As the year comes to an end, consider whether your business is required to make an annual privacy policy update and share updated consumer metrics under the CCPA.
Continue Reading Reminders of Annual CCPA Updates
Virginia Consumer Data Protection Act Work Group Issues Final Report
The Virginia Consumer Data Protection Act (“VCDPA”) Work Group has issued its 2021 Final Report. The final report, which is based on the six Work Group meetings between June and October 2021, summarizes information presented at the meetings on topics such as enforcement, definitions and rulemaking authority, as well as consumer rights and education. We summarize some of the comments below.
Continue Reading Virginia Consumer Data Protection Act Work Group Issues Final Report
U.S. AI, IoT, CAV, and Privacy Legislative Update – Second Quarter 2021
Introduction
In this update, we detail the key legislative developments in the second quarter of 2021 related to artificial intelligence (“AI”), the Internet of Things (“IoT”), connected and automated vehicles (“CAVs”), and federal privacy legislation. As we recently covered on May 12, President Biden signed an Executive Order to strengthen the federal government’s ability to respond to and prevent cybersecurity threats, including by removing obstacles to sharing threat information between private sector entities and federal agencies and modernizing federal systems. On the hill, lawmakers have introduced a number of proposals to regulate AI, IoT, CAVs, and privacy.
Continue Reading U.S. AI, IoT, CAV, and Privacy Legislative Update – Second Quarter 2021
Colorado Legislature Passes Comprehensive Consumer Privacy Bill
Colorado is poised to join the growing number of states enacting a comprehensive privacy law. On Monday, June 7, both houses of the legislature passed the Colorado Privacy Act. The bill will now be sent to the Governor for approval.
Continue Reading Colorado Legislature Passes Comprehensive Consumer Privacy Bill
New Privacy Bill Provides Opt-Out Rights and New Data Security Requirements
To add to the growing list of federal privacy frameworks introduced this year, Senator Amy Klobuchar (D-MN) has re-introduced the bipartisan Social Media Privacy Protection and Consumer Rights Act of 2021 (S. 1667). Senator Klobuchar introduced the bill originally in 2018 and 2019, although it did not advance to committee in either instance. Senators Kennedy (R-LA), Burr (R-NC), and Manchin (D-WV) have co-sponsored the bill.
Key provisions in this bill include:
Continue Reading New Privacy Bill Provides Opt-Out Rights and New Data Security Requirements
Florida Legislature Considering Comprehensive Privacy Law
Florida may be next state to join the growing number of states with a consumer privacy law, as both chambers of Florida’s legislature are currently considering comprehensive state privacy legislation. Both HB 969 and SB 1734 resemble the California Consumer Privacy Act (“CCPA”), though they contain some notable differences. Florida Governor Ron DeSantis expressed support of these measures, stating that these proposals “finally check these companies’ unfettered ability to profit off our data and ensure the protection of Floridians’ personal and private information.”
Continue Reading Florida Legislature Considering Comprehensive Privacy Law
“Cyber Shield Act” Calling for IoT Device Certification Reintroduced in Congress
Sen. Ed Markey (D-MA) and Rep. Ted Lieu (D-CA-33) reintroduced the Cyber Shield Act on March 24, 2021. The proposed legislation is not new to Congress; Sen. Markey and Rep. Lieu previously introduced the Cyber Shield Act in both 2017 and 2019. However, the bill never made it to a vote in either the House or the Senate.
Continue Reading “Cyber Shield Act” Calling for IoT Device Certification Reintroduced in Congress
2021 State Privacy Legislation Roundup: California, Virginia, New York, and Washington
Several states have proposed new privacy bills since their sessions began. Some of the proposed bills carry over or re-introduce bills drafted in previous legislative sessions, while others are introducing first–in-time omnibus privacy bills. In the high-level chart below, we compare five of the key state privacy frameworks: the CPRA, VCDPA (which we blogged about here), the NYPA, the general privacy provisions of the Washington Privacy Act, and the newly introduced Washington People’s Privacy Act (HB 1433).
Continue Reading 2021 State Privacy Legislation Roundup: California, Virginia, New York, and Washington
SAFE TECH Act Would Limit Scope and Redesign Framework of Section 230 Immunity
A number of legislative proposals to amend Section 230 of the 1996 Communications Decency Act (“Section 230”) have already been introduced in the new Congress. Section 230 provides immunity to an owner or user of an “interactive computer service” — generally understood to encompass internet platforms and websites — from liability for content posted by a third party.
On February 8, 2021, Senator Mark Warner (D-VA) introduced the Safeguarding Against Fraud, Exploitation, Threats, Extremism, and Consumer Harms Act (“SAFE TECH Act”), cosponsored by Senators Amy Klobuchar (D-MN) and Mazie Hirono (D-HI). The bill would narrow the scope of immunity that has been applied to online platforms. Specifically, the SAFE TECH Act would amend Section 230 in the following ways:
Continue Reading SAFE TECH Act Would Limit Scope and Redesign Framework of Section 230 Immunity
IoT Update: President Trump Signs IoT Cybersecurity Act of 2020 into Law
On Friday, December 4, 2020, President Trump signed the bipartisan Internet of Things (“IoT”) Cybersecurity Improvement Act of 2020 into law. The IoT Cybersecurity Improvement Act empowers the National Institute of Standards and Technology (“NIST”) to create cybersecurity standards for internet-connected devices purchased and used by federal agencies. For more information on the law, please