There have been a number of reviews of privacy and security news in 2018. Here’s one by Jadzia Pierce of Covington & Burling, the law firm that has represented my blogs for lo, these many years. I thank them for their ongoing support of my work, and wish them all a happy and healthy New Year in 2019.
United States
Privacy: This year saw a proliferation of several state and federal legislative proposals aimed at protecting consumer privacy and bolstering cybersecurity protections. Notably, California passed the most sweeping privacy law in the country thus far (the California Consumer Privacy Act of 2018), and amendments to the law will continue well into next year until the law enters into force in 2020. Following the CCPA, many members of Congress and the administration began proposing their own, federal-level privacy laws (including Senators Ron Wyden (D-OR) and Brian Schatz (D-HI)). It is unclear which of these proposals stands the greatest chance of moving forward in 2019, or how many additional proposals will be introduced by members of the new Congress.
Cybersecurity: As of 2018, all 50 states (plus the District of Columbia, Puerto Rico, Guam, and the U.S. Virgin Islands) have their own state breach notification laws. In addition, Ohio Senate Bill 220 entered into force in November. The new law creates a “safe harbor” from certain types of tort-based liability for any “covered entity” that implements a cybersecurity program that satisfies certain requirements. These new laws were enacted against the backdrop continually increasing frequency of and costs associated with cyber incidents.
Read more on InsidePrivacy.