Home | Byte Back | Data Privacy & Cybersecurity Blog
Husch Blackwell’s Data Privacy, Security and Breach Response team helps clients navigate complex statutes and regulations surrounding privacy and information security.| Byte Back
Key point: CMMC took another step towards reality, with OIRA clearing for publication the DFARS proposed rule that will add CMMC requirements as a condition of award for new contracts. What happened: On August 25, 2025, the Office of Management and Budget’s Office of Information and Regulatory Affairs (OIRA) completed its review of the DoD’s...Continue Reading…| Byte Back
Key point: During Colorado’s legislative special session, which aimed to address budgetary shortfalls resulting from this year’s federal appropriations act, lawmakers approved a delay in the Colorado AI Act’s effective dates. Colorado lawmakers amended the Colorado AI Act, shifting the law’s effective date from February 1, 2026, to June 30, 2026. This delay applies to...Continue Reading…| Byte Back
Key point: With the Cybersecurity Information Sharing Act of 2015 (CISA 2015) scheduled to sunset on September 30, 2025, Congress will need to act quickly to renew the law and maintain, if not improve, the liability protections for industry when sharing cyber threat indicators and defensive measures. Supporters of reauthorization—including Sen. Gary Peters (D., Mich.),...Continue Reading…| Byte Back
In this post: (1) California courts split on personal jurisdiction post-Briskin; (2) District courts dismiss VPPA claims against movie theaters & online platforms; (3) ND Cal courts find “crime-tort” exception met in non-healthcare cases; (4) Jury returns verdict against Flo Health in privacy case; and (5) Privacy Plaintiffs find new theory in Colorado law. This is...Continue Reading…| Byte Back
Key point: Colorado’s Department of Law is soliciting public comments through September 5, 2025, on revised privacy rules to protect minors’ personal data and online privacy. On July 29, the Colorado Department of Law issued a notice of proposed rulemaking to revise the state’s privacy rules following the legislature’s 2024 amendments to the Colorado Privacy Act...Continue Reading…| Byte Back
Key point: The US Coast Guard’s new cybersecurity rule will transform the security standards and reporting requirements for vessels and marine facilities nationwide over the next three years. On July 16, 2025, the US Coast Guard’s (USCG) final rule, Cybersecurity in the Marine Transportation System, codified at 33 C.F.R. § 101.600 et seq., went into...Continue Reading…| Byte Back
Key point: “Winning the Race: America’s AI Action Plan,” the Trump Administration’s summary approach to federal artificial intelligence (AI) policy, and three new Executive Orders (EO) propose a wide-ranging federal strategy intended to solidify U.S. leadership in AI. For business leaders and public sector stakeholders, the Action Plan and EOs may be a double-edged sword:...Continue Reading…| Byte Back
Husch Blackwell’s Data Privacy, Security and Breach Response team helps clients navigate complex statutes and regulations surrounding privacy and information security.| Byte Back
Keypoint: Colorado policymakers outlined their privacy and AI priorities at a recent Husch Blackwell event. In early March, Husch Blackwell hosted a| Byte Back
The switchback heading to the Fraser river trail with Winter Park ski resort in the background. Fraser, Colorado. Approx. 9,000 ft altitude. July 2024.| Byte Back
Keypoint: In this post: (1) Standing may depend on how specific plaintiffs’ complaint is; (2) the 2nd Circuit adopts the 3rd and 9th Circuit’s narrower interpretation of PII under the VPPA; (3) Promises in privacy policies not to share user data can defeat consent defenses; (4) class action waivers in privacy agreements may face enforceability challenges in California; (5) courts closely scrutinize technical specifics in claims involving PHI.| Byte Back
Keypoint: In this post: (1) California considers a “commercial exception” to wiretapping and pen registry laws; (2) a rise in federal wiretapping claims| Byte Back
Keypoint: Twenty-five (25) privacy decisions from October-December show a significant uptick in the number of pixel-based wiretapping decisions issued| Byte Back
In this post: (1) Website tracking litigation risk remains as SB 690 is designated “two-year bill”; (2) Second Circuit reinforces narrower interpretation of PII to “shut the door for Pixel-based VPPA claims”; (3) Courts require individualized harm to establish standing; (4) Dismissals increase where plaintiffs fail to provide detailed allegations; and (5) Courts split on whether commercial intent can defeat application of “crime-tort exception” under federal ECPA.| Byte Back
Keypoint: Connecticut once again moves the needle on state privacy laws while at the same time integrating changes from other state laws. On June 25,| Byte Back
Keypoint: In this post: (1) Standing may depend on how specific plaintiffs’ complaint is; (2) the 2nd Circuit adopts the 3rd and 9th Circuit’s narrower| Byte Back
Keypoint: Last week, the Connecticut legislature passed an amendment to the state's consumer data privacy law and bills advanced in Oregon, California,| Byte Back
Keypoint: If signed into law, Colorado companies that process children’s data will have new requirements beginning on October 1, 2025. Prior to the| Byte Back
Keypoint: Courts have started to issue Pixel-based wiretapping decisions, the Seventh Circuit weighs in on when a manufacturer can be forced to pay| Byte Back
Keypoint: The California legislature is considering several bills that, if passed, would add to the nation’s emerging legal patchwork governing the use of| Byte Back
Keypoint: If signed into law, Colorado will become the first state to enact legislation regulating the use of high-risk artificial intelligence systems.| Byte Back
Keypoint: Last week, the Colorado legislature passed a bill amending the Colorado Privacy Act to add provisions regarding biometric data and the| Byte Back
Keypoint: Since our last update, the Connecticut Senate passed an algorithmic discrimination bill, an algorithmic discrimination bill was introduced in| Byte Back
Our industry teams collaborate across practice areas to deliver in-depth solutions to the most complex business challenges. We bring together the best legal minds and reach beyond law to include experienced industry professionals. This approach gives our clients a greater perspective and ensures forward-thinking results.| Byte Back
