On November 16, 2023, the European Data Protection Board published its Guidelines 2/2023 on the Technical Scope of Art. 5(3) of the ePrivacy Directive.
Continue Reading EDPB Publishes Guidelines to Clarify Scope of EU “Cookie” Notice and Consent Requirements
Internet of Things
European Parliament Adopts Final Version of the Data Act
On November 9, 2023, the European Parliament adopted, by a majority of 481 votes in favor, 31 votes against and 71 abstentions, the final text of the Data Act. …
Continue Reading European Parliament Adopts Final Version of the Data Act
White House to Release Cybersecurity Labeling System for IoT Devices
On October 19, 2022, Bloomberg Law reported that the White House is planning to introduce a system to label Internet of Things devices with information related to the devices’ cybersecurity risk.
Continue Reading White House to Release Cybersecurity Labeling System for IoT Devices
New California Legislation Adds to Existing Smart Device Labeling Requirements
On September 6, 2022, the California legislature presented Assembly Bill 2392 to Governor Gavin Newsom. AB-2392, which has not yet been signed by Governor Newsom, would allow Internet-connected device manufacturers to satisfy existing device labeling requirements by complying with National Institute of Standards and Technology standards for consumer Internet of Things products.
Continue Reading New California Legislation Adds to Existing Smart Device Labeling Requirements
FDA Issues Draft Cybersecurity Guidance for Medical Devices
On April 8, 2022, the Food and Drug Administration issued Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions, a draft guidance document for industry and FDA staff. Industry stakeholders will have until July 7, 2022 to comment on the proposed guidance.
Continue Reading FDA Issues Draft Cybersecurity Guidance for Medical Devices
European Commission Publishes Draft Data Act
On February 23, 2022, the European Commission adopted a Proposal for a Regulation on harmonized rules on fair access to and use of data, also known as the Data Act. This blog entry provides key highlights on the Data Act.
Continue Reading European Commission Publishes Draft Data Act
NIST Holds a Two-Day Public Workshop on Cybersecurity Labeling Programs for Internet of Things Devices and Software
On September 14 and 15, 2021, the National Institute of Standards and Technology held a public workshop, as part of its effort to create a consumer labeling program to communicate the security capabilities of consumer Internet of Things devices and software development practices, as mandated by the Biden administration’s May 2021 Executive Order on Improving the Nation’s Cybersecurity. …
Continue Reading NIST Holds a Two-Day Public Workshop on Cybersecurity Labeling Programs for Internet of Things Devices and Software
IoT Bill Heads to White House
On November 17, 2020, the Senate passed by unanimous consent H.R. 1668, the Internet of Things Cybersecurity Improvement Act.
Continue Reading IoT Bill Heads to White House
FTC Approves Settlement with Canadian Lockmaker Over Deceptive Security Claims
We previously posted about the Tapplock, Inc. settlement with the Federal Trade Commission over allegations that the company violated Section 5 of the FTC Act by falsely claiming that its “smart locks” were secure. Earlier this month, the FTC voted 5-0 to approve the settlement. …
Continue Reading FTC Approves Settlement with Canadian Lockmaker Over Deceptive Security Claims
Canadian Maker of Smart Locks Settles with FTC Over Deceptive Security Claims
A Canadian maker of Internet-connected padlocks settled Federal Trade Commission allegations that the company violated Section 5 of the FTC Act by falsely claiming that its “smart locks” were secure. …
Continue Reading Canadian Maker of Smart Locks Settles with FTC Over Deceptive Security Claims