July 2015

Growing concern over the risk of cyberattack on our energy infrastructure continues to spur legislative and administrative action.  In the last two weeks alone, both chambers of Congress and the Federal Energy Regulatory Commission (FERC) have made advancements with regard to proposals for strengthening the security of the national electric grid.

On June 11, 2015, Connecticut Governor Dannel Malloy signed Senate Bill 949  (“S.B. 949”) into law.  This new law imposes a various new requirements relating to data breach response and notification, including imposing a hard 90-day deadline for data breach reporting and requiring that entities regulated by the Connecticut Insurance Department to implement and maintain a “comprehensive information security program” to protect personal information.  The various sections of  S.B. 949  take effect in stages, with some having taken effect on July 1, 2015, and others becoming effective as late as October 1, 2017.

On July 10, 2015, the Federal Communications Commission (FCC) released a 105 page omnibus declaratory ruling and order (“Order”) under the Telephone Consumer Protection Act (“TCPA”) that, among other things, permits banks and other financial institutions to call consumers on their wireless telephones using autodialer equipment and pre-recorded messages (“robocalls”) and also send texts without prior written consent in certain limited circumstances.  The Order was effective upon its release.