Tag Archives: Legislation

Legislation Introduced in House and Senate to Establish Drone Privacy Rules

By Stephen Kiehl Continuing their focus on drone privacy issues, Senator Edward J. Markey (D-Mass.) and Rep. Peter Welch (D-Vt.) introduced legislation in the House and Senate this month that would require drone operators to create policies covering data collection and retention and require warrants for law enforcement agencies to conduct surveillance by drone. The … Continue Reading

Senators Reintroduce Cybersecurity Legislation for Cars and Planes

Senators Ed Markey (D-MA) and Richard Blumenthal (D-CT) reintroduced a pair of bills today relating to the cybersecurity of cars and aircraft, which would impose affirmative security, disclosure, and consent requirements on manufacturers and air carriers.  The Security and Privacy in Your Car (“SPY Car”) Act and Cybersecurity Standards for Aircraft to Improve Resilience (“Cyber … Continue Reading

House Democrats Propose Three Bills that Would Bolster FCC Influence over Cybersecurity

On March 2nd, Democratic members of the House Energy and Commerce Committee introduced three pieces of legislation that would expand the Federal Communications Commission’s (FCC) authority over the cybersecurity practices of communications network providers. The first bill, the “Securing IoT Act of 2017” (introduced by Rep. Jerry McNerney (D-CA)), would expand the FCC’s certification authority … Continue Reading

Federal Government Releases Final Guidance on CISA

Yesterday, the Department of Homeland Security (“DHS”) and Department of Justice released final guidance as required by Title I of the Cybersecurity Act of 2015 (“CISA”), which was enacted into law this past December.  The guidance was prepared in consultation with several additional federal agencies, and includes four separate documents.  We summarize each of the … Continue Reading

Tennessee Amends Breach Notification Law to Cover Breaches of Encrypted Information

Last week, Tennessee Governor Bill Haslam (R) signed S.B. 2005 into law, amending Tennessee’s breach notification law to broaden the scope of information covered and require quicker notifications of the state’s residents.  Most notably, when the amendments enter into force on July 1, 2016, Tennessee will become the only U.S. state that could require notification … Continue Reading

Germany Extends Right of Qualified Consumer Associations to Challenge Privacy Violations

By Monika Kuschewsky Today, a German law to strengthen the private enforcement of certain data protection provisions that aim to protect consumers (the Law) entered in to force, following its publication in the Official Journal yesterday. We previously reported on the draft law here. The Law empowers certain qualified associations to seek injunctive relief against companies … Continue Reading

“Right to Yelp” Bill Passes Maryland State House; Federal Bill Passed Senate in December

By Hannah Lepow Maryland is poised to become the second state in the country to ban businesses from contractually prohibiting customers from posting bad reviews online.  The Nondisparagement Clauses in Consumer Contracts bill passed the state House on February 19 by an overwhelming majority and now goes on to the state Senate. Maryland’s law substantially … Continue Reading

Senators Introduce Bill Requiring Cybersecurity Expertise Reports to SEC

On December 17, 2015, Senators Reed (D-RI) and Collins (R-ME) introduced the Cybersecurity Disclosure Act of 2015 (S. 2410), which has been referred to the Committee on Banking, Housing, and Urban Affairs.  According to the press release accompanying the bill, it “seeks to strengthen and prioritize cybersecurity at publicly traded companies by encouraging the disclosure … Continue Reading

Scope of Preemption in Proposed Data Security Legislation is Uncertain

According to a recent analysis by the Congressional Research Service (“CRS”), the extent of state law preemption in recent federal legislative proposals relating to data security is unclear.  Several bills introduced in the 114th Congress would impose federal data security or breach notification requirements on covered entities, similar to existing requirements in nearly every state. … Continue Reading

Congress Passes the Cybersecurity Act of 2015

The Cybersecurity Act of 2015 (the “Act”) was passed by Congress today as part of the 2016 omnibus spending package.  The Act is very similar to the Cybersecurity Information Sharing Act (“CISA,” S. 754), which passed the Senate on October 27 and was the subject of our previous analysis, although there are some important differences … Continue Reading

