State of Local Cybercrime / Internet Crime Laws & Legislation in the United States

2018 Cybersecurity Legislation Catalog

Provided by SCARS|ANALYTICS Division

The following is a catalog of cybercrime / cybersecurity laws activity by states and territories in 2018.

SCARS State Law Support Against Cybercrime / Cybersecurity Score:

SCARS U.S. Legislative Cybercrime Score: F - Fail

SCARS U.S. Legislative Cybercrime Score: F – Fail

U.S. STATES

With the U.S. House of Representatives in parallisys, it becomes the States to move the cybercrime legal agenda forward. However, it is very much a mixed bag.

Arizona

  • AZ EO 3
    Creates the State Cybersecurity Team; relates to securing information online and protecting citizens; relates to the continuous advisement to the Governor on cybersecurity issues; advises on federal resources available to combat cybersecurity threats; establishes a team with specific members appointed by the Governor.

California

  • CA A 1678
    Status: Enacted, Chap. 2018-96
    Requires the Secretary of State to adopt regulations describing best practices for storage and security of voter registration information received by an applicant. Requires a person or entity who has received voter registration information pursuant to an application to disclose a breach in the security of the storage of the information to the Secretary of State. Makes it a misdemeanor to distribute misleading or false information to a voter.
  • CA A 1859
    Status: Enacted, Chap. 2018-532
    Requires a consumer credit reporting agency that owns, licenses, or maintains personal information about a state resident, or an entity that has a contract with a consumer credit reporting agency and maintains personal information on behalf of a reporting agency that poses a significant risk to a breach in the system, to take certain measures to protect that data. Provides for civil action to recover damages, civil penalties, and attorney’s fees.
  • CA A 1906
    Status: Enacted, Chap. 2018-860
    Requires a manufacturer that sells or offers to sell a connected device in California to equip the connected device with a reasonable security feature or features appropriate to the nature and function of the device that is designed to protect the device from unauthorized remote access or use. Provide that equipping a connected device with a means for authentication outside a local area network is deemed a reasonable security feature if it meets certain requirements.
  • CA A 2225
    Status: Enacted, Chap. 2018-535
    Requires the Secretary of State, in consultation with the Department of Technology, to approve and adopt appropriate uniform statewide standards for the purpose of storing and recording permanent and nonpermanent documents in electronic media. Requires that cloud computing to be defined by the Department of Technology based on industry-recognized standards. Imposes certain requirements on a cloud computing storage service used by agencies.
  • CA A 2678
    Status: Failed-adjourned
    Requires a computerized data security breach notification provided to an affected person, if the breach exposed or may have exposed specified personal information, to include, among other things, notice that the affected person may elect to place a security freeze on his or her credit report. Provides that if the person or business was the source of the breach, an explanation of how a security freeze differs from the identity theft prevention and mitigation services is required.
  • CA A 2748
    Status: Failed–adjourned.
    Requires the Office of Information Security in the Department of Technology, the Office of Emergency Services, and the State Military Department to establish a pilot program to conduct, or require to be conducted, an independent security assessment of election infrastructure in counties that voluntarily choose to participate in the pilot program. Requires the transmission of the complete results of security assessments to the elections official of the relevant county.
  • CA A 2812
    Status: Failed–adjourned.
    Creates the Office of Local Cloud Migration and Digital Innovation in the Department of Technology. Requires the Office to promote the use of technologies including cloud based computing and data storage that will assist local agencies in their efforts to further transparency, efficiency, disaster preparedness and response, and general accessibility to the public. Requires the Office to partner with private industry and the nonprofit community to maximize the assistance provided to local agencies.
  • CA A 2813
    Status: Enacted. Chap. 2018-768
    Establishes in statute the California Cybersecurity Integration Center within the Office of Emergency Services to reduce the likelihood and severity of cyber incidents that could damage California’s economy, its critical infrastructure, or public and private sector computer networks in the state.
  • CA A 3075
    Status: Enacted. Chap. 2018-241
    Creates within the Secretary of State the Office of Elections Cybersecurity to coordinate efforts between the Secretary of State and local elections officials to reduce the likelihood and severity of cyber incidents that could interfere with the security or integrity of elections in the state.
  • CA A 3193
    Status: Status: Failed–adjourned.
    Revises an implementation requirement to provide that all state agencies must implement and comply with the policies and procedures issued by the State Chief Information Officer.
  • CA S 327
    Status: Enacted. Chap. 2018-886
    Requires a manufacturer of a connected device to equip such device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate to the information it may collect, contain, or transmit, and designed to protect the device and any information contained therein from unauthorized access, destruction, use, modification, or disclosure.
  • CA S 532
    Status: Enacted. Chap. 2018-557
    Relates to the California Emergency Services Act. Provides for adding cyberterrorism within those conditions constituting a state of emergency and a local emergency.

Colorado

  • CO E.O. 2
    Declares a disaster emergency due to the Department of Transportation cybersecurity incident in the state, authorizes deployment of the National Guard and use of the Emergency Management Assistance Compact.
  • CO E.O. 29
    Activates the National Guard for the purpose of ensuring election security.
  • CO H 1200
    Status: Enacted. Chap. 379
    Concerns cybercrime, criminalizes using a computer to engage in prostitution of a minor, criminalizing skimming payment cards, and making changes to the penalty structure for cybercrime, changes the name of the crime computer crime to cybercrime, makes soliciting, arranging, or offering to arrange a situation in which a minor may engage in prostitution, by means of using a computer, computer network, computer system, or any part thereof, a cybercrime.
  • CO S 86
    Status: Enacted. Chap. 319
    Concerns the use of cyber coding cryptology for the transmission and storage of state records, requires the Chief Information Security Officer, the Director of OIT, the Department of State, and the Department of Regulatory Agencies to take certain actions to protect state records containing trusted sensitive and confidential information from criminal, unauthorized, or inadvertent manipulation or theft, makes an appropriation.

Connecticut

  • CT S 441
    Status: Failed–adjourned.
    Concerns an inventory of the state’s cybersecurity job training pipeline, requires the Department of Economic and Community Development, in collaboration with state Innovations, Incorporated, the Department of Education, the Board of Regents for Higher Education and The University of Connecticut, to conduct an inventory of the educational resources available in the state to prepare students for careers in the cybersecurity field.

Florida

  • H.B. 755
    Status: Enacted, Chap. 60
    Relates to public records; provides an exemption from public records requirements for information obtained by persons or agencies from the First Responder Network Authority and information relating to the Nationwide Public Safety Broadband Network.
  • FL H 1127
    Status: Enacted, Chap. 65
    Relates to public records; provides an exemption from public records requirements for certain records held by the Citizens Property Insurance Corporation which identify detection, investigation, or response practices for suspected or confirmed information technology security incidents; provides retroactive application.
  • FL H 2125
    Status: Failed – Adjourned
    Relates to the Appropriations Project titled University of West Florida – Cybersecurity Support, provides an appropriation.
  • FL H 3355
    Status: Failed – Adjourned
    Relates to the Appropriations Project titled Computer Mentors Group Youth Cyber Security and effective date.
  • FL H 4045
    Status: Failed – Adjourned
    Relates to the appropriations project titled Miami Dade College, Cybersecurity Training Center, provides an appropriation.
  • FL H 5001
    Status: Enacted. Chap. 9
    Makes appropriations, provides moneys for the annual period beginning July 1, 2018, and ending June 30, 2019, and supplemental appropriations for the period ending June 30, 2018, to pay salaries, and other expenses, capital outlay for buildings, and other improvements, and for other specified purposes of the various agencies of state government.
  • FL S 1880
    Status: Failed
    Relates to public records, provides an exemption from public records requirements for certain records held by the Citizens Property Insurance Corporation which identify detection, investigation, or response practices for suspected or confirmed information technology security incidents.
  • FL S 608
    Status: Failed
    Relates to public records, establishes the Identity Theft and Fraud Protection Act, requires an agency to review information susceptible to use for purposes of identity theft or fraud before making postings to a publicly available website, prohibits an agency from posting an image or a copy of a public record containing information susceptible to use for purposes of identity theft or fraud to a publicly available website.

