Privacy & Security Law Blog

Privacy & Security Law Blog

Legal Commentary and Resources for the Payment Industry

Insight & Commentary on Information Management and Protection

Developments & Commentary

internetofthingsNew FTC Report on IoT Maintains Need for Baseline Privacy Legislation and Begins to Recognize Limitations of FIPPS in a Connected World

The Federal Trade Commission released its long awaited staff report on privacy and security issues presented by the emerging market for connected devices, also known as, the Internet of Things (“IoT”) (the “Report”) this morning.  The report follows up on the Workshop held in November 2013 and defines the IoT ...

FTCFTC Director Rich: Greater Transparency Needed in Post-Mad Men Era of Online Advertising

The world of the popular television show Mad Men may be glamorous, but according to the Director of the Federal Trade Commission’s Bureau of Consumer Protection, Jessica Rich, it depicts more fiction than fact about modern advertising practices which has moved online and depends on vast amount of customer data.  ...

change 2World Economic Forum Releases Framework to Quantify Cyber Threats

In conjunction with its annual meeting this week, the World Economic Forum released a report on its current efforts to develop a common framework to model and quantify the impact and risk of cyber threats.  The report highlights that “even well-guarded [organizations] face the threat of a cyberattack.” The report embraces ...

New York4 Things You Must Know About the New York Attorney General’s New Data Security Proposal

Fast on the heels of President Obama’s proposal to create a national data breach notification standard, yesterday, New York Attorney General, Eric Schneiderman announced that he will propose legislation that would significantly strengthen New York’s existing data security laws and establish new consumer privacy protections. Citing the “prevalence and increase of ...

locksPresident Obama Proposes National Data Breach Law, Unveils New Consumer and Student Privacy Initiatives

On January 12 President Obama visited the Federal Trade Commission (“FTC”) where he unveiled several new data security and privacy initiatives, including proposed legislation to create a national data breach notification law and strengthen student privacy. According to the White House, President Obama’s visit to the FTC was the beginning ...

Resources & Updates

Data storage cyber conceptCybersecurity: The Human Factor

Financial institutions are under a constant and growing cyber assault from hacktivists that want to cause online mischief, criminals that want to steal consumer data and nation-states that are looking for a military, political or economic advantage. In this increasingly costly war, the focus is often on the latest hardware, ...

congress money2Congress Funds Cybersecurity: Spending Bill Allocates over $1 Billion to Cybersecurity

The final spending bill of the 113th Congress, which keeps the government doors open until September 30th of 2015, was passed by the House on December 11th, the Senate on the 13th, and signed by the President on December 16th. It is a $1.1 trillion omnibus spending bill that will ...

cyber buttonCongress Confirms NIST’s Role in Cybersecurity – and the Continuation of the Cybersecurity Framework

The Cybersecurity Enhancement Act of 2014 (CEA) was passed by the House and the Senate on December 11th, and signed by the President on the 18th. The bill formalizes the role of the National Institute for Standards and Technology (NIST) in continuing to develop the voluntary Cybersecurity Framework. Through five ...

164310488Congress Passes Cybersecurity Workforce Legislation

The Border Patrol Agent Pay Reform Act of 2014 was passed by the Senate on September 18th, by the House on December 10th, and signed by the President on December 18th. It contains provisions from the Cybersecurity Workforce Recruitment and Retention Act of 2014, which allows the Secretary of the ...

red congressCongress Passes The Federal Information Security Modernization Act of 2014: Bringing Federal Agency Information Security into the New Millennium

The Federal Information Security Modernization Act of 2014 (FISMA) was passed by the Senate on December 8th, by the House on December 10th, and by the President on December 18th. It is a comprehensive bill intended to bring federal agency information security practices into the new millennium – to better ...