U.S. Sen. Amy Klobuchar, (D-Minn.) has introduced the Social Media Privacy Protection and Consumer Rights Act.

“Among other things, it requires, social media, search, and other data-centric companies handle user data to give consumers a way to opt out of data collection. This could be as straightforward as someone declining the terms of service. If

“Contrary to popular belief, data security begins with the Board of Directors, not the IT Department. A corporate board that prioritizes data security can set the tone throughout an organization by instilling a culture of security, establishing strong security expectations, and breaking down internal silos to facilitate technical and strategic collaboration.” – says the  Federal

U.S. lawmakers have reintroduced legislation to protect connected devices.

“IoT” should also stand for “Internet of Threats” until we put in place appropriate cybersecurity safeguards, said U.S. Sen Ed Markey.

The Hill reports that the Cyber Shield Act introduced by Sen. Markey and Rep. Ted Lieu would:

  • Create a voluntary cybersecurity certification program for internet-connected

The White House recently issued guidance to government agencies for the regulation of artificial intelligence applications.

Key data protection takeaways:
  • Transparency is essential. Disclosures should be written in a format that is easy to understand.
  • What constitutes appropriate disclosure and transparency is context-specific, depending on assessments of potential harms, the magnitude of those harms, the

The Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency  and the Federal Deposit Insurance Corporation are issuing an interagency paper on Sound Practices to Strengthen Operational Resilience.

Key takeaways re: third party management
  • Identify and analyze third-party risk of critical operations and core business lines.
  • Prioritize third-party

The U.S. Consumer Financial Protection Bureau (CFPB) is issuing an Advanced Notice of Proposed Rulemaking to solicit comments and information that will assist the development of proposed regulations under Section 1033 of the Dodd Frank Act dealing with consumer rights to access financial records.

Questions include:
  • What are the benefits to consumers from authorized data

Peter Swire and Kenneth Propp suggest a viable post-Schrems II alternative to address U.S. judicial redress deficiencies in the Lawfare Blog.

“Any future attempt by the United States to successfully address this perceived deficiency in judicial redress … must have two dimensions: a credible fact-finding inquiry into classified surveillance activities in order to ensure protection

The National Security Administration issued a white paper on location data:

  • Using a mobile device — even powering it on — exposes location data.
  • Cellular providers and commercially available rogue base stations receive real-time location information.
  • Location data is stored on the mobile device.
  • Websites use browser fingerprinting to harvest location information, and WiFi access

Senators Jeff Merkley (D-Oregon) and Bernie Sanders (I-Vermont) introduced the “National Biometric Information Privacy Act of 2020,” a bill that would prohibit private companies from collecting or profiting from  biometric data — including eye scans, voiceprints, faceprints and fingerprints — without consumers’ and employees’ consent.

The legislation limits the ability of companies to collect, buy,

Will the Coronavirus pandemic provide the push needed for a U.S. Federal Privacy law?

“The leaders of the House subcommittee responsible for drafting Federal privacy legislation agree about the need to resume working together in order to pass a national standard, while the panel’s top Republican called for clarity on liability protections.”

“Although the pandemic