Archives: Congress

Subscribe to Congress RSS Feed

House Members Reintroduce Email Privacy Act

On January 9, 2017, Representatives Kevin Yoder (R-Kan.) and Jared Polis (D-Colo.) reintroduced the Email Privacy Act.  According to Rep. Yoder’s spokesman, the text of the bill is similar to the version the House of Representatives unanimously approved last April, but which did not pass the Senate.  As we previously reported, the proposed changes would … Continue Reading

The Commission on Enhancing National Cybersecurity Releases Its Report on Securing and Growing the Digital Economy

On December 1, 2016, the Commission on Enhancing National Cybersecurity released its Report on Securing and Growing the Digital Economy. In its Report, the Commission, established in February 2016 by President Obama, provided detailed short- and long-term recommendations to strengthen cybersecurity in the public and private sectors. The Commission took a multi-stakeholder approach, emphasizing the … Continue Reading

Bill Criminalizing “Revenge Porn” Introduced in Congress

Today, Rep. Jackie Speier (D-Calif.) introduced legislation that would criminalize the non-consensual distribution of sexually explicit images, commonly referred to as “revenge porn.” The Internet Privacy Protection Act would make it a federal crime for individuals to knowingly distribute sexually explicit images or video of a person without or with a “reckless disregard” for their … Continue Reading

NTIA Multistakeholder Group Reaches Consensus on Best Practices for Commercial Use of Facial Recognition Technology

Last week, the multistakeholder group convened by the National Telecommunications and Information Administration (“NTIA”) to create set of voluntary best practices for the commercial use of facial recognition technology finalized its guidelines.  While the three-page code of conduct was praised by industry groups, including the Software & Information Industry Association and Consumer Technology Association, many … Continue Reading

House Unanimously Passes Email Privacy Act

On April 27, the House of Representative unanimously passed the Email Privacy Act.  As previously reported, the proposed changes would strengthen the privacy protections for email and other cloud-storage services by closing a loophole that allowed law enforcement to access older data without obtaining a warrant. However, while there is widespread support to require warrants … Continue Reading

Senate Panel Passes “Internet of Things” Bill

Yesterday, the Senate Commerce Committee passed a bill meant to increase government involvement in the development of the “Internet of Things” (IoT). By a voice vote, the committee approved the Developing Innovation and Growing the Internet of Things (DIGIT) Act, sponsored by Sen. Deb Fischer (R-Neb.), Sen. Kelly Ayotte (R-N.H.), Sen. Cory Booker (D-N.J.), and … Continue Reading

House Judiciary Committee Approves Email Privacy Act

In a unanimous vote, the House Judiciary Committee approved the Email Privacy Act, a long-awaited update to the 30-year-old Electronic Communications Privacy Act (ECPA).  The proposed changes would strengthen the privacy protections for email and other cloud-storage services by closing a loophole that allowed law enforcement to access older data without obtaining a warrant.  The … Continue Reading

NTIA Release Requests for Comments on IoT Issues

Yesterday, the National Telecommunications and Information Administration (NTIA), part of the U.S. Department of Commerce, issued a Request For Public Comment (RFC) seeking comment on the benefits, challenges, and potential roles for the government in fostering the advancement of the Internet of Things (IoT). NTIA issued the RFC as part of the Commerce Department’s Digital … Continue Reading

EU-U.S. Privacy Shield Package Released

By Monika Kuschewsky and Vera Coughlan Today, the European Commission published the text of the new EU-U.S. Privacy Shield (see the Commission’s press release here), which consists of: a draft adequacy decision; the EU-U.S. Privacy Shield Framework Principles issued by the U.S. Department of Commerce; and the official representations and commitments contained in separate letters … Continue Reading

Commerce Releases Fact Sheet on the EU-U.S. Privacy Shield

As we reported yesterday, the United States and the European Commission have reached a political agreement on a new framework for transatlantic data flows, referred to as the EU-U.S. Privacy Shield.  The U.S. Department of Commerce (“Commerce”) released a fact sheet yesterday to coincide with the announcement of the agreement. The fact sheet includes a … Continue Reading

Agreement Reached on New EU-U.S. Safe Harbor: the EU-U.S. Privacy Shield

By Dan Cooper, Phil Bradley-Schmieg and Joseph Jones Today (February 2nd, 2016), the European Commission and U.S. Government reached political agreement on the new framework for transatlantic data flows.  The new framework – the EU-U.S. Privacy Shield – succeeds the EU-U.S. Safe Harbor framework (for more on the Court of Justice of the European Union … Continue Reading

Senate Committee Passes Judicial Redress Act, May Assist Safe Harbor Negotiations