Georgia

  • GA S 315
    Status: Vetoed
    Relates to computer crimes, states that any person who intentionally accesses a computer or computer network with knowledge that such access is without authority shall be guilty of the crime of unauthorized computer access.
  • GA SR 318
    Status: Failed – Adjourned
    Creates the Senate Cyber Challenge Study Committee.
  • GA SR 454
    Status: Failed – Adjourned
    Creates the Senate Cyber Challenge Study Committee.
  • GA SR 929
    Status: Failed – Adjourned
    Creates the Joint Study Committee on Cyber Security Legislation.

Hawaii

  • HI H 598
    Status: Failed–adjourned.
    Authorizes the University of Hawaii to participate in and contribute funding for activities related to the development of a Hawaii cyber ecosystem and other related aspects of cyber security.
  • HI S 955
    Status: Failed–adjourned.
    Relates to homeland security, adds the fusion center as a program under the existing Office of Homeland Security, establishes the position of director of the fusion center who shall be responsible to the director of homeland security and accountable to manage the day-to-day operations of the fusion center.
  • HI H 1089
    Status: Failed–adjourned.
    Provides that the state of Hawaii, as a strategic location in the pacific, have all information necessary to guard against those who would do harm to the country and to the state, provides that the Hawaii State Fusion Center be fully staffed and supported, adds the fusion center as a program under the existing Office of Homeland Security, establishes the position of director of the fusion center who shall be responsible to the Director of Homeland Security and accountable to manage the day-to-day.
  • HI H 2078
    Status: Failed–adjourned.
    Authorizes and provides funding for the Technology Development Corporation to participate in and contribute funding for the development of a statewide cyber ecosystem and related aspects of cybersecurity.
  • HI H 2091
    Status: Failed–adjourned.
    Establishes the Hawaii State Fusion Center (Center) as a program under the Office of Homeland Security and establishes the position of Hawaii State Fusion Center Director who shall be state-funded, responsible to the Director of Homeland Security, and accountable to manage the operations of the Center.
  • HI SCR 46
    Status: Failed–adjourned.
    Requests the Office of Elections to conduct a security audit of Hawaii’s voting system.

Iowa

  • IA H 366
    Status: Failed–adjourned.
    Provides for state employee cyber security briefings for certain travel outside the country.
  • IA H 558
    Status: Failed–adjourned.
    Concerns the Office of the Chief Information Officer relating to designation of certain information technology staff, background checks, and the technology advisory council.
  • IA H 2252
    Status: Enacted. Chap. 1149
    Changes the requirements for membership on the board of examiners for voting systems, allowing one member to have been trained in cybersecurity rather than requiring training in computer programming and operations.
  • IA HSB 76
    Status: Failed–adjourned.
    Relates to public utilities and other infrastructure, includes the confidentiality of certain information relating to such infrastructure, the authority of utilities to make temporary rate changes, and presiding officers at public information meetings held for electric transmission line franchise petitions.
  • IA HSB 119
    Status: Failed–adjourned.
    Concerns the Office of the Chief Information Officer relating to designation of certain information technology staff, background checks, and the technology advisory council.
  • IA HSB 185
    Status: Failed–adjourned.
    Provides for the confidentiality of certain cyber security and critical infrastructure information developed and maintained by a government body.
  • IA SSB 1045
    Status: Failed–adjourned.
    Relates to public utilities and other infrastructure, relates to the confidentiality of certain information relating to such infrastructure, the authority of utilities to make temporary rate changes, and presiding officers at public information meetings held for electric transmission line franchise petitions.
  • IA SSB 1105
    Status: Failed–adjourned.
    Concerns the office of the chief information officer, relates to designation of certain information technology staff, background checks, and the technology advisory council.

Idaho

  • ID H 606
    Status: Enacted. Chap. 142
    Amends the Open Meeting Law, revises the definition of public agency, provides that the Cybersecurity Task Force or a committee awarding the state medal of achievement shall not constitute a public agency.
  • ID H 607
    Status: Enacted. Chap. 258
    Revises provisions relating to information technology services, provides for the Office of Information Technology Services, provides for the receipt of payment for services to units of state government, provides for advance payments and interaccount transactions, provides for the State Technology Authority, provides for responsibility of the integrated property records system.

Illinois

  • IL S 3068
    Status: Pending
    Appropriates funding from the General Revenue Fund to the State Board of Elections for grants to county clerks and boards of election commissioners for the funding of election cybersecurity infrastructure for the fiscal year beginning July 1.
  • IL H 3158
    Status: Failed – Adjourned
    Amends the Public Utilities Act, requires public water utilities operating in this State to file annually to the commerce Commission a report analyzing the risk and vulnerability of the State’s water supply to cyber attack, specifies the information to be provided in the report, requires the reports to be submitted to the Commission by a specified date of each year, and for the Commission to post the reports on its publicly accessible website, allows the Commission to adopt rules to implement.
  • IL H 3342
    Status: Enacted, Chap. 587
    Makes changes in state programs that are necessary to implement the state budget; relates to cyber security.
  • IL H 3737
    Status: Failed – Adjourned
    Creates the Government Cybersecurity Review Act, creates the Division of Cybersecurity Inspection within the Department of Innovation and Technology, provides that the Division shall review all websites operated by certain State agencies to determine whether cybersecurity flaws and data breach risks exist, provides that, if the Division finds that a flaw or data breach risk exists, the Division may issue an order to the State agency to cease operation of the website until certain requirements are met.
  • IL H 4861
    Status: Failed – Adjourned
    Appropriates funding from the General Revenue Fund to the State Board of Elections for grants to county clerks and boards of election commissioners for the funding of election cyber security infrastructure for the fiscal year beginning July 1, 2018.
  • IL H 5090
    Status: Failed – Adjourned
    Appropriates funds from the Technology Management Revolving Fund to the Office of the Executive Inspector General for the purpose of assessing state agency cyber security practices.
  • IL H 5093
    Status: Enacted, Public Act 1169
    Creates the Information Security Improvement Act, creates the Office of the Statewide Chief Information Security Officer within the Department of Innovation and Technology, provides for the duties and powers of the Office, creates the position of Statewide Chief Information Security Officer to serve as the head of the Office.
  • IL H 5547
    Status: Enacted, Chap. 914
    Amends the State Auditing Act, provides that on a biennial basis, the Auditor General shall conduct a performance audit of state agencies and their cybersecurity programs and practices, with a particular focus on agencies holding large volumes of personal information, provides for the subjects to be assessed by the audit, provides for the issuance of an audit report.
  • IL HJR 27
    Status: Failed – Adjourned
    Creates the Cybersecurity Task Force to study the status, progress, and future of cybersecurity.
  • IL HJR 59
    Status: Adopted
    Creates the International Cybersecurity Task Force within the Commerce Commission to review the Joint Analysis Report from the U.S. Department of Homeland Security and the Federal Bureau of Investigation dated December 29, 2016 and entitled Grizzly Steppe – Russian Malicious Cyber Activity and develop strategies to either implement or reject the report recommendations, makes changes to who is to appoint to Co-Chair of the Task Force and to the membership of the committees.
  • IL S 1410
    Status: Failed – Adjourned
    Amends the Police Training Act, provides that the curriculum for probationary police officers offered by all certified schools shall include courses on cyber crimes and crimes committed with personal technology devices, provides that the Law Enforcement Training Standards Board may conduct or approve a training program in personal technology devices for law enforcement officers of local government agencies, provides that the program shall train law enforcement officers to identify and investigate issues.
  • IL S 2651
    Status: Enacted, Chap. 623
    Amends the Election Code; requires each election authority to submit information on the voting equipment used within their jurisdiction; provides for cybersecurity efforts; provides for mail in ballots.
  • IL S 3068
    Status: Failed – Adjourned
    Appropriates funding from the General Revenue Fund to the State Board of Elections for grants to county clerks and boards of election commissioners for the funding of election cybersecurity infrastructure for the fiscal year beginning July 1, 2018.
  • IL S 3202
    Status: Failed – Adjourned
    Amends the Criminal Code of 2012, creates the offense of cyber extortion, provides that a person commits cyber extortion when he or she, with the intent to unlawfully extort money, property, or anything of value from another person, knowingly creates, places, or introduces without authorization into a computer, computer system, or computer network computer software that is designed to encrypt, lock, or otherwise restrict access or use in any way by an authorized user of the computer.
  • IL S 3203
    Status: Failed – Adjourned
    Amends the Criminal Code of 2012, creates the offense of cyber terrorism, provides that a person commits the offense when he or she with the intent to intimidate or coerce a civilian population, influence the policy of a unit of government by intimidation or coercion, or affect the conduct of a unit of government, commits any of the offenses defined in the computer crimes provisions of the Code.
  • IL S 3204
    Status: Failed – Adjourned
    Creates the Consumer Credit Reporting Agency Registration and Cybersecurity Program Act, provides for requirements for consumer credit reporting agency registration, contains provisions regarding grounds for revocation and suspension of a registration, provides that by January 1, 2019, a consumer credit reporting agency must have a cybersecurity program documented in writing and designed to protect the confidentiality, integrity and availability of its information systems.

