On August 27, 2021, Illinois Governor JB Pritzker signed the Protecting Household Privacy Act into law. It goes into effect Jan. 1, 2022.

House Bill 2553 prohibits Illinois law enforcement agencies from obtaining household electronic data or direct the acquisition of household electronic data from a private third party.

This includes any information or input

We are back in the US federal privacy bill game!

Sen. Roger Wicker, a Mississippi Republican, has re-introduced the “Setting an American Framework to Ensure Data Access, Transparency, and Accountability Act,” also known as the “SAFE DATA Act.”

Here are some key takeaways:

  • Employee and publicly available data are excluded
  • The concept of “sensitive covered

Federal Trade Commission authority boost?

H.R. 2668 – The Consumer Protection and Recovery Act – has passed in the U.S. House of Representatives.

The bill amends the Federal Trade Commission Act to provide the FTC with explicit authority to require bad actors to return money earned through illegal activity and to seek both injunctive

U.S. Sen. Amy Klobuchar, (D-Minn.) has introduced the Social Media Privacy Protection and Consumer Rights Act.

“Among other things, it requires, social media, search, and other data-centric companies handle user data to give consumers a way to opt out of data collection. This could be as straightforward as someone declining the terms of service. If

“Contrary to popular belief, data security begins with the Board of Directors, not the IT Department. A corporate board that prioritizes data security can set the tone throughout an organization by instilling a culture of security, establishing strong security expectations, and breaking down internal silos to facilitate technical and strategic collaboration.” – says the  Federal

U.S. lawmakers have reintroduced legislation to protect connected devices.

“IoT” should also stand for “Internet of Threats” until we put in place appropriate cybersecurity safeguards, said U.S. Sen Ed Markey.

The Hill reports that the Cyber Shield Act introduced by Sen. Markey and Rep. Ted Lieu would:

  • Create a voluntary cybersecurity certification program for internet-connected

The White House recently issued guidance to government agencies for the regulation of artificial intelligence applications.

Key data protection takeaways:
  • Transparency is essential. Disclosures should be written in a format that is easy to understand.
  • What constitutes appropriate disclosure and transparency is context-specific, depending on assessments of potential harms, the magnitude of those harms, the

The Board of Governors of the Federal Reserve System, the Office of the Comptroller of the Currency  and the Federal Deposit Insurance Corporation are issuing an interagency paper on Sound Practices to Strengthen Operational Resilience.

Key takeaways re: third party management
  • Identify and analyze third-party risk of critical operations and core business lines.
  • Prioritize third-party

The U.S. Consumer Financial Protection Bureau (CFPB) is issuing an Advanced Notice of Proposed Rulemaking to solicit comments and information that will assist the development of proposed regulations under Section 1033 of the Dodd Frank Act dealing with consumer rights to access financial records.

Questions include:
  • What are the benefits to consumers from authorized data

Peter Swire and Kenneth Propp suggest a viable post-Schrems II alternative to address U.S. judicial redress deficiencies in the Lawfare Blog.

“Any future attempt by the United States to successfully address this perceived deficiency in judicial redress … must have two dimensions: a credible fact-finding inquiry into classified surveillance activities in order to ensure protection