Archives: Federal Legislation

Subscribe to Federal Legislation RSS Feed

New FTC Provides Insights Into Its Plan for a Balanced Approach to Data Privacy and Security

Photo of Carolina AlonsoBy Alan L. Friel, John Busch and Carolina Alonso on Posted in Federal Legislation, GDPR, Online Privacy
This year brought unprecedented focus on consumer privacy – the rollout of the European Union General Data Protection Regulation (GDPR), the Cambridge Analytica controversy and Congressional hearings, a GDPR-light law coming out of California, more and bigger security incidents, and multiple proposals for an omnibus federal data protection law. The Federal Trade Commission (FTC or … Continue Reading

Is a New Federal Data Privacy Law on the Horizon? The Tech Industry Sure Hopes So

Photo of Sara GoldsteinBy Laura E. Jehl and Sara Goldstein on Posted in Federal Legislation, Privacy Litigation
Despite several failed attempts in recent years, there is a new effort underway to enact a federal data privacy law, and it’s being led by a somewhat unlikely source – the tech industry. Although they were resistant to a federal privacy law in the past, powerful tech industry players now appear to be publicly embracing … Continue Reading

FCC Broadband Privacy Rule Dead and Buried

By Alan L. Friel, Moustafa Badreldin and Benjamin Barnes on Posted in Behavioral Advertising, Cybersecurity, Federal Legislation
The Federal Communications Commission (FCC) Privacy and Data Security Rule for broadband internet access service (BIAS) providers (the Privacy Rule) is dead. As we discussed here, the new rule that was set to start phased implementation was recently put on hold. We detailed what the Privacy Rule would have required in prior blog posts available … Continue Reading

Deeper Dive: Regulatory Investigations Following a Reported Breach

Photo of Eric A. PackelBy Eric A. Packel on Posted in Data Breaches, Federal Legislation
We recently released our 2016 Data Security Incident Response Report (“Report”), which provides lessons learned and metrics related to over 300 data security incidents handled by our team. As noted in the report, once an incident is made public the potential ramifications include a wide-ranging investigation by a regulatory agency, such as state attorneys general. … Continue Reading

National Highway Traffic Safety Administration Considers Privacy Implications for New Vehicle-to-Vehicle Technology

By Charles Shih on Posted in Federal Legislation, Geolocation
The Department of Transportation’s National Highway Traffic Safety Administration (“NHTSA”) announced in 2014 that it would begin steps toward implementing vehicle-to-vehicle (“V2V”) technology with an aim toward decreasing the number of traffic accidents on the nation’s roads.  V2V technology allows communication between cars on the road to alert drivers of potential accident situations.  However, with … Continue Reading

Privacy Law in a Nutshell

Photo of BakerHostetlerBy BakerHostetler on Posted in Cybersecurity, Federal Legislation, Information Security, International Privacy Law, Marketing
BakerHostetler Privacy and Data Protection Partner Erica Gann Kitaev is a co-author of the recently published Privacy Law in a Nutshell, Second Edition, through West Academic Publishing. Legal issues related to privacy are exploding in the U.S., and virtually all businesses face privacy considerations, particularly as technology and the law evolves.  The Privacy Nutshell is … Continue Reading

Is the 5th Time the Charm? – Nationalizing Data Breach Notification

Photo of Eric A. PackelBy Eric A. Packel on Posted in Breach Notification, Data Breach Notification Laws, Federal Legislation
Once the smoke and dust clears from the latest enormous data breach, the fried servers are hauled away and the ritual IT department purge takes place, the focus seems to turn to the lack of any comprehensive national data breach law. Although certain sector specific breach notification laws are in place, such as HIPAA/HITECH in … Continue Reading

NICS and HIPAA: Where Mental Health Privacy and Gun Control Overlap; HHS Releases Notice of Proposed Rulemaking

Photo of Lynn SessionsBy Anne Foster and Lynn Sessions on Posted in Federal Legislation, HIPAA/HITECH, Medical Privacy
On January 7, 2014, the U.S. Department of Health and Human Services (HHS) issued a notice of proposed rulemaking (NPRM) for the purpose of modifying the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to expressly permit certain HIPAA covered entities to disclose to the National Instant Criminal Background Check System (NICS) the identities … Continue Reading

Careful! Your Company May Be a Defacto Data Broker: Are Privacy Regulators Going for Broke(rs) as part of the 2014 Legislative and Privacy Enforcement Agenda?

Photo of Pamela Jones HarbourBy Pamela Jones Harbour on Posted in Enforcement, Federal Legislation
Concerns about privacy practices in the data broker industry, and the privacy implications about the lack of transparency “behind-the-scenes,” will remain a topic of intense regulatory and legislative focus in 2014.   The Federal Trade Commission has defined “data brokers” as companies that collect personal information about consumers from a variety of public and non-public sources … Continue Reading

The HIPAA/HITECH Final Rule Has Been Released

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Breach Notification, Data Breach Notification Laws, Data Breaches, Enforcement, Federal Legislation, HIPAA/HITECH, Identity Theft, Medical Privacy
The long awaited HIPAA/HITECH Final Rule is out.  The final rule is effective March 26, 2013, but covered entities (CEs) and business associates (BAs) will have 180 days beyond the effective date to come into compliance. While we are still conducting a comprehensive review of this 563-page document, below are a few of the changes we have found so far: … Continue Reading

Cybersecurity Bill Fails Again In Senate

By William Weber on Posted in Cybersecurity, Federal Legislation
Yesterday evening, the Senate again failed to move forward on the Cybersecurity Act of 2012, voting 51-47 not to end debate on the measure (60 votes required). Opponents picked up one additional ‘no’ vote by Sen. Rubio (R-FL), who did not vote on it in August.  Majority Leader Reid faulted the minority and the Chamber … Continue Reading

Rockefeller Questions Fortune 500 on Cybersecurity Act / Data Security Practices

By William Weber on Posted in Cybersecurity, Federal Legislation
Senate Commerce Committee Chairman John D. Rockefeller (D-WV) yesterday blanketed the entire FORTUNE 500 list of companies with a pointed letter inquiring about business opposition to cybersecurity issues and seeking a response by October 19. (Press release here) The letter asks for information on companies’ cybersecurity practices and companies’ concerns about the federal government’s role … Continue Reading

Senate Takes Up Cybersecurity Bill: Can National Security Trump Politics This Close to the Election? Part 3 – The End?