Indiana

  • IN H 1112
    Status: Failed–adjourned
    Relates to cybersecurity; establishes the cyber civilian corps and the cyber civilian corps advisory board; requires the cyber civilian corps to provide rapid response assistance, upon request to an Indiana governmental, educational, nonprofit, or business organization, to a cybersecurity incident; places the cyber civilian corps program under the supervision of the Indiana management and performance hub.
  • IN S 362
    Status: Enacted. Chap. 126
    Relates to the regulation of new water and wastewater systems, provides that a water or wastewater utility that begins providing service to the public, after a specified date, is subject to the jurisdiction of the State Utility Regulatory Commission, provides for rates and charges, and other matters, for a specified period, beginning on the day on which the water or wastewater utility begins providing service to the public.

Kansas

  • KS H 2331
    Status: Failed–adjourned.
    Concerns information systems and communications, creates the representative Jim Morrison cybersecurity act, relates to digital information security for the executive branch agencies, establishes the information security office, establishes the cybersecurity state fund and cybersecurity state grant fund in the state treasury, creates the information technology enterprise, relates to consolidation and transfer of certain executive branch information technology staff, resources, functions and powers.
  • KS H 2359
    Status: Failed–adjourned.
    Makes and concerns appropriations for the fiscal years ending June 30, 2018, June 30, 2019, and June 30, 2020, for state agencies, authorizes certain transfers, capital improvement projects and fees, imposing certain restrictions and limitations, and directing or authorizing certain receipts, disbursements, procedures and acts incidental to the foregoing.
  • KS H 2365
    Status: Failed–adjourned.
    Makes appropriations for FY 2018 through FY 2024 for state agencies, authorizes and directs payment of certain claims against the state, authorizes certain transfers, capital improvement projects and fees, imposes certain restrictions and limitations, directs or authorizes certain receipts, disbursements, procedures and acts incidental to the foregoing.
  • KS H 2560
    Status: Failed
    Enacts the Kansas Cybersecurity Act.
  • KS H 2675
    Status: Failed–adjourned.
    Relates to interstate voter registration crosscheck program, relates to fee, relates to cybersecurity fund.
  • KS S 204
    Status: Failed–adjourned.
    Enacts the Kansas cybersecurity act.
  • KS S 342
    Status: Failed–adjourned.
    Enacts the Kansas cybersecurity act.
  • KS S 56
    Status: Enacted, Chap. 97
    Establishes the Cybersecurity Act, establishes the State Information Security Office, revises the membership of the Information Technology Executive Council.

Kentucky

  • KY H 200
    Status: Enacted. Chap. 169
    Relates to the State/Executive Branch Budget: Detail Part I, Operating Budget, appropriates money to General Government.
  • KY H 244
    Status: Enacted. Chap. 78
    Establishes the Division of Enterprise Portfolios within the newly established Office of IT Architecture and Governance, establishes the Offices of Project Management, IT Services and Delivery, IT Architecture and Governance, the Chief Information Security Officer, KY Business One Stop, abolishes the Offices of Enterprise Technology, Infrastructure Services, Application Development, Chief Information Officer, and Information Technology Service Management.

Louisiana

  • LA H 601
    Status: Enacted, Chap. 712
    Revises provisions relating to election officials; prohibits the disclosure of specified information by the Registrar of Voters, Clerk of Court, and Department of State relating to the security and integrity of the state voter registration computer system, the election management system, and voting equipment.

Massachusetts

  • MA H 1985
    Status: Failed – Adjourned
    Protects the privacy and security of biometric information.
  • MA H 2668
    Status: Failed – Adjourned
    Relates to legislation to provide procurement preference to vendors that carry cybersecurity insurance.
  • MA H 2813
    Status: Failed – Adjourned
    Relates to the security of personal financial information.
  • MA H 2814
    Status: Failed – Adjourned
    Relates to amending certain statutes pertaining to data security breaches and calling for an investigation by a special commission on cybersecurity to assess the various threats across the Commonwealth.
  • MA H 3365
    Status: Failed – Adjourned
    Establishes a task force to study the need for increased cyber security within government agencies.
  • MA H 4702
    Status: Failed – Adjourned
    Provides funding for the Massachusetts Cybersecurity Innovation Fund.
  • MA H 4714
    Status: Failed – Adjourned
    Provides funding for the Massachusetts Cybersecurity Innovation Fund.
  • MA S 149
    Status: Failed – Adjourned
    Relates to the security of personal financial information.
  • MA S 2060
    Status: Failed – Adjourned
    Relates to forming a special senate committee to review and make recommendations for the state to improve its cyber security readiness, enhance technological responses to homeland security and public safety threats, and further protect financial, medical and other sensitive information.
  • MA S 2076
    Status: Failed – Adjourned
    Makes appropriations for the Fiscal Year 2018 for the maintenance of the departments, boards, commissions, institutions, and certain activities of the Commonwealth, for interest, sinking fund, and serial bond requirements, and for certain permanent improvements.
  • MA S 2091
    Status: Failed – Adjourned
    Submits the majority report on the Governor’s Reorganization Plan Number 2 of 2017, an act to reorganize the information technology function of the Commonwealth and to improve data security, safeguard privacy, and promote better service delivery.
  • MA S 2622
    Status: Failed – Adjourned
    Provides funding for the Massachusetts Cybersecurity Innovation Fund.
  • MA S 2656
    Status: Failed – Adjourned
    Submits a report of the Special Senate Committee on Cyber Security Readiness with its finding and recommendations.

