirms New FTC Commissioner
Supreme Court Rules FTC Cannot Rely on “Injunction” Provision to Obtain Equitable Monetary Relief
As reported on Hunton’s Retail Law Blog, on April 22, 2021, the U.S. Supreme Court unanimously held in a highly-anticipated case, AMG Capital Management, LLC v. FTC, that the Federal Trade Commission cannot seek or obtain equitable monetary relief pursuant to §13(b) of the FTC Act, putting an end to the use of §13(b) as a significant enforcement tool.
Continue Reading Supreme Court Rules FTC Cannot Rely on “Injunction” Provision to Obtain Equitable Monetary Relief