Emily Poole of Alston & Bird writes:
As ransomware attacks continue to dominate the news cycle, legislation has recently been introduced in several states that would place limits on certain entities’ ability to pay a ransom payment in the event of a ransomware attack. Although the proposed limits would generally apply to state agencies and other local governmental authorities, certain state proposals may also apply to state agencies’ IT service providers, entities that receive public funds, and/or business entities more broadly. The following summary provides an overview of five pending bills in New York, North Carolina, Pennsylvania, and Texas.
Read about the bills on Privacy, Cyber & Data Strategy Blog.