The Senate Judiciary Committee today successfully reported H.R. 1428, the Judicial Redress Act of 2015.  However, the bill included an amendment to the House-passed version that has the potential to influence current negotiations between the United States and the European Union to reach a new Safe Harbor agreement. As we previously reported, the Judicial Redress … Continue Reading

Senators Introduce Bill Requiring Cybersecurity Expertise Reports to SEC

On December 17, 2015, Senators Reed (D-RI) and Collins (R-ME) introduced the Cybersecurity Disclosure Act of 2015 (S. 2410), which has been referred to the Committee on Banking, Housing, and Urban Affairs.  According to the press release accompanying the bill, it “seeks to strengthen and prioritize cybersecurity at publicly traded companies by encouraging the disclosure … Continue Reading

Scope of Preemption in Proposed Data Security Legislation is Uncertain

According to a recent analysis by the Congressional Research Service (“CRS”), the extent of state law preemption in recent federal legislative proposals relating to data security is unclear.  Several bills introduced in the 114th Congress would impose federal data security or breach notification requirements on covered entities, similar to existing requirements in nearly every state. … Continue Reading

Congress Passes the Cybersecurity Act of 2015

The Cybersecurity Act of 2015 (the “Act”) was passed by Congress today as part of the 2016 omnibus spending package.  The Act is very similar to the Cybersecurity Information Sharing Act (“CISA,” S. 754), which passed the Senate on October 27 and was the subject of our previous analysis, although there are some important differences … Continue Reading

Senators Introduce Online Terrorist Activity Reporting Bill

Senators Feinstein (D-CA) and Burr (R-NC) introduced legislation today that would impose reporting duties on entities that “obtain[] actual knowledge of any terrorist activity.”  The bill applies to entities “engaged in providing an electronic communication service or a remote computing service to the public,” which includes social media companies.  Those entities are required to report … Continue Reading

A Closer Look at CISA’s Cybersecurity Information-Sharing Provisions

As we reported on October 27, the U.S. Senate passed the Cybersecurity Information Sharing Act (“CISA,” S. 754).  If enacted into law, CISA would, among other things, establish a voluntary framework for the sharing of cybersecurity threat information between and among the federal government and private entities.  CISA must now be reconciled with two similar … Continue Reading

Senate Passes Cybersecurity Information Sharing Legislation

The U.S. Senate passed the Cybersecurity Information Sharing Act (“CISA,” S. 754) today.  In material part, the bill: establishes a voluntary framework for real-time information sharing of “cyber threat indicators” and “defensive measures” between private organizations (defined to also include state and local governments) and the federal government; with respect to information sharing among private … Continue Reading

House Passes Bill Expanding Privacy Rights of EU Citizens in Wake of Schrems Ruling

By Hannah Lepow On October 20, the U.S. House of Representatives passed a bill that would expand the privacy rights of citizens of the European Union in the United States. The bill, known as the Judicial Redress Act of 2015, would allow EU citizens and citizens of other allied nations limited rights to file suit … Continue Reading

Draft House Cures Legislation Would Amend Federal Privacy Laws (Second Post in a Series)

As we discussed in a prior post, the April 29, 2015, draft House 21st Century Cures bill would make several changes to federal health privacy law. This post focuses on provisions that would allow remote access to PHI for purposes preparatory to research and that would permit individuals to make a one-time authorization of the … Continue Reading

Draft House Cures Legislation Would Amend Federal Privacy Laws (First Post in a Series)

On April 29, 2015, the U.S. House Energy and Commerce Committee released a revised discussion draft of the 21st Century Cures Act (“Cures”). The Cures bill would make several changes to existing federal privacy regulations promulgated under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health … Continue Reading

House Passes Cybersecurity Information Sharing Bills

Yesterday the U.S. House of Representatives passed the National Cybersecurity Protection Advancement Act (NCPAA), a bill that would provide liability protections for companies sharing cyber threat information with the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC).  A related bill, the Protecting Cyber Networks Act (PCNA), was passed by the House on … Continue Reading

House Committees Approve Information Sharing and Data Breach Notice Bills, Setting Stage for Floor Vote

Earlier this week, an information-sharing bill and a data breach bill passed through committee votes in the House, setting the stage for potentially significant legislative action on key cybersecurity issues in the near future.  On Tuesday, the House Homeland Security Committee approved the National Cybersecurity Protection Advancement Act by a unanimous voice vote, following a … Continue Reading

House Focuses on Data Breach Bills

By Ani Gevorkian The issues of data breach notification and data security issued received a fair amount of attention in the House this week:  On Wednesday, the House Energy and Commerce Subcommittee on Trade approved one data breach bill, and on Thursday, Rep.  Jim Langevin (D-RI), co-chairman of the House Cybersecurity Caucus, announced the release … Continue Reading
LexBlog