Perkins on Privacy
Perkins on Privacy
Perkins on Privacy keeps you informed about the latest developments in privacy and data security law. Our insights are provided by Perkins Coie's Privacy & Security practice, recognized by Chambers as a leading firm in the field.
President Trump Approves Short-Term Renewal of CISA 2015
Congress included in the appropriations bill of November 12, 2025, an extension of the Cybersecurity Information Sharing Act of 2015 (CISA 2015), 6 U.S.C. §§ 1501–10, through January 30, 2026.
House Bill Introduced to Shield the U.S. From Cybersecurity Risks Posed by Quantum Computing
Congress members have proposed legislation that would introduce new measures to enhance the United States’ cybersecurity resilience in the face of advancing quantum computing capabilities.
DOJ Posts New FAQ for the “Bulk Data” Rule
The U.S. Department of Justice (DOJ) “Data Security Program” (DSP), also known as the “Sensitive Data Rule” or “Bulk Data Rule,” has prompted numerous questions about its scope and application.
Privacy in Focus: California’s Legislative Session Closes with Major Changes
California’s legislature has once again taken center stage in the national privacy conversation, passing a flurry of privacy bills during a marathon session that stretched into the night of September 12.
Salt Typhoon Cyberattacks: Updated Threat Assessment and Recommended Mitigations
Key Takeaways
Mid-Year Recap: State Consumer Privacy Laws
With 2025 more than half over and many state legislatures adjourned for the year, we look back at significant legislative developments concerning state comprehensive consumer privacy laws.
Another Take on the TAKE IT DOWN Act
The TAKE IT DOWN Act (the Act), enacted on May 19, 2025, is a powerful (and controversial) new tool designed to stop people from sharing “nonconsensual intimate imagery,” or NCII, online.
Don’t Mind If I Do: Montana Says Hands Off Neural Data
In May 2025, Montana enacted Senate Bill 163 (SB 163), amending that state’s Genetic Information Privacy Act (MGIPA) to include protections for neurotechnology data—namely, data collected from the activity of the central or peripheral nervous system.
Can Providers Be Sued for Mistaken CSAM Reports? Maybe, Says New Ruling
Can a communications provider be held liable when it reports to the National Center for Missing and Exploited Children (NCMEC) an image the provider believes to be child sexual abuse material based on signals provided by NCMEC?
CISA Security Requirements for Restricted Data Transactions Under New DOJ Rule
CISA has proposed security requirements for certain categories of restricted data transfers. Any U.S. business that transfers its data outside the United States or gives businesses or people outside the United States access to its data should review and work with security and legal professionals to ensure compliance.
Massachusetts Supreme Court Decision Raises Bar for Website “Wiretap” Suits
In recent months, a wave of lawsuits has swept across the nation, targeting websites for allegedly violating state wiretapping laws through their use of tracking software.
