On May 12, 2021, President Biden issued an executive order to strengthen U.S. cybersecurity defenses. The order comes in the wake of the ransomware attack on Colonial Pipeline and numerous other cybersecurity attacks against the U.S. government and private companies over the past few years. The order proposes a wide array of changes to bolster
Government Contracts
Apple and Google Launch Contact Tracing and Coronavirus Exposure API Software
- Details about Apple/Google Launch
Yesterday (May 20, 2020), Apple and Google launched software that will allow public health authorities to create mobile applications that notify people when they may have come in contact with people who have confirmed cases of COVID-19, while purportedly preserving privacy around identifying information and location data. People who have updated…

U.S. Senate Introduces COVID-19 Consumer Data Protection Act
As they had previously announced their intent to do so, the leadership of several Senate Committees introduced the “COVID-19 Consumer Data Protection Act” on May 7, 2020.
The Act would:
- Require companies under FTC jurisdiction to obtain affirmative express consent from individuals to collect, process, or transfer their personal health, device, geolocation, or proximity information
…
The European Union’s General Data Protection Regulation (GDPR) Is Coming: What Does It Mean For U.S. Businesses?

With the May 25, 2018 deadline quickly approaching, many businesses are scrambling to prepare for compliance with the EU’s General Data Protection Regulation (GDPR), and questions and conversations are heating up. Still others are still trying to wrap their arms around what GDPR is and what it means for U.S. businesses. For those of you…
NIST Publishes Draft 2 of the Revised NIST Cybersecurity Framework for Comment by January 19, 2018
On December 5, 2017, NIST published a revised version of the NIST Cybersecurity Framework (i.e., Draft 2 of Version 1.1) (“Framework”). According to NIST, Version 1.1 of the Framework refines, clarifies, and enhances Version 1.0 of the Framework issued in February 2014, and the recently published Draft 2 of Version 1.1 is informed by over…
Senate Introduces the Internet of Things (IoT) Cybersecurity Improvement Act of 2017 for Government-Acquired IoT Devices
On August 1, 2017, the Senate introduced the “Internet of Things (IoT) Cybersecurity Improvement Act of 2017”, which aims to bolster the security of government-acquired IoT devices. Sponsored by Sens. Mark Warner (D-VA), Cory Gardner (R-CO), Ron Wyden (D-OR), and Steve Daines (R-MT), the bill would require connected devices purchased by the government agencies to…

China’s Cybersecurity Law Takes Effect Today, Still Leaves Many Questions
Today, on June 1, 2017, China’s new cybersecurity law, entitled the “Network Security Law”, goes into effect. The law was passed in November 2016. It now becomes legally mandatory for “network operators” and “providers of network products and services” to: (a) follow certain personal information protection obligations, including notice and consent requirements; (b) for network…