Maryland

  • MD H 364
    Status: Failed – Adjourned
    Allows a subtraction modification under the State income tax for certain capital gain income realized on the disposition of an investment in a certain cybersecurity company, authorizes certain Buyers of certain technology to claim a credit against the State income tax equal to 50% of certain costs incurred to purchase certain technology, requires the Secretary of Commerce to approve certain applications for the credits.
  • MD H 456
    Status: Failed
    Adds certain offenses involving computers to the list of offenses on which a charge of murder in the first degree can be based, prohibits the creation of or unauthorized introduction into a computer, computer system, or computer network software designed to inhibit access or use by an authorized user of a computer, computer system, or computer network for the purpose of extorting money, property, or anything of value from another, establishes a certain penalty, applies the Act prospectively.
  • MD H 767
    Status: Failed-adjourned
    Requires the State Board of Elections to conduct an annual audit of certain voter registration infrastructure to identify any security vulnerabilities; requires the State Board to mitigate any security vulnerabilities identified in the audit; requires the State Board to upgrade or replace certain voter registration infrastructure at certain times; prohibits a voting machine from being used in an election if more than 10 years have elapsed after the date the voting machine was manufactured.
  • MD H 1331
    Status: Enacted, Chap. 524
    Requires the State Administrator of Elections to submit a report to the Department of Information 11 Technology within a specified period of time after becoming aware of a security violation involving an election system, requires certain information to appropriate persons and the State Administrator be forwarded within a certain period of time after receiving a report submitted by the State Board, authorizes the Secretary of Information Technology to require that certain information remain confidential.
  • MD H 1819
    Status: Enacted, Chap. 566
    Establishes the Cyber Warrior Diversity Program at Baltimore City Community College, Bowie State University, Coppin State University, Morgan State University, and the University of Maryland Eastern Shore, requires certain institutions of higher education to jointly hold a National Cyber Warrior Diversity Conference.
  • MD H 695
    Status: Enacted. Chap. 304
    Authorizes a public body to meet in a closed session to discuss cybersecurity, if the public body determines that public discussion would constitute certain risks.
  • MD H 874
    Status: Enacted. Chap. 281
    Requires the Executive Director of the Department of Legislative Services to ensure that the responsibilities of the Department are carried out, alters those offices that comprise the Department, alters certain duties of the Department to review certain reporting requirements, establishes the Office of Operations and Support Services to supervise certain support services to the General Assembly, provides that the Office of Policy Analysis is not required to prepare an analysis of certain enabling acts.
  • MD H 1331
    Status: Enacted, Chap. 524
    Requires the State Administrator of Elections to submit a report to the Department of Information 11 Technology within a specified period of time after becoming aware of a security violation involving an election system; requires certain information to appropriate persons and the State Administrator be forwarded within a certain period of time after receiving a report submitted by the State Board; authorizes the Secretary of Information Technology to require that certain information remain confidential.
  • MD S 204
    Status: Enacted, Chap. 415
    Establishes the Cybersecurity Public Service Scholarship Program, specifies the purpose of the Program, requires the Office of Student Financial Assistance in the Maryland Higher Education Commission to administer the Program, specifies certain eligibility requirements for an applicant to the Program, authorizes a certain scholarship award to be used at any eligible institution to pay for certain education expenses, requires a scholarship recipient to maintain a certain grade point average.
  • MD S 228
    Status: Enacted, Chap. 578
    Alters the definition of investment to include certain types of debt, authorizes buyers of certain technology to claim a credit against state income tax for purchase costs, authorizes qualified buyers to apply for the credit, requires a qualified buyer to attach a certain certificate to their income tax return, provides for the revocation and recapture of a credit under certain circumstances, makes a cybersecurity incentive tax credit subject to certain evaluations.
  • MD S 281
    Status: Enacted. Chap. 151
    Alters the membership of the State Cybersecurity Council to include the State Administrator of Elections.
  • MD S 310
    Status: Failed – Adjourned
    Allows a subtraction modification under the State income tax for certain capital gain income realized on the disposition of an investment in a certain cybersecurity company, authorizes certain Buyers of certain technology to claim a credit against the State income tax equal to 50% of certain costs incurred to purchase certain technology, requires the Secretary of Commerce to approve certain applications for the credits, applies the Act to taxable years beginning after December 31, 2017.
  • MD S 376
    Status: Failed
    Adds certain offenses involving computers to the list of offenses on which a charge of murder in the first degree can be based, prohibits the creation of or unauthorized introduction into a computer, computer system, or computer network software designed to inhibit access or use by an authorized user of a computer, computer system, or computer network for the purpose of extorting money, property, or anything of value from another, establishes a certain penalty, applies the Act prospectively.
  • MD S 882
    Status: Failed – Adjourned
    Requires a unit to require a certain bidder or offeror to submit a certain certification or application before the unit is authorized to award a procurement contract for a certain Internet-connected device, requires a certain bidder or offeror to certify certain information regarding a certain security vulnerability of a certain Internet-connected device, authorizes a certain bidder or offeror to submit a certain application for a waiver from certain certification requirements.
  • MD S 892
    Status: Failed – Adjourned
    Requires the Executive Director of the Department of Legislative Services to ensure that the responsibilities of the offices of the Department are carried out, alters the offices that comprise the Department, alters certain duties of the Department to review certain reporting requirements, establishes the Office of Operations and Support Services in the Department, provides that the Office of Policy Analysis is not required to prepare an analysis of certain enabling acts under certain circumstances.

Michigan

  • MI H 4368
    Status: Failed – Adjourned
    Provides for omnibus budget bill.
  • MI H 4369
    Status: Failed – Adjourned
    Provides for omnibus appropriations for school aid, higher education and community colleges.
  • MI H 4697
    Status: Failed – Adjourned
    Expands definition of disaster to include a cybersecurity incident.
  • MI H 4973
    Status: Enacted. Chap. 68
    Exempts public body records, documents, or information disclosable under freedom of information act.
  • MI H 5128
    Status: Failed – Adjourned
    Allows for recovery of certain prosecution costs in crimes using computers or internet.
  • MI H 5257
    Status: Enacted, Chap. 95
    Provides penalties for unauthorized possession or use of ransomware.
  • MI H 5258
    Status: Enacted, Chap. 96
    Provides sentencing guidelines for ransomware offenses.
  • MI H 6491
    Status: Enacted, Chap. 690
    Enacts the Insurance Data Security Model law; establishes the exclusive standards, for this state, applicable to licensees for data security, the investigation of a cybersecurity event, and notification to the director.
  • MI S 149
    Status: Enacted, Chap. 586
    Relates for the school aid appropriations budget, provides the sum of the final audited count from the supplemental count day of pupils in grades K to 12 actually enrolled and in regular daily attendance in the community district for the immediately preceding school year plus the final audited count from the supplemental count day of pupils in grades K to 12 actually enrolled and in regular daily attendance in the education achievement system for the immediately preceding school year.
  • MI S 217
    Status: Failed – Adjourned
    Provides omnibus appropriations or school aid, higher education and community colleges.
  • MI S 218
    Status: Failed – Adjourned
    Provides omnibus executive recommendation bill.
  • MI S 632
    Status: Failed – Adjourned
    Adds section to the Management and Budget Act to create a Cybersecurity Council and outlines council membership and duties.
  • MI S 941
    Status: Enacted, Chap. 227
    Enacts appropriations in School Aid Fund for the Marshall Plan for Talent.