Senators Introduce Online Terrorist Activity Reporting Bill

Senators Feinstein (D-CA) and Burr (R-NC) introduced legislation today that would impose reporting duties on entities that “obtain[] actual knowledge of any terrorist activity.”  The bill applies to entities “engaged in providing an electronic communication service or a remote computing service to the public,” which includes social media companies.  Those entities are required to report … Continue Reading

A Closer Look at CISA’s Cybersecurity Information-Sharing Provisions

As we reported on October 27, the U.S. Senate passed the Cybersecurity Information Sharing Act (“CISA,” S. 754).  If enacted into law, CISA would, among other things, establish a voluntary framework for the sharing of cybersecurity threat information between and among the federal government and private entities.  CISA must now be reconciled with two similar … Continue Reading

Senate Passes Cybersecurity Information Sharing Legislation

The U.S. Senate passed the Cybersecurity Information Sharing Act (“CISA,” S. 754) today.  In material part, the bill: establishes a voluntary framework for real-time information sharing of “cyber threat indicators” and “defensive measures” between private organizations (defined to also include state and local governments) and the federal government; with respect to information sharing among private … Continue Reading

Fiat-Chrysler Recalls 1.4 Million Vehicles In Response to Security Vulnerability

Last Friday, Fiat Chrysler announced the recall of 1.4 million vehicles to fix security vulnerabilities, further highlighting the importance of properly addressing cybersecurity issues created by the use of connected devices.  The recall follows an article published last Tuesday by Wired magazine which described methods used by security researchers to remotely access a Jeep Cherokee, … Continue Reading

House Passes Cybersecurity Information Sharing Bills

Yesterday the U.S. House of Representatives passed the National Cybersecurity Protection Advancement Act (NCPAA), a bill that would provide liability protections for companies sharing cyber threat information with the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC).  A related bill, the Protecting Cyber Networks Act (PCNA), was passed by the House on … Continue Reading

House Committees Approve Information Sharing and Data Breach Notice Bills, Setting Stage for Floor Vote

Earlier this week, an information-sharing bill and a data breach bill passed through committee votes in the House, setting the stage for potentially significant legislative action on key cybersecurity issues in the near future.  On Tuesday, the House Homeland Security Committee approved the National Cybersecurity Protection Advancement Act by a unanimous voice vote, following a … Continue Reading

Covington at #SXSW 2015: Members of Congress Discuss Future of Privacy

Although Senator Rand Paul (R-KY) may have received the most attention for his attendance at South by Southwest (“SXSW”) Interactive, many other members of Congress were represented this year.  Continuing our coverage of the conference, this past weekend we attended a panel on “The Future of Privacy,” featuring congressional representatives Darrell Issa (R-CA), Suzan DelBene … Continue Reading

Bipartisan Data Security Bill Put Forth For Review

By Lala Qadir A bipartisan data security bill was unveiled last week as part of a renewed push to create standardized requirements around data breach and security issues.  Both co-sponsors of the bill, Representative Marsha Blackburn (R-TN) and Representative Peter Welch (D-VT), are members of the House Subcommittee on Commerce, Manufacturing, and Trade, and Blackburn … Continue Reading

Congressional Privacy Bill: Commercial Privacy Rights Act of 2015

By Caleb Skeath As we reported yesterday, the Congressional Privacy Bill has been released, following the release of the White House’s proposal for a privacy bill in late February.  The bill contains the Commercial Privacy Rights Act of 2015, the Congressional counterpart to the White House’s proposal, along with data breach notification provisions and the … Continue Reading

White House Privacy Bill Is Released

The White House’s much anticipated draft privacy legislation has now been released.   We are digesting its content now and will post an update with some additional comments shortly. The draft appears to include an expansive definition of “personal data.”  In addition, early press reports note that the draft bill would require companies to inform consumers and … Continue Reading

Data Breach Notification Bills Introduced in House and Senate

By Caleb Skeath Last week, Reps. Joe Barton (R-TX) and Bobby Rush (D-IL) re-introduced the Data Accountability and Trust Act (DATA Act) in the House of Representatives.  The bill (H.R. 580), which has been introduced several times in previous years, would provide a nationwide data security standard, backed by FTC enforcement and civil penalties, as … Continue Reading
LexBlog