Sen. Marco Rubio has introduced federal data privacy legislation entitled the American Data Dissemination Act (FTC-ADDA). The FTC-ADDA would require the Federal Trade Commission to submit detailed recommendations for privacy requirements that Congress could impose on various companies. If Congress fails to act on the recommendations within two years, Rubio’s bill would enable the FTC to put into effect its own rules. In short, Rubio’s bill puts the FTC in the driver’s seat on the long journey to data security.
The EU and Canada already have strong national data privacy regulations either in force, planned, or in various stages of development. The EU’s GDPR came into effect in May 2018, and the EU has scheduled the roll-out of the EU ePrivacy regulation, which covers areas not in the GDPR. Canada has amended the Personal Information Protection and Electronic Documents Act (PIPEDA) to include rules for data breach reporting and centralized reporting to the Privacy Commissioner of Canada.
If you think that all of this presents a complex backdrop to your day-to-day business management, then you better hold your breath. Consider dealing with FTC-ADDA in the context of the existing barrage of related data privacy and data breach legislation in various stages of review in the U.S. Congress, the U.S. Senate, and within various states. This includes the California Data Protection Act that will become law in 2020, the Consumer Data Protection Act proposed by Sen. Ron Wyden (discussion draft SIL18B29) in response to the Equifax breach, the U.S. Data Breach Prevention and Compensation Act of 2018 (S.2289) that would create an office of cybersecurity within the Federal Trade Commission, and the reorganization of the Department of Homeland Security to establish the office of Cybersecurity and Infrastructure Security Agency (CISA).
Note that California also has legislation pending to regulate cybersecurity around the internet of things (IoT) devices. There is considerable overlap between these various pieces cybersecurity legislation, data breach legislation, and data privacy legislation.
An omnibus approach by Rubio’s team is needed that consolidates all of this at the national level to supersede and replace this barrage of other regulations.
How can your company stay ahead of this continued barrage of compliance legislation? How can you address these requirements in your extended enterprise? Cloud access security brokers can help.
Cloud access security brokers (CASB) can be an important part of your FTC-ADDA technology infrastructure for compliance. CipherCloud CASB can provide the data protection, threat protection, and flexible architecture that you need to meet FTC-ADDA compliance successfully
Find out more about CipherCloud’s CASB platform to protect all of your vendor-provided SaaS cloud applications as well as your custom IaaS-hosted applications.
Why CipherCloud? Our CASB platform is the best. We provide:
• ZERO TRUST ARCHITECTURE for comprehensive protection of your users, applications, and data in the cloud
• DATA-CENTRIC CASB with DLP, DRM, and End-to-end Encryption for Total Data Protection
• ADAPTIVE CLOUD CONTROL for any User, Device (both managed and BYOD), Location, and Cloud, with contextual and behavior analytics
• UNIVERSAL CLOUD POLICY Platform for ALL controls across ALL clouds while integrating existing security systems
• ACCELERATE CLOUD ADOPTION securely with Friction-less, Agent-less, Hybrid architecture