By William Weber on Posted in Cybersecurity, Federal Legislation
This morning, the Senate failed to conclude debate on the cybersecurity bill by a vote of 52 to 46 (60 votes required), likely sounding the death knell for the legislation this year. Five Republicans voted in favor of moving ahead, while five Democrats voted against, but the vote otherwise followed party lines. In other words, … Continue Reading

Senate Takes Up Cybersecurity Bill: Can National Security Trump Politics This Close to the Election? Part 2

By William Weber on Posted in Cybersecurity, Federal Legislation
Yesterday we asked: Can National Security Trump Politics This Close to the Election? The answer is looking more and more like “no”. Having failed to reach agreement with his Republican counterpart on limiting debate and consideration of amendments (of which there are now 167) to the bill, last night Majority Leader Harry Reid (D-NV) filed … Continue Reading

Senate Takes Up Cybersecurity Bill: Can National Security Trump Politics This Close to the Election?

By William Weber on Posted in Cybersecurity, Federal Legislation
That is the $64,000 question. This being Washington, DC, it’s more likely a multi-million dollar question, and the answer is unclear. The Senate voted 84-11 last Thursday to end debate on a procedural motion that allows a revised bill, S. 3414, sponsored by Homeland Security and Government Affairs Committee Chairman Joe Lieberman (D-CT) to be … Continue Reading

Lessons Learned from the Second Circuit’s Reinstatement of Copyright Suit Against YouTube

Photo of Gerald J. FergusonBy Gerald J. Ferguson on Posted in Federal Legislation, Privacy Litigation
The Social Media revolution is built on two legal foundations – the Digital Millennium Copyright Act (“DMCA”) which generally protects websites that host user generated content from copyright claims, and the Communications Decency Act, which generally protects such websites from claims based on the publication of defamatory or other illegal content. The Second Circuit sent … Continue Reading

FTC Issues Final Report with Guidance on Companies’ Online Privacy Practices

Photo of Craig A. HoffmanBy Craig A. Hoffman on Posted in Children’s Privacy, Enforcement, Federal Legislation, Online Privacy
Fifteen months after releasing its preliminary report, the Federal Trade Commission released its final Report, “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Business and Policymakers.”  The much anticipated final report went further than the preliminary report by now calling for Congress to enact general privacy, data security and breach … Continue Reading

Republican Alternative Cybersecurity Bill Introduced In Senate

By William Weber on Posted in Federal Legislation, Information Security
Today eight Republican Senators – all Ranking Members of various committees – introduced the SECURE IT Act, S. 2151, their alternative cybersecurity bill to the bipartisan Cybersecurity Act, S. 2105, introduced two weeks ago.  In remarks on the Senate floor this afternoon, Sen. Kay Bailey Hutchison, Ranking Member of the Senate Committee on Commerce, Science, and Transportation, … Continue Reading

White House Releases Consumer Online “Privacy Bill of Rights”

Photo of Erica Gann KitaevBy Erica Gann Kitaev on Posted in Federal Legislation, Online Privacy
The Obama Administration today unveiled a report entitled Consumer Data Privacy in a Networked World:  A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy.  A central component of the report, which is directed at improving online privacy protections, is a “Consumer Privacy Bill of Rights.”  The Consumer Privacy Bill of Rights … Continue Reading

The Cybersecurity Act of 2012–What Does It Mean?

Photo of Theodore J. Kobus IIIBy Theodore J. Kobus III on Posted in Federal Legislation
Yesterday, Homeland Security and Governmental Affairs Committee Chairman Joe Lieberman (ID-Conn.), Ranking Member Susan Collins (R-Maine), Commerce Committee Chairman Jay Rockefeller (D-W.Va.), and Select Intelligence Committee Chairman Dianne Feinstein, D-Ca. introduced The Cybersecurity Act of 2012.  The press release can be found here. We are seeing an increasing number of attacks targeting government secrets, trade … Continue Reading

Bipartisan Senate Cybersecurity Bill Introduced Amid Partisan Opposition

By William Weber on Posted in Federal Legislation, Information Security
The Cybersecurity Act of 2012, S. 2105, was introduced yesterday by Senators Joe Lieberman (I-VT), Susan Collins (R-ME), Diane Feinstein (D-CA), and John Rockefeller (D-WV). Here are links to the: Bill Summary of the Cybersecurity Act of 2012 Section-by-Section Description of the Cybersecurity Act of 2012 It immediately drew opposition from seven Republican Ranking Members, who … Continue Reading

Senate Cybersecurity Bill Due Out This Week; Floor Action Not Likely Until March

By William Weber on Posted in Cybersecurity, Federal Legislation, Information Security
Odds are good that legislation to address online threats to the nation’s critical infrastructure assets will finally be released this week, but real action on it won’t take place until March: The Homeland Security and Government Affairs Committee, chaired by Joe Lieberman (I-CT), has scheduled a hearing on the ‘Cybersecurity Act of 2012’ for Thursday … Continue Reading
LexBlog