Liisa Thomas and Snehal Desai of Sheppard Mullin write: The Georgia Supreme Court recently concluded that Georgia’s equivalent of the CFAA should be viewed narrowly, similar to the US Supreme Court’s recent, similar decision in Van Buren. In Kinslow v. State, the Georgia Supreme Court held that even if there is unauthorized use of a computer or computer network,…
Category: State/Local
NYDFS Issues Guidance on Cybersecurity Controls to Combat Ransomware and Clarifies Reporting Obligations
Lance Taubin, Kate Hanniford, and Kimberly Peretti of Alston & Bird write: The New York Department of Financial Services (NYDFS) issued new guidance this week intended to assist organizations in thwarting ransomware attacks. The guidance clarifies the NYDFS’ expectation that NYDFS-regulated companies should “implement these controls whenever possible” and report any successful deployment of ransomware…
State Legislatures Consider Bans on Ransomware Payments
Emily Poole of Alston & Bird writes: As ransomware attacks continue to dominate the news cycle, legislation has recently been introduced in several states that would place limits on certain entities’ ability to pay a ransom payment in the event of a ransomware attack. Although the proposed limits would generally apply to state agencies and…
Connecticut on its Way to an Enhanced Data Breach Notification Law
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write: State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy Breaches, a measure that will enhance and strengthen Connecticut’s data breach notification…
Texas Passes Bill Establishing “Wall of Shame” for Data Breaches
Jonathan Ishee and Amanda Ray of McGuireWoods LLP write: On May 31, 2021, the Texas Legislature approved House Bill 3746, which seeks to amend the Texas Business and Commerce Code § 521.053 relating to certain notifications required following a breach of security of computerized data. Notably, the bill directs the Texas attorney general to post…
Iowa Law Safeguards Insurance Consumers’ Private Data
Katya Maruri reports: In a move to defend insurance consumers’ private information, Iowa Gov. Kim Reynolds has enacted a bill to set new standards related to data security, investigations and cybersecurity events for insurance companies. The bill, known as HF 719, came about in response to several major data breaches involving large insurers that exposed and compromised the sensitive…