The FTC is Back Up and Running: The Chairman’s Update on Agency Priorities

FTC Chairman Joe Simons outlined the agency’s priorities in his keynote at the ABA’s consumer protection conference on Tuesday, promising vigorous enforcement as the agency emerges from the shutdown.  Without commenting on any pending investigations, he made clear that the agency would continue to pursue enforcement actions in a number of areas.  And he reiterated calls to Congress to give the agency new tools and expanded authority.

NIST Launches Effort to Establish IoT Security Baseline; Seeks Stakeholder Feedback

The National Institute of Standards and Technology (NIST), within the Department of Commerce, has launched an effort to identify “a core set of cybersecurity capabilities that could be a baseline for [Internet of Things (IoT)] devices.”  The discussion draft, Considerations for a Core IoT Cybersecurity Capabilities Baseline, is intended to solicit stakeholder feedback and includes NIST’s “initial thoughts about what a core baseline of cybersecurity capabilities that are important for most IoT devices would look like.”

Big Data Transforming Healthcare, But Cybersecurity Issues Loom

Mobile and cloud technologies, combined with big data and advanced analytics are revolutionizing our healthcare system, making life-saving care accessible to more patients. At the same time, the medical sector is under constant cyberattack. The healthcare infrastructure, electronic medical records and medical devices are all targets of malicious activity by criminals, hacktivists and nation states.

Illinois: Actual Injury Not Required for Privacy Lawsuit; Inviting Costly Litigation against Innovators

On Friday, the Supreme Court of Illinois found that a plaintiff could seek liquidated damages and injunctive relief under a state privacy statute without “[p]roof of actual damages.”

The case—Rosenbach v. Six Flags Entertainment—was brought under the Illinois Biometric Information Privacy Act (BIPA or Act).  The Act imposes numerous obligations on private entities that collect biometric information, like fingerprints and retina scans.  If the entity fails to follow the obligations in the Act, any person “aggrieved” is provided a “right of action . . . against an offending party.”

Tech Companies: Expect DOJ to be Aggressive on Supply Chain and Tech under AG Barr

Attorney General Nominee William Barr weighed in on supply chain risks in his testimony yesterday, previewing a possible extension of the hard line the Administration has taken against what it sees as cyber and economic threats from Chinese companies and the government.  Barr testified that China—not Russia—is “the primary rival of the United States,” and specifically called out Chinese telecommunications companies Huawei and ZTE.

The FAA’s Long-Awaited NPRM and ANPRM Have Arrived

Despite the government shutdown, the Federal Aviation Administration (FAA) has finally released two highly-anticipated rulemaking documents related to commercial unmanned aircraft system (UAS) operations.  Yesterday, the agency published a draft Notice of Proposed Rulemaking (draft NPRM) on the Operation of Small Unmanned Aircraft Systems over People and a draft advanced NPRM (draft ANPRM) on the Safe and Secure Operations of Small Unmanned Aircraft Systems.