April 3, 2018, Inside Privacy

[This article was originally published in Law360] Last week, South Dakota became the 49th U.S. state to enact a data breach notification law with the passage of S.B. 62, which sets forth requirements for notifying state residents, the state attorney general, and major consumer reporting agencies in the event of a breach. The law, which...… Continue Reading

March 29, 2018, Law360

March 9, 2018, Inside Government Contracts

Earlier this week, both chambers on Capitol Hill took steps that would increase the Department of Homeland Security’s (DHS) role in the area of cybersecurity.  On the Senate side, the Senate Homeland Security and Governmental Affairs Committee approved a DHS reauthorization bill that included amendments to rename and reorganize the DHS National Protection and ...

March 2, 2018, Inside Privacy

This week, the Federal Trade Commission (“FTC”) granted Sears Holdings Management’s (“Sears”) petition to reopen and modify a 2009 consent order regarding the tracking of personal information on Sears’ software apps.  We analyzed Sears’ petition last fall, which sought to modify the definition of “tracking application,” which triggered heightened notice and ...

January 30, 2018, Inside Privacy

Last week, President Trump nominated four new commissioners to the Federal Trade Commission (“FTC”):  Joseph J. Simons, an antitrust attorney, as Chairman; Noah Joshua Phillips, chief counsel for Senate Majority Whip John Cornyn (R-Texas), for the second Republican seat; Christine Wilson, an executive for Delta Air Lines, for the third Republican seat; and Rohit ...

January 12, 2018, Inside Privacy

On January 9, the House of Representatives passed the Cyber Vulnerability Disclosure Reporting Act by voice vote.  The Act directs the Secretary of the U.S. Department of Homeland Security (“DHS”) to prepare a report describing the policies and procedures that DHS developed to coordinate the cyber vulnerability disclosures.  Under the Homeland Security Act of ...

December 18, 2017, Inside Privacy

On December 12, 2017, the Federal Trade Commission (“FTC”) hosted a workshop examining “informational injury,” defined by Acting Chairman Maureen Ohlhausen in her opening remarks as the harm consumers suffer due to privacy and data security breaches. Chairman Ohlhausen emphasized three main purposes for the workshop:  First, to better identify qualitatively ...

December 2017, Pratt's Government Contracting Law Report

November 14, 2017, Inside Privacy

The Federal Trade Commission (“FTC”) is soliciting public comments on a petition filed by Sears Holdings Management (“Sears”) to reopen and modify a 2009 FTC order regarding the tracking of personal information on their software apps.  The petition is notable for a number of reasons.  First, the Sears consent order was a seminal order in...… Continue Reading

October 19, 2017, Inside Privacy

Last week, the Advisory Committee to the Congressional Internet Caucus hosted “Hacking: What Color Is Your Hat? Vulnerability Disclosures and the Law,” a discussion on the importance of vulnerability disclosures to protect information systems and  the nation’s cyber security defenses, and how private and public actors can safely encourage vulnerability ...

September 26, 2017, Inside Government Contracts

On September 21, 2017, the Director of the Defense Pricing/Defense Procurement and Acquisition Policy (DPAP) issued guidance to Department of Defense (DoD) acquisition personnel in anticipation of the December 31, 2017 date for contractors to implement the security controls of NIST Special Publication (SP) 800-171.  The guidance outlines (i) ways in which a ...