Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: legislation

Posted in Cybersecurity & Data Breaches

Bipartisan Group of Senators Introduce Bill to Impose Baseline Security Requirements for IoT Devices Provided to U.S. Government

On August 1, a bipartisan group of four senators introduced a bill that would impose specific cybersecurity requirements on providers of Internet of Things devices when doing business with the U.S. Government and provide liability protections for security researchers who disclose vulnerabilities affecting these devices. Though the bill’s security requirements would apply only in cases where entities are acting as contractors to the U.S. Government, if enacted, it likely would be influential on IoT vendors operating in the consumer context as well. The bill is largely consistent with an ongoing multistakeholder effort led by the National Telecommunications and Information Administration aimed at developing voluntary security standards for Internet-connected devices.

Posted in International/EU Privacy

Why Silicon Valley Should Care About the UK Investigatory Powers Bill

The need for proper and legitimate powers to enable intelligence and law enforcement agencies to do their job and to keep everyone safe requires little justification. However, in our data-rich and uber-connected way of life, those powers necessarily involve a substantial degree of intrusion into our digital comings and goings, and that makes things complicated. In a show of political awareness and legislative dexterity, in November 2015, the UK government presented its draft Investigatory Powers Bill—an attempt to strike a balance between intelligence and law enforcement needs with the protection of ordinary citizens’ privacy. The Bill seeks to adopt a comprehensive and sophisticated framework of modern law enforcement and intelligence gathering powers. It is currently being scrutinized by a parliamentary committee and subject to public consultation.

Posted in Cybersecurity & Data Breaches

Hogan Lovells’ IAPP Tracker Post Highlights Data Security and Breach Notification Legislation in Congress

For more than a year now, we have been hearing that the spate of highly-publicized data breaches could lead to federal data security and data breach legislation. On March 25, the House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade took action that brings us closer to seeing that prediction become a reality. In this post, we take a closer look at the bipartisan legislation approved by the subcommittee—the Data Security and Breach Notification Act of 2015 — and discuss five key provisions that are likely to be at issue as the legislation moves forward.

Posted in Consumer Privacy, Cybersecurity & Data Breaches

The White House Announces a Cybersecurity Summit and Information Sharing Proposals

President Obama today addressed cybersecurity for the second time in as many days in a speech at the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC). Early this morning, the White House announced a February 13 Summit on Cybersecurity and Consumer Protection and released further details on several initiatives to promote cybersecurity information sharing between the private sector and government. The President then convened a meeting with congressional leaders in which he discussed cybersecurity issues. Speaking about his cooperation with House Speaker John Boehner (R-OH) and Senate Majority Leader Mitch McConnell (R-KY), the President noted “I think we agreed that this is an area where we can work hard together, get some legislation done and make sure that we are much more effective in protecting the American people from these kinds of cyber attacks.” Today’s developments follow the President’s address to the Federal Trade Commission (FTC) yesterday, in which he announced a legislative proposal on national data breach reporting and emphasized the importance of student and consumer privacy. Together, these events provide a preview of initiatives that the President is expected to highlight during his State of the Union address on January 20.

Posted in Cybersecurity & Data Breaches

Cybersecurity Information Sharing Bill Passes House with Veto-Proof Margins

On April 18, the US House of Representatives passed the Cyber Intelligence Sharing and Protection Act (CISPA), H.R. 624, which would enable companies to share information about cyber threats while benefiting from certain liability protections. The bill passed despite a White House threat earlier this week to veto the bill. The vote was 288-127, with 196 Republicans and 92 Democrats in […]

Posted in Cybersecurity & Data Breaches, News & Events

Podcast Interview with Harriet Pearson on Cybersecurity Issues

The February 21 edition of The Corporate Counsel.Net blog presents an audio interview with Hogan Lovells partner Harriet Pearson in which the following topics are addressed: Why cybersecurity is a hot topic for lawyers now, and not just IT staff. The signficance of recent interactions on this topic between Senator Rockefeller and the CEOs of the […]

Posted in Cybersecurity & Data Breaches

U.S. Cybersecurity Executive Order Signed, Will Affect Many Types of Businesses

On February 12, President Obama signed an Executive Order on “Improving Critical Infrastructure Cybersecurity,” and then referenced the Order and the need for additional congressional action during the State of the Union address on the same day: America must also face the rapidly growing threat from cyber-attacks. We know hackers steal people’s identities and infiltrate […]

