Anjali C. Das, Brian Dollar, Stefanie L. Ferrari, and David H. Potter of Wilson Elser Moskowitz Edelman & Dicker LLP write: …. Following the rise of the use of biometric information, the Illinois Legislature passed the Biometric Information Privacy Act (BIPA) in 2008 to provide standards of conduct to help regulate how biometric information is collected,…
Category: State/Local
Ransomware attacks would become felony with Maryland bill
Jared Beinart reports: Using ransomware to hold computers hostage would draw stiffer penalties under legislation — prompted in part by attacks on Maryland hospitals over the past few years — state lawmakers are considering. […] Maryland Senate bill 151, cross-filed with House bill 211, would define ransomware attacks that result in a loss greater than $1,000 as…
California Consumer Privacy Act: The Challenge Ahead – The CCPA’s “Reasonable” Security Requirement
Bret Cohen, Paul Otto, Nathan Salminen, and Morgan Perna (law clerk) of Hogan Lovells write: ….This installment of the Hogan Lovells’ CCPA series explains the CCPA’s security requirement and consequences for non-compliance, and describes security controls that most organizations can implement to mitigate this risk. Available statutory penalties The CCPA allows consumers to sue businesses…
Insurance Data Security Model Law Picks Up Steam
Andreas Kaltsounis and Shea M. Leitch of BakerHostetler write: Three states recently enacted variations of the National Association of Insurance Commissioner’s (NAIC) Insurance Data Security Model Law (MDL-668), based on the landmark cybersecurity requirements issued by the New York Department of Financial Services (NYDFS) in March 2017. The NYDFS requirements apply to certain banking, insurance…
NYCUA to pursue state law on data security
Eric Reinhardt reports that the board of directors of the Albany–based New York Credit Union Association (NYCUA) has approved its 2019 state legislative priorities. And one of those priorities is data security. NYCUA says it would like to see legislation that would require all entities that handle consumer information to comply with comprehensive data-security standards…
North Carolina AG re-introduces legislation to protect against identity theft
Back in January, 2018, North Carolina Attorney General Josh Stein and state Rep. Jason Saine (R) introduced legislation called “Act to Strengthen Identity Theft Protections.” In January, 2019, they’ve reintroduced it. A press release from the Attorney General explains: Attorney General Josh Stein and Rep. Jason Saine today unveiled legislation to strengthen North Carolina’s laws to prevent…