Minnesota

  • MN H 691
    Status: Failed–adjourned.
    Relates to state government, requires monthly reports related to the employee gainsharing system, appropriates money for the legislature, governor’s office, state auditor, attorney general, secretary of state, certain agencies, boards, councils, retirement funds, military affairs, and veterans affairs, cancels and reduces of certain appropriations, requires a base budget report, establishing districting principles, establishes the Legislative Budget Office.
  • MN H 1080
    Status: Failed–adjourned.
    Relates to state government, changes provisions governing state government operations and military veterans policy, appropriates money.
  • MN H 1896
    Status: Failed–adjourned.
    Relates to state government, establishes a Legislative Commission on Cyber Security, provides legislative appointments.
  • MN H 2298
    Status: Failed–adjourned.
    Relates to state government, establishes a Legislative Commission to Review Consolidation of the State’s Information Technology, requires a report.
  • MN H 2868
    Status: Failed–adjourned.
    Relates to state government, requires state agencies to dedicate a portion of their information technology expenditures to cyber security enhancements.
  • MN H 2958
    Status: Failed–adjourned.
    Relates to education finance; increases districts’ safe schools levy authority; authorizes school districts to use safe schools levy proceeds to enhance cybersecurity.
  • MN H 3126
    Status: Failed–adjourned.
    Relates to state government, creates technology and cyber security fund.
  • MN H 3365
    Status: Failed–adjourned.
    Relates to education finance; increases the safe schools levy; authorizes the safe schools levy to be spent on cyber security activities; links the portion of the levy available for intermediate school districts to the school district per pupil allowance.
  • MN H 3639
    Status: Failed–adjourned.
    Relates to higher education; appropriates money to the Board of Trustees of the Minnesota State Colleges and Universities to fund cyber security programs at Metropolitan State University.
  • MN H 3447
    Status: Failed–adjourned.
    Relates to state government, requires certain information and telecommunications technology projects to be developed and completed by contract, establishes regulation relating to information technology and cyber security, revises evaluation procedures, requires a field test prior to a full release or deployment of an information and telecommunications project.
  • MN H 3638
    Status: Failed–adjourned.
    Relates to higher education, provides for the financing of higher education programs, modifies certain higher education policy provisions, clarifies changes to loan forgiveness and research grant programs, modifies the regent candidate selection process.
  • MN H 3644
    Status: Failed–adjourned.
    Relates to capital investment, appropriates money for a cybersecurity operations center at Metro State University, authorizes the sale and issuance of state bonds.
  • MN H 3791
    Status: Failed–adjourned.
    Relates to elections, permits eligible individuals who are at least 17 years of age to preregister to vote, provides for automatic voter registration of applicants for a driver’s license, instruction permit, or state identification card, requires the secretary of state to provide election security training, appropriates money for the purposes of providing grants for the purchase or lease of electronic rosters, appropriates money for necessary upgrades to the statewide voter registration system.
  • MN H 4016
    Status: Failed–adjourned.
    Relates to state government, appropriates money for certain agencies and reduces appropriations for certain agencies, approves transfers of money from certain accounts, requires enhanced cyber security, establishes principles for districting, establishes the Legislative Budget Office Oversight Commission, establishes provisions for the Legislative Budget Office.
  • MN H 4099
    Status: Failed
    Relates to state government, makes policy and technical changes to various agriculture-related provisions including provisions related to agriculture finance, establishes a rural energy feasibility loan program, requires approval of certain proposed rules, authorizes the sale of certain bonds, modifies environmental, natural resource, and game and fish provisions, modifies Water Law, modifies Clean Water Legacy Act, modifies solid waste provisions, requires fencing for abandoned mines.
  • MN H 4328
    Status: Failed–adjourned.
    Relates to education, provides for the financing of early childhood through higher education, includes general education, relates to student and school safety, relates to education excellence, teachers, special education, facilities, technology, and libraries, concerns nutrition.
  • MN H 4385
    Status: Vetoed
    Relates to taxation, makes changes to conform with certain federal tax law changes, adopts federal adjusted gross income as the starting point for calculating individual income tax, makes policy and technical changes to various tax related provisions relating to the individual income tax, corporate franchise tax, estate tax, sales and use tax, gross revenues tax, gross receipts tax, property tax, partnership tax, tobacco tax, minerals tax, and other miscellaneous tax provisions.
  • MN H 4420
    Status: Failed–adjourned.
    Relates to state government, makes supplemental appropriations for certain state agencies, changes allocation of rent collected on lease of certain state building spaces, changes provisions governing human burials, remains, and cemeteries.
  • MN S 798
    Status: Failed–adjourned
    Relates to state government; changes provisions governing state government operations and military veterans policy; appropriates money.
  • MN S 1251
    Status: Failed–adjourned.
    Relates to state government, establishes a Legislative Commission on Cyber Security, provides legislative appointments.
  • MN S 1709
    Status: Failed–adjourned.
    Relates to state government, establishes a Legislative Commission to Review Consolidation of the State’s Information Technology, requires a report.
  • MN S 2507
    Status: Failed–Adjourned.
    Relates to education finance; increases districts’ safe schools levy authority; authorizes school districts to use safe schools levy proceeds to enhance cybersecurity.
  • MN S 3020
    Status: Failed–Adjourned.
    Relates to education finance; increases the safe schools levy; authorizes the safe schools levy to be spent on cyber security activities; links the portion of the levy available for intermediate school districts to the school district per pupil allowance.
  • MN S 3374
    Status: Failed–adjourned.
    Relates to elections, permits eligible individuals who are at least 17 years of age to preregister to vote, provides for automatic voter registration of applicants for a driver’s license, instruction permit, or state identification card, requires the secretary of state to provide election security training, appropriates money for the purposes of providing grants for the purchase or lease of electronic rosters, appropriates money for necessary upgrades to the statewide voter registration system.
  • MN S 3648
    Status: Failed–adjourned.
    Relates to capital investment, appropriates money for a cybersecurity operations center at Metro State University, authorizes the sale and issuance of state bonds.
  • MN S 3656
    Status: Vetoed
    Appropriates money for agriculture, rural development, housing, state government, public safety, transportation, environment, natural resources, energy, jobs, economic development, higher education, education, health, and human services, establishes the Legislative Budget Office Oversight Commission.
  • MN S 3764
    Status: Failed–adjourned.
    Relates to state government, specifies conditions of legislative ratification of proposed collective bargaining agreements, requires proposed changes to state employee group insurance to be submitted separately to the Legislative Coordinating Commission, requires certain information about collective bargaining agreements and compensation plans be submitted to the Legislative Coordinating Commission.
  • MN S 3930
    Status: Failed–adjourned.
    Relates to higher education, appropriates money to the Board of Trustees of the Minnesota State Colleges and Universities to fund cyber security programs at Metropolitan State University.
  • MN S 4002
    Status: Failed–adjourned.
    Relates to state government, makes supplemental appropriations for certain state agencies, changes allocation of rent collected on lease of certain state building spaces, changes provisions governing human burials, remains, and cemeteries.

