Thursday, April 15, 2021

Subscribers Only

Free

Status of Proposed CCPA-Like State Privacy Legislation

The end of March and beginning of April was another busy week with developments in Washington, Florida, Oklahoma, Alaska, Nevada, and Rhode Island: Washington – The House Committee on Appropriations passed the Washington Privacy Act out of committee. Oklahoma – The author of the Oklahoma Computer Data Privacy Act reported that the bill has been […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Lessons Learned from New York’s Second Cybersecurity Action

The New York Department of Financial Services has announced its second regulatory enforcement action against a regulated entity (a New York licensed mortgage banker and loan servicer) for violating NYDFS’s Cybersecurity Regulations. The action involved the mortgage banker’s failure to report a data breach – a breach caused by an employee overriding the company’s multi-factor […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Florida Legislature Considers Sweeping Data-Privacy Legislation Supported by Governor

Florida has joined the wave of states considering new comprehensive data privacy legislation. On February 15, 2021, Representative Fiona McFarland introduced HB 969, modeled after the California Consumer Privacy Act. The bill is supported by Governor Ron DeSantis and the speaker of the Florida House. As introduced, HB 969 would apply to for-profit businesses that […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Utah Gets a New Data Breach Defense Law

On March 11, 2021, Utah governor Spencer Cox signed the Cybersecurity Affirmative Defense Act, which creates affirmative defenses to certain causes of action arising out of a breach of system security. The Act provides three affirmative defenses: If a “person” (broadly defined to include individuals and most business organizations but not government agencies or departments) […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Department of Commerce Convenes Virtual Forum on Supply Chain Risks in Semiconductor Manufacturing and...

The U.S. Department of Commerce’s Bureau of Industry and Security Office of Technology Evaluation will hold a virtual forum on April 8, 2021, to...

Byte-Sized Q&A: What About Controlled Technical Information?

Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this episode, host Kate Growley talks about what government contractors need to know about controlled technical information or CTI. More at Crowell & Moring
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Finding the Weak Links – President Biden Executive Order Demands Review of Critical U.S....

On February 24, 2021, President Biden signed Executive Order 14017, “Executive Order on America’s Supply Chains,” requiring a review of global supply chains that support key U.S. industries in an attempt to improve supply chain security for the U.S. government and U.S. companies. The new Executive Order appears to be an initial step focused on […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Senate Version of Florida Privacy Law Moves Forward; House Version Makes Class-Action Lawsuits Even...

The Florida Senate’s version of a new comprehensive privacy law (a.k.a. the “Florida Privacy Protection Act” (FPPA)) passed unscathed out of the Senate’s Committee on Commerce and Tourism yesterday. The bill’s sponsor fought off two proposed amendments: one that would have eliminated the private right of action and a second that would have required more […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Utah Becomes the Second U.S. State to Establish Affirmative Defenses for Data Breach

In enacting the Cybersecurity Affirmative Defense Act, HB80, (Act) on March 11, 2021, Utah became the second state in the U.S. to create affirmative defenses for “persons” to certain causes of action arising out of a breach of system security. “Persons” is defined to include individuals, associations, corporations, partnerships, and other business entities. The Act […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

California Court Tosses Alleged “Data Breach” Suit, Holding CCPA Does Not Apply Retroactively

In Gardiner v. Walmart, Inc., a Walmart customer who purchased goods online filed a putative class action alleging that Walmart’s cybersecurity procedures led to a purported unauthorized disclosure of his personal identifying information (PII). This purported “data breach” class action is unique in that the plaintiff cannot identify when and how the data breach occurred. Instead, the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.