Keypoint: To advance the National Cybersecurity Strategy, the Office of the National Cyber Director is soliciting public comments to harmonize cybersecurity regulations, with comments due by October 31, 2023.

In March 2023, the White House released its National Cybersecurity Strategy (NCS), which envisions two changes in how the United States allocates roles, responsibilities, and resources in cyberspace:

  • Rebalancing the responsibility to defend cyberspace; and
  • Realigning incentives towards long-term investments to reward security and resilience.

This rebalance and realignment explicitly acknowledges that collaboration between private and public sector stakeholders will be necessary.Continue Reading The Invitation to Streamline Cybersecurity Regulations

Keypoint: The California Privacy Protection Agency’s issuance of significantly modified proposed regulations comes days in advance of four scheduled Board meetings where the proposed regulations will open to debate, modification, and potential adoption.

On Monday, September 17, 2022, the California Privacy Protection Agency (CPPA or Agency) issued modified proposed CPRA regulations as well as an explanation for the changes. The modified proposed regulations follow a 45-day written comment period on the initial proposed regulations that ended on August 23, 2022, and two public hearings that were held on August 24 and 25, 2022. Interested parties submitted over 1,000 pages of written comments during the written comment period.

The issuance of modified proposed regulations was expected based on comments made during the Agency’s prior Board meeting on September 23, 2022. The Agency initially issued the modified proposed regulations in connection with two days of Board meetings scheduled for October 21 and 22, 2022. Later in the day on September 17, the Agency announced that it will hold two more days of Board meetings on October 28 and 29, 2022.

At the meetings, the Board will discuss the proposed regulations, including possible adoption or modification of the text. To that end, the accompanying explanation document identifies twenty-eight (28) items that Agency staff recommend for discussion at the meetings.

In the below post, we first provide high-level takeaways from the modified proposed regulations. We then discuss some of the more notable changes. We do not attempt to summarize all of the changes.Continue Reading Modified CPRA Proposed Regulations Issued