On September 4, 2018, the National Institute for Standards and Technology (NIST) announced that it would begin a collaborative process to develop a new Privacy Framework. Modeled on the agency’s Framework for Improving...more
On Friday, August 3, 2018, Chairman Ajit Pai of the Federal Communications Commission (“FCC”) sent a pair of letters to Congress to defend the FCC’s stance on net neutrality. Chairman Pai was responding to letters sent in...more
On July 12, 2018, the American Civil Liberties Union filed a Freedom of Information Act request seeking the release of a report by the Privacy and Civil Liberties Oversight Board (“PCLOB”) on the handling of personal...more
On June 6, 2018, the U.S. Senate Committee on Homeland Security and Governmental Affairs held a hearing on Senate Bill 2836, the Preventing Emerging Threats Act of 2018. The focus of the hearing was “Countering Malicious...more
The Department of Defense has ordered retail stores on U.S. military bases to stop selling phones made by two Chinese manufacturers, Huawei Technologies Co. and ZTE Corp. The move signals an escalating view from the U.S....more
On February 14, 2018, the U.S. House of Representatives Subcommittee on Financial Institutions and Consumer Credit of the Committee on Financial Services held a hearing entitled “Examining the Current Data Security and Breach...more
On November 28, 2017, the statutorily-appointed independent EU advisory body known as the Article 29 Working Party (“WP29”) released its report following the First Annual Joint Review on the EU-U.S. Privacy Shield (“Privacy...more
On October 19, 2017, a bipartisan group of federal legislators introduced legislation to increase transparency of and accountability in online political advertisements in order to limit foreign interference in US elections....more
On August 22, 2017, the President’s National Infrastructure Advisory Council (“NIAC”) issued a Report on securing critical U.S. infrastructure against cyber-attacks. The Report states that the U.S. is underprepared for the...more
As Governor Terry McAuliffe (D-VA) completed his term as Chair of the National Governors Association, he announced on July 14, 2017, that 38 governors had signed a compact to improve state cybersecurity. The compact was the...more
On June 15, 2017, the U.S. House Committee on Science, Space, and Technology (the “Committee”) held a hearing on the recent WannaCry ransomware attack. The hearing was convened jointly by the Subcommittee on Oversight and...more
On May 24, 2017, the Senate Judiciary Committee’s Subcommittee on Crime and Terrorism held a hearing on issues related to warrants for data stored abroad by U.S. entities and possible reforms of the Electronic Communications...more
On Friday, April 14, 2017, Senator Richard Blumenthal (D-Conn.) announced his plan to introduce a bill that would allow the Federal Trade Commission (“FTC”) to regulate consumer privacy protections regarding Internet service...more
On Tuesday, February 14, 2017, the United Kingdom officially opened its National Cyber Security Centre (“NCSC”). The NCSC, which got off the ground starting last October, will be part of the Government Communications...more
On Tuesday, January 24, 2017, U.S. Representatives Ted Lieu (D-CA) and Joe Wilson (R-SC) introduced the Security and Privacy in Your Car Study Act of 2017. The bill, H.R. 701, directs the National Highway Traffic Safety...more
On December 1, 2016, the Commission on Enhancing National Cybersecurity issued its final report with a series of recommendations for the incoming administration on strengthening the country’s cybersecurity. As explained...more
On November 2, 2016, Judge Rosemary Collyer of the U.S. District Court for the District of Columbia dismissed a class action cybersecurity lawsuit against the Internal Revenue Service (“IRS”) for lack of standing and failure...more
On Thursday, October 20, the Federal Reserve, the Office of the Comptroller of the Currency, and the Federal Deposit Insurance Corporation jointly issued an advance notice of proposed rulemaking, requesting comments on...more
On Tuesday, September 13, 2016, the New York Department of Financial Services unveiled new proposed cybersecurity regulations aimed at banks, insurers, and financial services companies, imposing a host of obligations on these...more
On Monday, August 22, the non-profit Electronic Privacy Information Center (“EPIC”) brought suit in the U.S. Court of Appeals for the D.C. Circuit against the Federal Aviation Administration (“FAA”), challenging the lack of...more
On July 11, 2016, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) published new guidance on the how HIPAA applies to ransomware prevention and attacks. Specifically, the guidance lays out...more