Posted in Cybersecurity & Data Breaches

Upcoming Cybersecurity Webinar to Feature Hogan Lovells Partner

On November 28, Bloomberg BNA is hosting a ninety-minute program on “Cybersecurity: The Corporate Counsel’s Agenda.” The webinar will review the latest cybersecurity developments, existing laws and enforcement initiatives, the post-election cybersecurity legislation landscape, and tips for what in-house counsel should be doing to manage cyber risk. Hogan Lovells partner Harriet Pearson will participate on […]

Posted in Consumer Privacy

Capitol Hill Focus on Privacy Reveals Rifts; Upcoming Program in House Announced

On Wednesday, the Senate Commerce Committee held a hearing on consumer privacy and the need for a federal baseline law. On one side — Senators Rockefeller (D-WVA) and Kerry (D-MA), strong proponents of baseline privacy legislation, and on the other was Senator Pat Toomey (R-PA), who questions whethere there is the need at all for legislation and who expressed cocern over compliance costs threatening innovation. On Monday, the Congressional Internet Caucus wil hold a program on pending privacy legislative proposals, moderated by Hogan Lovells Privacy Leader Chris Wolf.

Posted in Consumer Privacy

New TCPA Reform Bill Introduced in House

Legislation has been introduced in the U.S. House that would modernize the Telephone Consumer Protection Act and enable businesses to make additional informational calls to wireless telephone numbers. As currently drafted, however, the bill would retain many of the existing restrictions on placing telemarketing calls to wireless telephones.

Posted in Consumer Privacy

California Public Utilities Commission Proposed Decision Lays Out Smart Grid Deployment Plan Requirements

The California Public Utilities Commission recently issued a proposed decision, which provides California energy companies with details on what information they will need to provide in plans to be submitted prior to the deployment of Smart Grids. The proposed decision is a major step in California’s creation of the regulatory framework that will apply to energy companies as they increasingly rely on Smart Grids to deliver energy to consumers.

Posted in Cybersecurity & Data Breaches

House Passes Comprehensive Data Security Legislation

On December 8, the House of Representatives by voice vote passed H.R. 2221, entitled the “Data Accountability and Trust Act,” which would require all organizations engaged in interstate commerce that manage or contract another to manage electronic data containing personal information to comply with a comprehensive set of standards designed to protect that information from unnecessary disclosure and to prevent identity theft and other fraud. Th eBill now heads to the Senate where passage this year is unlikely, but where consideration next year is expected.

Posted in Cybersecurity & Data Breaches

District Court Explains Ruling that Red Flags Rule Doesn’t Apply to Lawyers, Implies Limitation of Applicability to Banking, Lending, & Finance Sectors

On December 1, Judge Reggie Walton of the U.S. District Court for the District of Columbia issued a memorandum opinion in a lawsuit by the American Bar Association against the Federal Trade Commission, explaining his October 29 ruling from the bench that the FTC’s Red Flags Rule does not apply to lawyers.  Holding that "[e]ven a […]

Posted in Cybersecurity & Data Breaches

Senate Committee Approves Data Security Bills Creating Federal Data Security Program, Breach Notification Requirements: Criminal and Civil Penalties Give Proposed Law Real Teeth

On November 5, the Senate Judiciary Committee passed two bills that collectively would preempt a large swath of the patchwork quilt of state data security and breach notification laws that largely comprise the U.S. regulatory landscape today. While imminent passage is not expected, the prospects for a federal law are gaining momentum. Especially noteworthy are the criminal and civil penalties being proposed for companies that fail to properly deal with a data security breach.

Posted in Cybersecurity & Data Breaches

Recently Introduced Federal Legislation May Expand Regulation of Data Brokers

The Personal Data Privacy and Security Act (“PDPSA”), recently reintroduced by Sen. Patrick Leahy (D-VT) and referred to the Senate Judiciary Committee proposes comprehensive federal regulation of data broker services.  While enactment of the PDPSA remains uncertain, the draft legislation may presage future legislative and regulatory trends. Comprehensive Federal Regulation of “Data Brokers” Title II […]

Posted in Cybersecurity & Data Breaches

Draft Federal Legislation May Bring Changes to Data Breach Practices

 On July 22, 2009, Sen. Patrick Leahy (D-VT) reintroduced S. 1490, the Personal Data Privacy and Security Act (“PDPSA”), which has been referred to the Senate Judiciary Committee.   The reintroduced PDPSA is substantially similar to the prior version reported out by the Judiciary Committee in 2007, which was co-sponsored by then-Sen. Barack Obama.  Among the […]