•   
  •   
  •   

Politics Virginia set to become second state to pass data privacy law

13:40  16 february  2021
13:40  16 february  2021 Source:   rollcall.com

Why Joe Manchin is an electoral miracle

  Why Joe Manchin is an electoral miracle Democratic Sen. Joe Manchin of West Virginia is one of the most powerful men in Washington. With Democrats holding a one-vote majority in the Senate (thanks to Vice President Kamala Harris casting any tie-breaking vote), he can make or break a lot of bills for them. © Amanda Andrade-Rhoades/Bloomberg/Getty Images Manchin's moderate record, however, has left at least some progressive groups angry. They're threatening a primary challenge to Manchin, who isn't up for reelection until 2024. Progressives should realize that Manchin is an electoral miracle of sorts.

Virginia is set to become the second state after California to pass data privacy legislation. The bill could become law as soon April when Gov. Ralph Northam is expected to sign a measure that has passed both chambers of the state legislature but is awaiting a few last-minute tweaks.

Ralph Northam wearing a suit and tie smiling and looking at the camera: Virginian Gov. Ralph Northam has signaled his approval for a data privacy law in his state. © Provided by Roll Call Virginian Gov. Ralph Northam has signaled his approval for a data privacy law in his state.

Known as the Consumer Data Protection Act, the law would go into effect Jan. 1, 2023 and would apply to all business that control or process data for at least 100,000 Virginians, or those commercial entities that derive at least 50 percent of their revenues from the sale and processing of consumer data of at least 25,000 customers.

Giving plasma, chicken robbery, bar-free Mardi Gras: News from around our 50 states

  Giving plasma, chicken robbery, bar-free Mardi Gras: News from around our 50 states How the COVID-19 pandemic is affecting every stateStart the day smarter. Get all the news you need in your inbox each morning.

The law would exempt health care data and information collected for assessing credit worthiness. It would give consumers the right to determine whether their data is being collected and processed and ask for a copy of their data, correct inaccuracies, ask for the deletion of personal data, and opt out of the processing of personal data that may be used for targeted advertising, sale, or consumer profiling.

The Virginia law would put more pressure on Congress to pass a federal data privacy law. Other states are continuing to push similar legislation. Washington state, which has twice failed to pass a privacy bill, is once again taking up a measure this year.

Loading the player...

The European Union’s privacy legislation known as the General Data Protection Regulation or GDPR has been in force since May 2018.

COVID app triggers overdue debate on privacy in Singapore

  COVID app triggers overdue debate on privacy in Singapore Government forced to amend law around app after it emerges police used the data to investigate a number of crimes.Now, COVID-19 has forced the conversation, after it was revealed that data from the government’s contact-tracing app, contrary to initial promises, could also be used for criminal investigations.

“This is a big deal,” Virginia state Sen. David Marsden, a Democrat, who sponsored the Senate version of the bill, said in an interview. “People are being pestered to death, because of people selling our information,” he said talking about his motivation in promoting the legislation.

Marsden, 72, said he was still getting calls to refinance his college debt, even though “I never had anything to begin with.”

The legislation would allow Virginians to “have control over your data,” Marsden said.

Northam is likely to sign the legislation six weeks after the Virginia legislative session ends on March 1, Marsden said, adding that he expects any proposed amendments to be passed by both houses of Virginia’s General Assembly by then. Some of the potential changes include strengthening the office of the state attorney general, which will be in charge of implementing the law, he said.

Hillicon Valley: Krebs is back on Capitol Hill | Cybersecurity as 'preeminent threat' | News on data privacy and voter security

  Hillicon Valley: Krebs is back on Capitol Hill | Cybersecurity as 'preeminent threat' | News on data privacy and voter security Welcome to Hillicon Valley, The Hill's newsletter detailing all you need to know about the tech and cyber news from Capitol Hill to Silicon Valley. If you don't already, be sure to sign up for our newsletter by clicking HERE. Follow our cyber reporter, Maggie Miller (@magmill95), and tech team, Chris Mills Rodrigo (@chrisismills) and Rebecca Klar (@rebeccaklar_), for more coverage.Cybersecurity was in the spotlight on Capitol Hill today as Christopher Krebs returned to testify to the House Homeland Security Committee on cyber threats. Ahead of the hearing, The Hill spoke with two key committee leaders about their cyber priorities.

Comparison to California law

The Virginia law differs from California’s in a few key ways.

Unlike the California privacy law, which applies to companies with annual gross revenue of $25 million or for-profit entities that possess and process data on 50,000 consumers, the Virginia law does not set a revenue threshold.

Doing away with a monetary threshold “cuts out game playing,” Marsden said, when companies engage in undercounting their revenues to escape the law.

Not having a revenue definition also may leave out small and medium-sized businesses, said Ashley Shively, attorney and partner in the law firm of Holland & Knight.

“The absence of the monetary threshold is unique,” Shively said. “And I think the potential result of that is that fewer businesses could fall within the scope” of the legislation, potentially exempting small and medium-sized businesses, she said.

And that is his goal, Marsden said, “because they just don’t have the bandwidth to deal with all of those issues” and forcing them might have put some small enterprises out of business, he said.

Feeding the front line, whooping cranes, stadium crowds: News from around our 50 states

  Feeding the front line, whooping cranes, stadium crowds: News from around our 50 states How the COVID-19 pandemic is affecting every stateStart the day smarter. Get all the news you need in your inbox each morning.

Leaving out small businesses while passing data privacy legislation may not be perfect but it’s still progress, he said.

The right to sue

The Virginia law also expressly prohibits private right of action. In other words Virginians cannot sue, unlike the California law. Although the California Consumer Privacy Act, which came into force in January 2020, already allowed consumers to sue companies for data breaches, California voters approved a new proposition in November that further expands the scope of protection.

The new proposition, called the California Privacy Rights Act, which goes into force Jan. 1, 2023, would allow consumers to sue not only for the breach of data under the state’s breach notification laws, but also include the breach of email addresses, passwords, and security questions that may allow unauthorized users to access a consumer’s account.

By expressly prohibiting private right of action, Virginia is closing any possible loopholes that may open the doors to plaintiff’s lawyers bringing lawsuits, Shively said.

Marsden said Virginia’s goal was to stop the misuse of personal data and not “turn this into another business” by creating opportunities for lots of lawsuits. He said the state attorney general would create a new office to enforce compliance, with an annual budget of about $400,000 that would be supplemented with fines and penalties.

If the state’s own enforcement mechanism doesn’t work as well as it ought to “you might consider something different someday, but right now this is the way to go,” Marsden said.

California’s private right of action provision has been a major sticking point in crafting a federal data privacy bill. While Democratic lawmakers have favored retaining the right or at least not ruling out the right to sue, Republican lawmakers have been opposed to a federal statute that would permit consumer lawsuits against tech companies.

If Congress is looking for an alternative, the Virginia law “is going to be a great model for the federal government,” Marsden said. “We need a national standard.”

The post Virginia set to become second state to pass data privacy law appeared first on Roll Call.

Ransomware: Sharp rise in attacks against universities as learning goes online .
Higher education is struggling with ransomware attacks, with gangs seeing an easy target in institutions busy making the switch to remote operations.The number of ransomware attacks targeting universities has doubled over the past year and the cost of ransomware demands is going up as information security teams struggle to fight off cyberattacks.

usr: 5
This is interesting!