U.S. President Joe Biden announced the National Cybersecurity Strategy, which aims to "secure the full benefits of a safe and secure digital ecosystem for all Americans." Notably, the Biden administration's strategy seeks to "rebalance the responsibility to defend cyberspace" and place obligations on "the organizations that are most capable and best-positioned to reduce risks for all of us." Privacy and data security are mentioned under the strategy's intended approach to "shape market forces to... Read More

U.S. Congress made bipartisan progress on comprehensive federal privacy legislation last year, advancing the proposed American Data Privacy and Protection Act to the cusp of a U.S. House floor vote. The prioritization was no fluke and the 118th Congress is compelled to prove as much with eyes toward finalizing a national standard again this year. A step forward for 2023 federal privacy law prospects came with the latest Congressional hearing dedicated to privacy hosted by the House Committee on... Read More

The State of the Union address has a long history in the United States, going back to the Constitution and birth of the Republic, when President George Washington set the precedent by sharing his report on the country with both houses of Congress. That tradition did not last long, however, as less than a decade later, Thomas Jefferson, the nation’s third president, simply presented the legislature with a written report. Fast forward to the early 20th century and find that Woodrow Wilson revived... Read More

The U.S. Congressional Research Service issued a report on potential ways to update the Computer Matching and Privacy Protection Act, a law passed in 1988 to establish “procedures for agencies when they disclose and match data on individuals for certain purposes.” The report outlined changes such as “clarifying the scope of the CMPPA, developing an accurate accounting of matching programs … and assessing regulation and oversight of data matching.”Full Story... Read More

In what the U.S. Federal Trade Commission calls a "first-of-its-kind" enforcement action, the FTC filed a proposed order against GoodRx, a U.S. health care company, for violating the Health Breach Notification Rule and the FTC Act. The proposed order prohibits GoodRx from disclosing user health data for advertising purposes and requires payment of a $1.5 million civil penalty, 0.2% of the company's 2021 gross global revenue. This case signals an increase in the FTC's use of its unfairness author... Read More

After years of developing under the surface, teen privacy safeguards in the United States may have finally reached puberty. Although headlines about the Federal Trade Commission’s enforcement action against Epic Games are likely to focus on the high price tag — $275 million in administrative penalties and $245 million in consumer refunds — privacy professionals should zoom in on the operational takeaways for any organization that runs an online site or service used by individuals under 18, wheth... Read More

The White House Office of Science and Technology Policy published "Blueprint for an AI Bill of Rights," which provides design, development and deployment guidelines for artificial intelligence technologies. Data privacy, algorithmic discrimination protections and user choice principles are among the OTSP's "five common sense protections to which everyone in America should be entitled." The OTSP said the blueprint is "a vision for a society" and its AI use focuses on protections from the onset, i... Read More