Democrats Propose Tough Opt-In Privacy Law

Ed Markey and Richard Blumenthal proposed on Wednesday a “privacy bill of rights” that would prevent social media sites and other websites from sharing or selling sensitive information without a customer’s opt-in consent.

DOD Outlines New 2-Step Test For Cyber Vulnerabilities

As reported in Law360 this week, “The U.S. Department of Defense’s main testing office has updated its procedures for how DOD testers should evaluate cybersecurity in acquisition programs, setting out a two-step test for finding cyber vulnerabilities meant to ensure DOD systems can carry out their intended missions while under cyberattack. The new memo, replacing a previous 2014 document, is intended to help DOD components deliver systems that are ‘both secure and resilient in all aspects of the expected operational environment,’ the Office of the Director of Operational Test and Evaluation said in its memo, made public April 4. Whether the requirements of the memo have been followed will be taken into account when the office conducts its’ own cybersecurity reviews, it said.”

EPIC Sues To Force ICE To Release Mobile Hacking Tech Info

Via Law360: “The Electronic Privacy Information Center sued U.S. Immigration and Customs Enforcement in D.C. federal court Monday, seeking the release of records on the agency’s purchase and use of mobile surveillance technology that can scrape encrypted data from smartphones. EPIC, a Washington-based nonprofit that focuses on privacy and civil liberty issues, said it had tried to get a range of information about ICE’s contracts for the smartphone hacking technology and its use at the border under the Freedom of Information Act, but the agency had refused and failed to respond to an appeal.”