David M. Stauss and Gregory Szewczyk of Ballard Spahr LLP write: In the absence of federal action, state legislators continue to propose bills that would increase data privacy and security protections for consumers. Any entity that does business in these states or maintains confidential information of their residents should monitor the legislation to determine whether and how…
Category: Legislation
FR: CNIL issues new data security guidelines
On January 23, 2018, the French data protection authority (the CNIL) published new guidelines on the security of personal data (updating its previous security guide published in 2010 available in English) , providing practical recommendations in the form of “Do’s and Dont’s” to help businesses implement appropriate measures to protect personal data in compliance with…
North Carolina introduces data breach legislation
Bradley Barth reports: More than 5.3 million residents of North Carolina were victims of data breaches in 2017 – an escalating trend that has prompted state Attorney General Josh Stein (D) and state Rep. Jason Saine (R) to introduce newly proposed legislation to prevent further incidents and protect the public. Unveiled on Jan. 8, the…
Kentucky lawmaker files bill to help victims of data breaches
Mark Vanderhoff reports: A state lawmaker said the Equifax data breach affected 40 percent of Kentuckians. Sen. Morgan McGarvey announced proposed legislation to help those victims at the Louisville headquarters of the AARP. […] The bill requires companies to provide victims with: A free credit freeze. Five years of credit monitoring. Three free credit reports…
Public shaming likely but GOP wary of new laws after Equifax breach
AP reports what I’ve basically been telling everyone already. Prospects are good for a public shaming in the Equifax data breach, but it’s unlikely Congress will institute sweeping new regulations after hackers accessed the personal information of an estimated 143 million Americans. Since early this year, President Donald Trump and the Republican-led Congress have strived…
Is The Hutchins Indictment Over Malware Unconstitutional?
Alex Berengaut of Covington & Burling analyzes some of the legal issues raised by the indictment of Marcus Hutchins (@malwaretechblog) for allegedly creating and conspiring to sell malware known as the Kronos banking trojan. He writes, in part: Since Hutchins’ indictment, commentators have questioned whether the creation and selling of malware—without actually using the malware—violates…