Senate Judiciary Chairman Patrick J. Leahy introduced a new version of the Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act of 2014 (the “USA FREEDOM Act” or “Act”) in the Senate on Tuesday, more than two months House of Representatives passed a version of the bill that omitted several reforms sought by privacy advocates.

Leahy, a co-author of the original bill, said the updated legislation has the support of the Obama Administration.  The Reform Government Surveillance coalition of technology companies, the American Civil Liberties Union, and the Electronic Frontier Foundation also support the new version, according to a statement by Leahy’s office.  The measure has 13 co-sponsors in the Senate, including Senators Ted Cruz (R-Texas), Mike Lee (R-Utah), Al Franken (D-Minn.) and Tom Udall (D-N.M.).

The proposed Act would effectively ban bulk collection of phone records by circumscribing the scope and application of the so-called “business records” provision of the Foreign Intelligence Surveillance Act (also known as Section 215 of the USA PATRIOT Act).  It makes clear that the government may not collect all information relating to a particular service provider or to a broad geographic region, such as a city, zip code or area code.


Continue Reading New Version of USA Freedom Act Introduced

Continuing the flurry of activity around privacy legislation that we have seen over the past few weeks, the House today passed an amendment to the Video Privacy Protection Act (“VPPA”), 18 U.S.C. § 2710.  The bill would amend the VPPA by clarifying that a consumer may consent to the disclosure of her video viewing information

Today, the Senate Judiciary Committee passed the much-discussed update to the Electronic Communications Privacy Act of 1986 and the Video Privacy Protection of 1988 (“VPPA”).  The Committee adopted Senator Leahy’s manager’s amendment (which we discussed here), with a minor modification proposed by Senators Cornyn and Lee. 

Senator Feinstein also offered an amendment to the

On Thursday, the Senate Judiciary Committee reportedly will vote on Sen. Patrick Leahy’s bill that would amend the Electronic Communications Privacy Act (ECPA) and the Video Privacy Protection Act (VPPA).  The bill would amend the VPPA by clarifying that a consumer may consent to the disclosure of her video viewing information “though an electronic means

Last Friday, Rep. Zoe Lofgren (D-CA) introduced the ECPA 2.0 Act, H.R. 6529, which would strengthen the legal standards for law enforcement to gain access to electronic communications and location information.  The Electronic Communications Privacy Act (ECPA) is more than 25 years old and is widely seen as needing modernization to address changes in digital storage, the cloud, and location-based services.  As we’ve previously noted, government access to location information is an ongoing issue for legislators, courts, and government officials.  


Continue Reading Rep. Lofgren Introduces Legislation to Update ECPA

According to a number of media outlets, the Senate Judiciary Committee will consider proposed amendments to the Video Privacy Protection Act (“VPPA”) and to Title II of the Electronic Communications Privacy Act, better known as the Stored Communications Act (“SCA”).  The amendments reportedly will be offered by Judiciary Chairman Patrick Leahy (D-VT), and likely will

Yesterday, the Senate Judiciary Committee approved legislation introduced by Committee Chairman Patrick Leahy (D-VT) (S. 1151) that would require firms to develop comprehensive data security programs and would impose a federal breach notice obligation on firms.  The same day, the Committee also approved amended versions of breach notification measures introduced by Sen. Dianne

Last Thursday, the Senate Judiciary Committee began its consideration of the several pending data security bills by marking up S. 1151, the legislation introduced by Sen. Patrick Leahy (D-VT). 

S. 1151 would require business entities to develop a data privacy and security plan for protecting sensitive personally identifiable information, require agencies and business entities to notify U.S. residents in the event of a security breach involving such information, and impose criminal penalties for intentionally and willfully failing to provide notice of a security breach.

The original version of the bill also contained separate privacy requirements for data brokers, but a substitute amendment deleting that title was adopted by the Committee on Thursday.  The panel also accepted an amendment proposed by Sen. Chuck Grassley (R-IO), which clarified that the definition of “exceeds authorized access” in the Computer Fraud and Abuse Act does not include violations of Internet terms of service agreements or employment agreements restricting computer access, and a separate manager’s amendment which limited civil liability and penalties.


Continue Reading Senate Judiciary Committee Weighs Data Security Legislation