On July 25, Missouri, Arkansas, and Iowa (the states), along with intervenors American Water Works Association and National Rural Water Association (the water associations), petitioned the Eighth Circuit to review the U.S. Environmental Protection Agency’s (EPA) new rule requiring states to review and report cybersecurity threats to their public water systems (PWS).
Continue Reading EPA Cybersecurity Rule Challenged by States and Water Systems Associations
On August 21, the U.S. Supreme Court denied a request by West Virginia Attorney General (AG) Patrick Morrisey and 26 other state AGs to participate in oral arguments in Consumer Financial Protection Bureau (CFPB) et al. v. Community Financial Services Association of America et al., which concerns whether the CFPB’s statutory authorization violates the Constitution’s Appropriations Clause. Morrissey and 26 other predominantly Republican state AGs have submitted an amicus brief arguing that it does. Morrissey is joined by the AGs for Alabama, Alaska, Arkansas, Florida, Georgia, Idaho, Indiana, Iowa, Kansas, Kentucky, Louisiana, Mississippi, Missouri, Montana, Nebraska, New Hampshire, North Dakota, Ohio, Oklahoma, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, and Wyoming.
This article was originally published on August 24, 2023 in Reuters and is republished here with permission.
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach.
An incident is any “occurrence that actually or potentially jeopardizes the confidentiality, integrity or availability of an information system,” or an event that constitutes a violation of an organization’s computer security or acceptable use policies. National Institute of Standards and Technology, Minimum Security Requirements for Federal Information and Information Systems, FIPS 200, at 7 (Mar. 9, 2006) (nist.gov). A breach is an incident that imposes statutory and regulatory obligations on an affected organization when it holds or controls certain consumer information.
Continue Reading Data Protection: One of These Incidents Is Not Like the Other
On August 16, a coalition of seven state attorneys general (AG) announced a settlement with participants alleged to be involved in a “massive” robocall operation. The stipulated order, which names Scott Shapiro, Michael T. Smith, Jr., and Health Advisors of America (defendants), permanently bans Shapiro and Smith from initiating or facilitating robocalls; working in or with companies that make robocalls; and engaging in telemarketing. The settlement also requires the defendants to make monetary payments to the coalition, which is comprised of AGs from the states of Arkansas, Indiana, Michigan, North Carolina, North Dakota, Ohio, and Texas (the AGs).
Continue Reading Seven State AGs Announce Settlement With Robocallers
Massachusetts Attorney General (AG) Andrea Joy Campbell announced the creation of a new Elder Justice Unit, which will use existing resources to protect and promote the safety and well-being of elders through enforcement actions, legislative advocacy, and community engagement and education.
On August 18, 2023, a New York Supreme Court judge has enjoined New York cannabis regulators from further processing, approving, or investigating any new or pending applications for a state conditional adult-use retail dispensary (CAURD) license, leaving New York’s nascent adult-use cannabis market in limbo.
Public water utilities and 3M have until August 28 to respond to the bipartisan coalition of 22 state attorneys general (AGs) that opposes their proposed $12.5 billion class action settlement over alleged per- and polyfluoroalkyl substance (PFAS) contamination and is seeking to intervene in their litigation.
Connecticut Attorney General (AG) William Tong, along with Illinois, New Hampshire, and Tennessee AGs, jointly authored a letter to the Federal Trade Commission (FTC) urging improved collaboration with state AGs.
In August, District of Columbia Attorney General (AG) Brian Schwalb issued a Supplemental Business Advisory (advisory) to provide guidance and examples to restaurants for complying with their legal obligation under the District’s Consumer Protection Procedures Act (CPPA) to adequately disclose all fees, including service fees, to customers. See D.C. Code § 28-3901, et seq. The advisory clarifies that the CPPA does not prohibit restaurants from charging such fees or surcharges, but emphasizes that “these fees may violate the CPPA if they are not timely, prominently, and clearly disclosed to diners before they place their orders.”
Continue Reading District of Columbia AG Issues Supplemental Business Advisory on Restaurant Fees
On August 10, Michigan Attorney General (AG) Dana Nessel issued a press release to report the success of the new Unlicensed Builders Pretrial Diversion Program that was launched in February. AG Nessel launched the new program to promote licensing compliance, ensure restitution to victims, and efficiently resolve cases of Michigan consumer complaints of harm caused by unlicensed builders in the state.