Proposed Bill Makes Dramatic Changes To North Carolina Security Breach Notification Law

Some of the proposed changes include:

  • Businesses would have to “[i]implement and maintain reasonable security procedures and practices, appropriate to the nature of the personal information and the size, complexity, and capabilities of the business.”;
  • Businesses would be required to offer at least two years of free credit monitoring; and
  • Replacing the current “without unreasonable delay” standard for breach notification to “as soon as practicable, but not later than thirty (30) days after discovery of the breach or reason to believe a breach has ”

A copy of the bill can be found here.

24 Tech Companies Support CCPA amendment

According to the DuckDuckGo Blog, 24 different tech companies have written a letter in support of the CCPA amendment. The blog states, “CCPA is set to take effect in 2020 and is without a doubt a major advancement in individual privacy rights for Americans. As an Internet privacy company that empowers users to take control of personal information, we support the law. And we want to see it become even better.” A copy of the letter can be found here.

The Justice Department Announces Publication of White Paper on the CLOUD Act

The Department of Justice released a white paper on the Clarifying Lawful Overseas Use of Data Act, (the CLOUD Act) which provides the “legal framework for how law enforcement authorities may request electronic evidence needed to protect public safety from service providers while respecting privacy interests and foreign sovereignty.”  “Our collective safety and security depends on our ability to maintain lawful and efficient access to electronic evidence, and the CLOUD Act offers a sorely-needed solution to that challenge,” said Deputy Attorney General Rod Rosenstein. The White Paper can be found here.

CISA Issues Warning Regarding VPN hacking

Last week, the Cybersecurity and Infrastructure Security Agency (CISA) released a statement concerning, “information on a vulnerability affecting multiple Virtual Private Network (VPN) applications.” More information can be found here.