Tag Archives: Legislation

Florida Enacts Stringent Breach Notice Law

Last Friday, Florida’s governor signed into law the Florida Information Protection Act of 2014 (“FIPA”), a bill repealing Florida’s existing data security breach notice law and replacing it with what will be one of the nation’s most stringent breach notice laws.  This post summarizes the key aspects of the new law, which becomes effective July … Continue Reading

EU Justice Ministers Reach A Common Position on Aspects of the Draft EDPR

On June 6, 2014, the Justice and Home Affairs Council of the European Union (the “Council”), representing individual EU Member States, reached a common position on certain important aspects of the draft European Data Protection Regulation (the “Regulation”).  Specifically, the Council reached an agreement on rules governing transfers of personal data outside the EU, set … Continue Reading

Senate Judiciary Subcommittee To Examine “Stalking Apps”

Tomorrow, the Senate Judiciary Subcommittee on Privacy, Technology and the Law will hold a hearing on legislation reintroduced in March by Senator Al Franken (D-MN), the Location Privacy Protection Act of 2014.  The bill would regulate the development, operation, and sale of “stalking apps” and also would require companies to get consumer permission before collecting … Continue Reading

Obama Administration and House Intelligence Committee Announce Proposals to Reform NSA Bulk Collection Program

After months of debating how to reform the National Security Agency’s bulk telephony metadata program, the Obama administration confirmed on Tuesday that it will ask Congress to pass legislation that restructures the program and ends the government’s practice of retaining bulk phone records. Under the proposal, as described in media reports, the NSA would end … Continue Reading

A Conversation with State and Federal Privacy Regulators Turns to State Data Breach Enforcement

On Monday, the International Association of Privacy Professionals (IAPP) hosted a discussion that featured state and federal privacy regulators.  The panel included Maneesha Mithal, Associate Director for the Division of Privacy and Identity Theft at the Federal Trade Commission; Marty Jackley, Attorney General of South Dakota; and Bill Sorrell, Attorney General of Vermont.  The panel … Continue Reading

Comparison of Five Data-Breach Bills Currently Pending in the Senate

Data security continues to be a hot issue on Capitol Hill, and just yesterday Attorney General Eric Holder urged Congress to create a “strong, national standard” for quickly reporting data breaches to consumers.  Democratic and Republican senators have been busy drafting legislation that would establish national requirements for data security and breach notice.  The following … Continue Reading

Senate Democrats Introduce Data Security and Breach Notification Act of 2014

In the wake of the high profile retailer data breaches involving Target and Neiman Marcus, among others, Capitol Hill is re-engaging on data security breach legislation.  Among other activity in Congress, Senators John D. Rockefeller IV (D-West Virginia), Dianne Feinstein (D-California), Bill Nelson (D-Florida), and Mark Pryor (D-Arkansas) recently introduced the Data Security and Breach … Continue Reading

Senate Bill Would Create ‘Stringent’ Penalties to Deter Data Breaches

Data collection and security was a big topic on the Hill last week, where five congressional committees examined the issue over several days.  On the topic of data breaches specifically, the Senate Judiciary Committee held a hearing on “Privacy in the Digital Age: Preventing Data Breaches and Combating Cybercrime” and the House Energy and Commerce … Continue Reading

Retailers Testify on Data Security at Senate Judiciary Committee Hearing, Express Support for Chip-and-PIN Technology

Last Tuesday, February 4, the Senate Committee on the Judiciary held a hearing on “Privacy in the Digital Age.” Among the panelists were Executive Vice President and Chief Financial Officer of Target, John Mulligan, and Senior Vice President and Chief Information Officer of the Neiman Marcus Group, Michael Kingston. Federal Trade Commission (“FTC”) Chairwoman Edith … Continue Reading

House Republicans Signal Push for Data Breach Legislation

In the wake of the recent Target Corp. credit card data breach, Congress is once again turning its attention to data breach legislation. In a memorandum to Republican lawmakers on January 2, House Majority Leader Eric Cantor (R-Va.) stated that he intends to schedule legislation on security and breach notification requirements for federally facilitated healthcare … Continue Reading

Roundup of Recently Enacted Privacy Legislation in California; Some Measures Will Become Effective on January 1, 2014

The California legislature has enacted a flurry of privacy-related laws over the past few months.   Still more bills are pending.  This post provides a brief overview of new privacy laws enacted in California in 2013, including measures that will become effective on January 1, 2014.  For a more detailed look at some of these key … Continue Reading

CA Governor Signs Bill Providing Online Protections For Minors

Earlier this month, we blogged about the California Senate’s passage of the bill titled “Privacy Rights for California Minors in the Digital World”, which prohibits certain targeted advertising to California minors and requires that minors be allowed to delete materials they have posted online.  Yesterday, California Governor Jerry Brown signed the legislation, and it will … Continue Reading