Missouri

  • MO H 1355
    Status: Enacted.
    Establishes a joint committee of the general assembly, which shall be known as the “Joint Committee on Disaster Preparedness and Awareness”; requires the committee to make a continuous study and investigation into issues relating to disaster preparedness and awareness including, natural and man-made disasters, state and local preparedness for floods, state and local preparedness for tornadoes, blizzards, and other severe storms, food and energy resiliency and cyber-security.
  • MO H 1998
    Status: Failed–adjourned.
    Creates guidelines for reviewing the comprehensive state energy plan.
  • MO H 2265
    Status: Failed–adjourned.
    Modifies provisions for public utilities.

Mississippi

  • MS H 1147
    Status: Failed
    Exempts certain information technology records from the State Public Records Act, conforms to the provisions of this act, relates to public records, for the purposes of amendment.
  • MS S 2698
    Status: Failed
    Exempts from the public records act certain information technology related information that, if disclosed, could allow unauthorized access to the state’s it assets.

Nebraska

  • NE L 247
    Status: Failed
    Provides for school district levy and bonding authority for cybersecurity.
  • NE L 757
    Status: Enacted
    Revises provisions of the Credit Report Protection Act and the Financial Data Protection and Consumer Notification of Data Security Breach Act, requires substantially similar types of a security product that provides the same level of protection to a consumer’s credit report as that provided under the Credit Report Protection Act, prohibits an agency using a similar type of security product from charging a fee to a consumer, requires maintenance of reasonable security procedures and practices.

New Hampshire

  • NH H 1335
    Status: Enacted. Chap. 63
    Prohibits state agencies from using software developed by Kaspersky Labs.

New Jersey

  • NJ A 1766
    Status: Pending
    Requires certain persons and business entities to maintain comprehensive information security program.
  • NJ A 3542
    Status: Pending
    Requires state, county, and municipal employees and certain state contractors to complete cybersecurity awareness training.
  • NJ A 3546
    Status: Pending
    Directs Rutgers Discovery Informatics Institute, the Office of Information Technology, and Big Data Alliance to develop an advanced cyber infrastructure strategic plan; appropriates funds.
  • NJ A 3922
    Status: Pending
    Requires state employees to review best cybersecurity practices.
  • NJ A 3983
    Status: Pending
    Requires public institutions of higher education to establish plans concerning cyber security and prevention of cyber attacks.
  • NJ AJR 54
    Status: Pending
    Designates October of each year as Cyber Security Awareness Month.
  • NJ AJR 86
    Status: Pending
    Urges Secretary of State to assure Legislature and public that State’s electoral system is protected from foreign computer hackers.
  • NJ S 998
    Status: Pending
    Requires Economic Development Authority (EDA) to establish program offering low-interest loan to certain financial institutions and personal data businesses to protect business’s information technology system from customer personal information disclosure.
  • NJ S 2692
    Status: Pending
    Requires certain persons and business entities to maintain a comprehensive information security program.
  • NJ SJR 22
    Status: Pending
    Urges the Secretary of State to assure the Legislature and the public that the state’s electoral system is protected from foreign computer hackers.

New Mexico

  • NM S 244
    Status: Failed-adjourned
    Urges the Secretary of State to assure the Legislature and the public that the state’s electoral system is protected from foreign computer hackers.

New York

  • NY A 2765
    Status: Failed – Adjourned
    Amends the Penal Law, relates to creating the crime of cyber terrorism and calculating damages caused by computer tampering, provides that cyber terrorism shall be a class B felony.
  • NY A 3311
    Status: Failed – Adjourned
    Relates to cyber terrorism in the first and second degree.
  • NY A 3448
    Status: Failed – Adjourned
    Requires the formation of a cyber security advisory board and the implementation of a cyber security initiative.
  • NY A 3451
    Status: Failed – Adjourned
    Requires a comprehensive review of all cyber security services to be performed every five years.
  • NY A 4422
    Status: Failed – Adjourned
    Amends the Banking Law, requires lending institutions to supply customers with PINs to be used in conjunction with any chip-embedded credit card.
  • NY A 5496
    Status: Failed – Adjourned
    Relates to cyber crimes and identity theft, increases penalties for certain acts involving use of personal information, fraud, tampering, theft and use of a computer to commit crimes.
  • NY A 7480
    Status: Failed – Adjourned
    Enacts the New York Grid Modernization Act to address the aging infrastructure, establishes the grid modernization program, defines terms, creates the smart grid advisory council, makes related changes.
  • NY A 7781
    Status: Failed – Adjourned
    Amends the Tax Law, relates to a business tax credit for the purchase of data breach insurance.
  • NY A 7916
    Status: Failed – Adjourned
    Establishes the ethical standards for state agency contractors act.
  • NY A 7997
    Status: Failed – Adjourned
    Amends the General Business Law, relates to the protection of personal information by businesses.
  • NY A 8501
    Status: Failed – Adjourned
    Directs the Division of Homeland Security and Emergency Services to work with other experts who maintain experience and knowledge in the area of cyber security to develop a cyber security action plan for the state, provides for the establishment of cyber security defense units, cyber incident response teams, and cyber education and attack prevention, provides reporting requirements, reimbursement for costs of service, and timing of the cyber security action plan.
  • NY A 8641
    Status: Failed – Adjourned
    Establishes the computer security act, addressing the widespread problem of spyware, makes it illegal for third parties to knowingly and deceptively cause computer software to be copied on to personal computers that changes the computer users settings without permission, prevents users from resetting computers to the original preferences or removing third party software, secretly collects information about internet searches, disables the computer’s security software or causes related disruptive activities.
  • NY A 8674
    Status: Failed – Adjourned
    Amends the Tax Law, relates to offering a tax credit to employers who pay for their employees to acquire an associate of applied science in computer security from a SUNY or CUNY school.
  • NY A 9013
    Status: Failed – Adjourned
    Establishes a commission to study cyber security in the state.
  • NY A 9780
    Status: Failed – Adjourned
    Enacts the Personal Information Protection Act, establishes a personal information bill of rights requiring parties having custody of residents’ personal identifying information to ensure the security thereof, provides for the approval of programs to secure personal identifying information by the office of information security, requires the notification of the division of state police and the subjects of information upon the breach of such information.
  • NY A 9843
    Status: Failed – Adjourned
    Amends the penal law, relates to establishing the offenses of phishing in the third degree, phishing in the second degree and phishing in the first degree, amends the criminal procedure law, relates to the time in which a prosecution of such offenses must be commenced.
  • NY A 10486
    Status: Vetoed by Governor.
    Amends the Insurance Law; clarifies that continuing care retirement communities are not subject to department of financial services cybersecurity regulation.
  • NY S 924
    Status: Failed – adjourned
    Requires the formation of a cyber security advisory board and the implementation of a cyber security initiative.
  • NY S 926
    Status: Failed – adjourned
    Requires a comprehensive review of all cyber security services to be performed every five years., requires a detailed assessment of each and every cyber security need of the State, including but not limited to, its state agencies and its public authorities.
  • NY S 953
    Status: Failed – adjourned
    Relates to cyber terrorism in the first and second degree.
  • NY S 1563
    Status: Failed – adjourned
    Relates to offenses involving theft of identity and computer tampering.
  • NY S 2004
    Status: Failed – adjourned
    Makes appropriations for the support of government, relates to the Capital Projects Budget.
  • NY S 2406
    Status: Failed – adjourned
    Relates to cyber crimes and identity theft, repeals certain provisions of the penal law relating to scheme to defraud, includes property that is personal identifying information in in the crime of grand larceny, provides for computer tampering, and denial of service attack on a computer, computer service, program or network, defines the crime of scheming to defraud, provides for the crime of identity theft.
  • NY S 3654
    Status: Failed – adjourned
    Relates to offenses involving thefts of identity.
  • NY S 4615
    Status: Failed – adjourneding
    Amends the Tax Law, relates to a business tax credit for purchase of data breach insurance, states, a taxpayer that is a business or owner of a business shall be allowed a credit against the tax imposed by this article equal to twenty-five percent of the premium paid during the taxable year for qualified data breach insurance.
  • NY S 4719
    Status: Failed – adjourned
    Amends the Insurance Law, promotes competitive property and casualty insurance markets for business to business insurance transactions.
  • NY S 5946
    Status: Failed – adjourned
    Directs the commissioner of the division of homeland security and emergency services to work with other experts who maintain experience and knowledge in the area of cyber security to develop a cyber security action plan for New York state, relates to cyber education and attack prevention.
  • NY S 6933
    Status: Failed – adjourned
    Amends the Stop Hacks and Improve Electronic Data Security, or SHIELDS, Act; relates to notification of a security breach; expands the definition of private information to include certain account numbers, biometric information, user names and email addresses, and unsecured protected health information; provides for reasonable security requirements.
  • NY S 7555
    Status: Failed – adjourned
    Enacts the “personal information protection act”, establishes a personal information bill of rights requiring parties having custody of resident’s personal identifying information to ensure the security thereof, provides for the approval of programs to secure personal identifying information by the office of information security.
  • NY S 7599
    Status: Failed – adjourned
    Relates to offering cyber security instruction in certain computer courses.
  • NY S 7726
    Status: Failed – adjourned
    Establishes a commission to study the European Union’s general protection data regulation and the current state of cyber security in the state.
  • NY S 7940
    Status: Failed – adjourned
    Amends the Insurance Law; clarifies that continuing care retirement communities are not subject to the Department of Financial Service’s cybersecurity regulations; authorizes such organizations to self certify a cybersecurity policy.
  • NY S 8138
    Status: Failed – adjourned
    Establishes the offenses of phishing in the third degree, phishing in the second degree and phishing in the first degree, relates to the time in which prosecution of such offenses must be commenced.

