On October 12, 2022, a federal jury found BNSF Railway, operator of one of the largest freight railroad networks in North America, violated the Illinois Biometric Information Privacy Act in the first ever BIPA case to go to trial.
Continue Reading First Ever BIPA Trial Results in $228 Million Judgment Against BNSF Railway
Information Sharing
FTC Releases Report on Dark Patterns
Posted on
Posted in Information Security, Online Privacy
On September 15, 2022, the Federal Trade Commission released a report analyzing “dark patterns,” or “design practices that trick or manipulate users into making choices they would not otherwise have made and that may cause harm.”…
Continue Reading FTC Releases Report on Dark Patterns
NHTSA Publishes Final Cybersecurity Best Practices
Posted on
Posted in Cybersecurity, Information Security
On September 9, 2022, the National Highway Traffic Safety Administration announced its publication of final Cybersecurity Best Practices for the Safety of Modern Vehicles. …
Continue Reading NHTSA Publishes Final Cybersecurity Best Practices
President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity
Posted on
On June 21, 2022, President Biden signed into law, the State and Local Government Cybersecurity Act of 2021 and the Federal Rotational Cyber Workforce Program Act, two bipartisan bills aimed at enhancing the cybersecurity postures of the federal, state and local governments.
Continue Reading President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity
New York Bar Issues Ethics Opinion on Protecting “Confidential” Client Identity Information on Smartphones
Posted on
Posted in Information Security
On April 8, 2022, the New York Bar issued an opinion to protect confidential client contact information stored on an attorney’s smartphone. …
Continue Reading New York Bar Issues Ethics Opinion on Protecting “Confidential” Client Identity Information on Smartphones
CPPA Holding Public Pre-Rulemaking Meetings on the CPRA on March 29 and March 30
Posted on
On March 29 and 30, 2022, the California Privacy Protection Agency will hold public pre-rulemaking informational sessions regarding the California Privacy Rights Act via video conference.
Continue Reading CPPA Holding Public Pre-Rulemaking Meetings on the CPRA on March 29 and March 30
Federal Acquisition Security Council Accepting Comments on Interim Final Rule Regarding Information Technology Supply Chain Risk
Posted on
Posted in Information Security, U.S. Federal Law
On November 2, 2020, the comment period for the Federal Acquisition Security Council’s interim final rule implementing the Federal Acquisition Supply Chain Security Act of 2018 will close.
Continue Reading Federal Acquisition Security Council Accepting Comments on Interim Final Rule Regarding Information Technology Supply Chain Risk
Provisions on the Governance of Network Information Content Ecology Goes Into Effect in China
Posted on
On March 1, 2020, the Provisions on the Governance of Network Information Content Ecology took effect. The Provisions govern China’s network information content ecology—including content producers, platforms, users, industry organizations and Departments of Cyberspace Administration. …
Continue Reading Provisions on the Governance of Network Information Content Ecology Goes Into Effect in China
Department of Energy Announces New Efforts in Energy Sector Cybersecurity
Posted on
On May 14, 2018, the Department of Energy Office of Electricity Delivery & Energy Reliability released its Multiyear Plan for Energy Sector Cybersecurity.
Continue Reading Department of Energy Announces New Efforts in Energy Sector Cybersecurity
National Standard on Personal Information Security Goes into Effect in China
Posted on
Posted in Information Security, Online Privacy
On May 1, 2018, the Information Security Technology – Personal Information Security Specification went into effect in China. The Specification should be taken seriously as a best practice in personal data protection in China, and should be complied with where feasible.
Continue Reading National Standard on Personal Information Security Goes into Effect in China