After years out of circulation, class-action lawsuits asserting claims under the Video Protection Privacy Act are now back in reruns. More than 100 putative class actions alleging violations of the VPPA have been filed against publishers that use the Meta pixel on their websites.
It remains to be seen whether these lawsuits will survive evaluation
Critical infrastructure companies should expect substantial new federal cybersecurity requirements based on the National Cybersecurity Strategy that President Biden announced on March 2, 2023. The Strategy includes enhanced requirements for critical infrastructure. Specifically, President Biden pivoted federal cybersecurity policy from encouraging voluntary adoption of proactive security measures to using regulation and other measures to mandate
The Federal Energy Regulatory Commission has published a final rule calling for the North American Electric Reliability Corporation to develop standards for internal network cybersecurity monitoring. This rule will be required for all high-impact bulk electric systems and medium-impact bulk electric systems with external roundtable activity and conduct a study of the security of other
The Board of the California Privacy Protection Agency (CPPA) approved a rulemaking package covering Sections 7000–7304 of their draft regulations on February 3, 2023. The board also initiated preliminary rulemaking activities for risk assessments, cybersecurity audits, and automated decision-making. In approving the rulemaking package, the CPPA did not make substantive changes to the version of its draft regulations published in October 2022, indicating that any changes following from the more than 400 pages of public comment analysis could be advanced in future rulemaking activities.