Ohio

  • OH H 466
    Status: Failed – adjourned
    Establishes a Director of Elections Cybersecurity and an Elections Cybersecurity Council to advise the Secretary of State on securing Ohio’s elections and preventing future threat
  • OH H 747
    Status: Failed – adjourned
    Creates the civilian cyber security reserve forces; makes an appropriation.
  • OH S 220
    Status: Enacted, Chap. 104
    Enacts certain provisions of the Revised Code relating to safe harbor, provides a legal safe harbor to covered entities that implement a specified cybersecurity program.
  • OH S 273
    Status: Enacted, Chap. 134
    Clarifies the definition of an insurance rating agency; requires each licensee to develop, implement, and maintain a comprehensive written information security program based on the licensee’s risk assessment; relates to a domestic surplus lines insurer.
  • OH S 327
    Status: Failed – adjourned
    Creates the civilian cyber security reserve forces; makes an appropriation.

Pennsylvania

  • PA H 32
    Status: Failed – adjourned
    Amends the act of April 9, 1929 (P.L.177, No.175), known as The Administrative Code of 1929, in organization of departmental administrative boards and commissions and of advisory boards and commissions, provides for Cybersecurity Innovation and Excellence Commission.
  • PA H 1704
    Status: Failed – adjourned
    Amends Title 71 of the Pennsylvania Consolidated Statutes, providing for information technology, establishes the Office of Information Technology and the Information Technology Fund, provides for administrative and procurement procedures, provides for the Legislative Cybersecurity Oversight Committee, imposes penalties.
  • PA S 308
    Status: Failed – adjourned
    Amends the Breach of Personal Information Notification Act, provides for title of act, for definitions and for notification of breach, prohibits employees of the state from using non secured Internet connections, provides for a policy and for entities subject to the Health Insurance Portability and Accountability Act of 1996.
  • PA S 427
    Status: Failed – adjourned
    Amends Vehicles of the Pennsylvania Consolidated Statutes, in operation of vehicles, provides for highly automated vehicles and platooning testing.
  • PA S 914
    Status: Failed – adjourned
    Amends Title 71 of the Pennsylvania Consolidated Statutes, provides for information technology, establishes the Office of Information Technology and the Information Technology Fund, provides for administrative and procurement procedures and for the Legislative Cybersecurity Oversight Committee, imposes penalties.

Rhode Island

  • RI H 5543
    Status: Failed – adjourned
    Prohibits unauthorized access to confidential information from a computer, computer program, computer system, or computer network with the intent to either view, obtain, copy, or download any confidential information, establishes that violations would be a felony.
  • RI H 5954
    Status: Failed – adjourned
    Would require all state, municipal and quasi-public departments to protect information contained in their computer systems by complying with the criteria set forth in a publication (800-171) put out by the US Department of Commerce’s National Institute of Standards and Technology (NIST). It gives the departments 18 months after passage of the act to comply. Also in furtherance of this end, the act would exempt all discussion and activity from the open meetings law. This act would take effect upon passage.
  • RI H 7817
    Status: Failed – adjourned
    Would require all state, municipal, and quasi-public departments to protect information contained in their computer systems by complying with the criteria set forth in a publication (800-171) by the US Department of Commerce’s National Institute of Standards and Technology (NIST). The departments would have eighteen (18) months after passage of the act to comply. Further, the act would exempt all discussion and activity from the open meetings law. This act would take effect upon passage.

South Carolina

  • SC H 3427
    Status: Failed – adjourned
    Enacts the Computer Science Education Initiative, provides that public high schools and charter high schools shall offer certain computer science coursework, requires the state Board of Education to adopt and ensure implementation of grade-appropriate standards for computer science and computational thinking for public school students in kindergarten through twelfth grade, Provides for the office of the governor to establish criteria and processes for science, technology, engineering and math regions.
  • SC H 4655
    Status: Enacted, Act 171
    Enacts the State Insurance Data Security Act; requires a licensee to develop, implement and maintain a comprehensive information security program based on the licensee’s risk assessment and to establish certain requirements for the security program; provides minimum requirements for a licensee’s Board of Directors, if applicable; requires a licensee to monitor the security program and make adjustments if necessary; provides that the licensee must establish an incident response plan; relates to reports.
  • SC H 4950
    Status: Enacted
    Makes appropriations. Requires all state agencies to adopt and implement cyber security policies, guidelines and standards developed by the Department of Administration. The department may conduct audits on state agencies except public institutions of higher learning, technical colleges, political subdivisions, and quasi-governmental bodies as necessary to monitor compliance with established cyber security policies, guidelines and standards.
  • SC S 856
    Status: Failed
    Enacts the State Insurance Data Security Act; requires a licensee to develop, implement and maintain a comprehensive information security program based on the licensee’s risk assessment and to establish certain requirements for the security program; provides minimum requirements for a licensee’s Board of Directors, if applicable; requires a licensee to monitor the security program and make adjustments if necessary; provides that the licensee must establish an incident response plan; relates to reports.

