CDP Institute

A new bill introduced by Senate Democrats proposes to change Section 230, core U.S. legislation that shields social media and Internet providers from liability for publishing false or misleading information and from responsibility for the user content they publish. Section 230, which the New York Times quoted President Biden as saying should be "immediately revoked," gives the Internet companies unique immunity not granted to publishers or other media. The SAFE TECH Act would make an exception "when the provider or user has accepted payment to make the speech available," which would impact not only advertising but other kinds of paid services, including for premium web hosting. On the upside, the change would require more accountability from companies and would provide recourse to victims of cyberstalking and Internet harassment.

Virginia is now the second U.S. state to pass a comprehensive data privacy law. The Virginia Consumer Data Protection Act (VCDPA) provides consumers the right to know what data is being collected, to opt-out of collection and to refuse use of their information for targeting, profiling, or for sale. However, it does not give consumers private right of action, a choice that eased passage and may make it a model for other legislation.

Cisco’s survey of more than 4,700 security professionals from 25 countries found the average privacy budget doubled from $1.2M last year to $2.4M this year. This was true for organizations of different sizes. Additionally, 93% said privacy teams played a significant role in helping to manage corporate changes caused by the pandemic. Seventy-nine percent viewed the world’s developing privacy laws as having a positive impact.