As uncertainty persists about federal strategies for data protection enforcement and government rulemaking has nearly ground to a halt, state lawmakers and regulators, by contrast, have taken decisive recent steps in the sphere of cybersecurity and online privacy, experts say.
In several notable actions, a coalition of state attorneys general secured a record $18.5 million settlement with Target Corp. over the retailer's 2013 data breach; the New York Department of Financial Services instituted stringent cybersecurity rules; and several states moved to enact broadband privacy rules that would replace those struck down by the Federal Communications Commission. Experts say they see no signs the activity will slow down during the second half of 2017...
"The internet of things just seems to be getting bigger all the time, and for things like who's going to own the data and what kind of privacy and security policies you have to have in place, it's still a little like the Wild West," Haynes and Boone LLP partner Gavin George said. "There's not good law or a regulatory regime built up around those issues yet, but it may be coming in the next six months or year."
Excerpted from Law360. To read the full article, click here (subscription required).