CA Passes Legislation Requiring Search Warrant For Disclosure of Stored Content

Continuing a flurry of recent legislative activity (see posts here and here), the California legislature on Tuesday passed a bill requiring that California law enforcement agencies obtain a search warrant to compel the production of communications content (e.g., emails and social media messages) from providers of electronic communication services.  A service provider may provide stored content … Continue Reading

New Jersey Restricts Employer Access to Employees’ Personal Online Accounts

New Jersey has enacted restrictions on the ability of employers to access employees’ social media accounts, becoming the twelfth state to enact such legislation. More than 30 state legislatures have considered bills on the topic in 2013, according to the National Conference of State Legislatures. New Restrictions in New Jersey New Jersey’s new law, signed … Continue Reading

CA Legislature Passes Bill Establishing Online Protections for Minors

Last Friday the California Senate unanimously passed legislation titled, “Privacy Rights for California Minors in the Digital World,” which prohibits certain types of marketing to minors (defined as a natural person under the age of 18 residing in California) and allows minors to delete materials they have posted online.  The bill, which already cleared the … Continue Reading

Bill Adding Do-Not-Track Disclosures to CalOPPA Passes California Senate

Last week the California Senate unanimously approved a bill requiring that operators of commercial websites and online services that collect personal information disclose how they respond to “do-not-track” signals from web browsers and whether they allow third parties to engage in online tracking.  The legislation, which was introduced by Assemblyman Al Muratsuchi, has been sponsored … Continue Reading

Senators Rockefeller and Thune Introduce “Cybersecurity Act of 2013”

In advanced of a July 25 Senate Commerce Committee hearing on “The Partnership Between NIST and the Private Sector: Improving Cybersecurity,” Chairman Jay Rockefeller (D-WV) and Ranking Member John Thune (R-SD) introduced the “Cybersecurity Act of 2013” (S. 1353). The bill avoids controversial topics such as information sharing and regulation of critical infrastructure cybersecurity and … Continue Reading

Senators, Justice Department Voice Support for Expanding Journalists’ Protections

A group of senators announced on Wednesday that they would renew their push for federal legislation to limit the ability of federal authorities to compel journalists to reveal information about or obtained from confidential sources, after the U.S. Department of Justice announced it would tighten its own standards for when to seek such information. The … Continue Reading

CA AG Releases Data Breach Report

On Monday, California Attorney General Kamala Harris for the first time released a data breach report; the report details 131 data breaches reported to the CA AG’s office, which collectively exposed the personal information of 2.5 million Californians.  56% of the breaches involved Social Security numbers, a category of information disclosure which creates a heightened … Continue Reading

ECPA Reform Bill Sails Through Senate Judiciary Committee

Yesterday, a bill that would reform the Electronic Communications Privacy Act of 1986 (“ECPA”) was approved by the Senate Judiciary Committee on a voice vote. Under ECPA, as it currently stands, police need only a subpoena, issued without approval by a judge, to access private e-mails that have already been opened or that are more … Continue Reading

Utah, New Mexico, Arkansas are Latest States to Restrict Access by Employers or Schools to Personal Social Media Accounts

After gaining prominence in 2012, state legislation restricting access to personal social media accounts by employers and schools has remained active.  Three more states have enacted their own restrictions thus far in 2013, and bills are pending in more than two dozen other states, according to the National Conference of State Legislatures. In 2012, Illinois … Continue Reading

Cyber Intelligence Sharing and Protection Act Passes House Intelligence Committee

In a vote Wednesday afternoon, the House Permanent Select Committee on Intelligence passed the Cyber Intelligence Sharing and Protection Act (“CISPA”).  Eighteen Representatives voted in favor of the bill, and two–Rep. Adam Schiff (D-CA) and Rep. Jan Schakowsky (D-IL)–voted against. The Committee adopted amendments that Chairman Mike Rogers (R-MI) and Ranking Member Dutch Ruppersberger (D-MD) … Continue Reading

Amendments Expected for Cyber Intelligence Sharing and Protection Act

By David N. Fagan and Kristen E. Eichensehr  In a call with reporters Monday, Representatives Mike Rogers (R-MI) and Dutch Ruppersberger (D-MD), respectively the Chairman and Ranking Member of the House Permanent Select Committee on Intelligence (“HPSCI”), announced several planned amendments to the Cyber Intelligence Sharing and Protection Act (“CISPA”).  The bill is expected to … Continue Reading

Proposed California “Right to Know” Act Would Require Broad Disclosures To CA Residents

A bill titled the “Right to Know Act of 2013” (AB 1291), which was first introduced by Assembly Member Bonnie Lowenthal this past February, continues to gather momentum in the California legislature.  The Right to Know Act would repeal and re-write Cal. Civ. Code § 1798.83 (often referred to as the California Shine the Light law) … Continue Reading
LexBlog