Federal Agencies

Another Data Privacy Law? Colorado Enacts the Colorado Privacy Act

By J. Hunter Robinson & Junaid Odubeko on July 22, 2021

Posted in CCPA, CPRA, Cybersecurity, Data Collection, Data Privacy, Data Security, Federal Agencies, GDPR, Privacy Policy

Another Data Privacy Law? Colorado Enacts the Colorado Privacy Act Colorado became the third state to enact comprehensive data privacy legislation when Gov. Jared Polis signed the Colorado Privacy Act (CPA) on July 8, 2021. The CPA shares similarities with its stateside predecessors, the California Consumer Privacy Act (CCPA), the California Privacy Rights Enforcement Act (CPRA), and the Virginia Consumer Data Protection Act (VCDPA), as…

Energy and Infrastructure Companies Need to Know about the DOE’s and Other Agencies’ Focus on Cybersecurity

By Lyndsay E. Medlin & Andrew Tuggle on July 19, 2021

Posted in Cybersecurity, Data Privacy, Data Security, Federal Agencies, Investigations/Enforcement

On March 18, 2021, the Department of Energy’s (DOE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) announced three new research programs that are “designed to safeguard and protect the U.S. energy system” from potential cyberattacks. The DOE also announced a 100-day plan to address cybersecurity risks to the U.S. electric system. Not to…

Executive Order on Cybersecurity Sets Aggressive Timeline

By Andrew Tuggle, David Vance Lucas & Sarah Sutton Osborne on May 14, 2021

Posted in Cybersecurity, Data Privacy, Federal Agencies, Regulatory Supervision

Executive Order on Cybersecurity Sets Aggressive Timeline The Colonial Pipeline cyberattack prompted the issuance of a long-awaited executive order (EO) on improving U.S. cybersecurity. The EO mandates that, within six months, all federal agencies implement multi-factor authentication (MFA) and both at-rest and in-transit encryption. It also calls for agencies to comprehensively log, share, and analyze information about cyber incidents and creates a…

Florida Legislature Considers Sweeping Data-Privacy Legislation Supported by Governor

By Junaid Odubeko & Erin Jane Illman on March 25, 2021

Posted in CCPA, Cybersecurity, Data Collection, Data Privacy, Federal Agencies

Florida Legislature Considers Sweeping Data-Privacy Legislation Supported by Governor Florida has joined the wave of states considering new comprehensive data privacy legislation. On February 15, 2021, Rep. Fiona McFarland introduced HB 969, modeled after the California Consumer Privacy Act (CCPA). The bill is supported by Gov. Ron DeSantis and the speaker of the Florida House. As introduced, HB 969 would apply to for-profit businesses…

Critical Changes for U.S. Cleared Facilities

By David Vance Lucas & Andrew Tuggle on March 18, 2021

Posted in Cybersecurity, Data Security, Federal Agencies

Codification of the NISPOM and replacement of JPAS

Two significant changes are underway by the Defense Counterintelligence and Security Agency (DCSA) – both of which require the immediate attention of businesses that hold a U.S. security clearance or are in the process of application for a clearance.

The first change is the codification of the…

FTC Eyes Vendor Oversight in Safeguards Rule Settlement

By Christopher K. Friedman on January 4, 2021

Posted in Cybersecurity, Data Privacy, Data Security, Federal Agencies, Federal Trade Commission, Investigations/Enforcement, Regulatory Supervision, Vendor Management

FTC Eyes Vendor Oversight in Safeguards Rule Settlement On December 15, 2020, the FTC announced a proposed settlement with Ascension Data & Analytics, LLC, a mortgage industry analytics company, related to alleged violations of the Gramm-Leach-Bliley Act’s (GLBA) Safeguards Rule. In particular, the FTC claimed that Ascension Data & Analytics’ vendor, OpticsML, left “tens of thousands of consumers[’]” sensitive personal information exposed “to…

Online and On Point

Menu