Tennessee

  • TN H 1519
    Status: Failed – Adjourned
    Relates to Election Laws; requires the coordinator of elections to engage a cybersecurity firm to perform a study of the voter data system in this state and produce a report that details the risk to voter data posed by hacking.
  • TN S 1681
    Status: Failed – Adjourned
    Relates to Election Laws; requires the coordinator of elections to engage a cybersecurity firm to perform a study of the voter data system in this state and produce a report that details the risk to voter data posed by hacking.

Utah

  • UT H 174
    Status: Enacted. Chap. 125
    Changes the composition of the Utah Digital Health Service Commission; increases the number of members on the commission; creates an additional category for representation; increase the number of members required for a quorum; adds information security to the duties and responsibilities.
  • UT S 242
    Status: Enacted. Chap. 444
    Amends provisions relating to cybercrime.

Virginia

  • VA H 258
    Status: Failed – Adjourned
    Relates to computer trespass, relates to penalty, expands the crime of computer trespass to provide that the prohibited actions that constitute computer trespass are criminalized if done through intentionally deceptive means and without authority, specifies that a computer user is not required to be given notice of the activities of a computer hardware or software provider, an interactive computer service, or a telecommunications or cable operator that are required or authorized by law.
  • VA H 279
    Status: Failed – Adjourned
    Relates to RICO Act, relates to computer crimes, relates to penalty, adds certain felony offenses contained in the Virginia Computer Crimes Act as qualifying offenses under the Virginia Racketeer Influenced and Corrupt Organization (RICO) Act, provides that such crimes include computer fraud, transmission of unsolicited commercial electronic mail, computer trespass, computer invasion of privacy, using a computer to gather identifying information, and theft of computer services.
  • VA H 685
    Status: Failed
    Relates to Cybersecurity Student Loan Repayment Grant Program established, relates to report, establishes the Cybersecurity Student Loan Repayment Grant Program, to be administered by the State Council of Higher Education for Virginia, whereby renewable grants of matching state and employer funds are provided on a competitive basis to an individual who either graduated within the past year from a public institution of higher education or nonprofit private institution of higher education.
  • VA H 727
    Status: Enacted. Chap. 52
    Relates to Freedom of Information Act, relates to exclusion of records relating to public safety, clarifies the exclusion from mandatory disclosure of information relating to a safety program plan pursuant to Federal Transit Administration regulations, makes a nonsubstantive correction.
  • VA H 1221
    Status: Enacted. Chap. 775
    Relates to Virginia Information Technologies Agency, relates to additional duties of the Chief Information Officer, relates to cybersecurity review, requires the CIO of the Information Technologies Agency to conduct an annual comprehensive review of cybersecurity policies of every executive branch agency, with a particular focus on breaches in information technology that occurred in the reviewable year and any steps taken by agencies to strengthen cybersecurity measures.
  • VA H 1317
    Status: Failed – Adjourned
    Relates to administrative subpoena for electronic communication service or remote computing service records, relates to certain offenses, adds various computer crimes to the list of crimes for which attorneys for the Commonwealth have the authority to issue administrative subpoenas to obtain records and other information from electronic communication service and remote computing service providers if relevant to a legitimate law-enforcement investigation.
  • VA H 5002 a
    Status: Enacted. Chap. 2
    Relates to Budget Bill, appropriations of the Budget submitted by the Governor of Virginia in accordance with the provisions of Section 2.2-1509, Code of Virginia, and to provide a portion of revenues for the two years ending respectively on the thirtieth day of June, 2019, and the thirtieth day of June, 2020.
  • VA S 533
    Status: Failed – Adjourned
    Relates to computer trespass, relates to penalty, expands the crime of computer trespass to provide that the prohibited actions that constitute computer trespass are criminalized if done through intentionally deceptive means and without authority and specifies that a computer hardware or software provider, an interactive computer service, or a telecommunications or cable operator does not have to provide notice of its activities to a computer user that a reasonable computer user should expect may occur.
  • VA S 657
    Status: Enacted. Chap. 741
    Relates to the Freedom of Information Act, relates to exclusion of records relating to public safety, excludes from mandatory disclosure under the Freedom of Information Act information held by the State Commercial Space Flight Authority, provides for information that is categorized as classified, or sensitive but unclassified, including national security, defense, and foreign policy information.
  • VA S 776
    Status: Failed
    Relates to administrative subpoena for electronic communication service or remote computing service records, relates to certain offenses, adds various computer crimes to the list of crimes for which attorneys for the Commonwealth have the authority to issue administrative subpoenas to obtain records and other information from electronic communication service and remote computing service providers if relevant to a legitimate law-enforcement investigation.
  • VA S 966
    Status: Enacted. Chap. 296
    Relates to electric utility regulation, provides for grid modernization and energy efficiency programs, provides for rate review proceedings and transitional rate periods, provides for energy storage facilities, relates to electric distribution grid transformation projects, and wind and solar generation facilities, relates to coal combustion by product management, relates to undergrounding electrical transmission lines, relates to fuel factor.

Vermont

  • VT H 474
    Status: Failed–adjourned.
    Relates to cybercrime.
  • VT H.B. 764
    Status: Enacted. Chap. 171
    Relates to data brokers and consumer protection.
  • VT H 16a
    Status: Enacted. Chap. 11
    Makes appropriations for the support of government, cybersecurity, financial education, and vital records; provides for the Workforce Education and Training Fund; provides for the One Time Clean Energy Development Fund; provides for Medicaid programs; provides for education funding; provides funding for social services programs; provides for certain taxation

Washington

  • WA H 1233
    Status: Failed – Adjourned
    Enables electric utilities to prepare for the distributed energy future, ensures that procurement decisions are based on current cost and performance data for distributed energy resources, states that a utility should procure the distributed energy resource needs identified in any distributed energy resources plan through a process that is price-based and technology neutral.
  • WA H 1418
    Status: Failed – Adjourned
    Establishes a blue ribbon panel on cybersecurity.
  • WA H 1419
    Status: Failed – Adjourned
    Grants the governor authority to proclaim a state of emergency in the event of a substantial cybersecurity incident.
  • WA H 1421
    Status: Failed – Adjourned
    Concerns the removal of payment credentials and other sensitive data from state data networks, excludes account information required for making outgoing payments, distributions, and transfers.
  • WA H 1472
    Status: Failed – Adjourned
    Criminalizes damaging, destroying, tampering, or removing ballot return boxes or contents.
  • WA H 1479
    Status: Failed – Adjourned
    Concerns encryption of data on state information technology systems.
  • WA H 1697
    Status: Failed – Adjourned
    Addresses the cybersecurity and information technology professional shortage by requiring a study of incentive methods for attracting high-demand talent in information technology and cybersecurity to state agencies.
  • WA H 1830
    Status: Failed – Adjourned
    Creates the cybersecurity conditional loan program.
  • WA H 1929
    Status: Failed – Adjourned
    Concerns independent security testing of state agencies’ information technology systems and infrastructure by the military department.
  • WA H 2086
    Status: Failed – Adjourned
    Establishes a task force to address state interagency coordination in cybersecurity.
  • WA H 2172
    Status: Failed – Adjourned
    Concerns independent security testing of state agencies’ information technology systems and infrastructure by the military department.
  • WA H 2299
    Status: Failed – Adjourned
    Makes supplemental operating appropriations, relates to the general fund.
  • WA H 2388
    Status: Failed – Adjourned
    Concerns the security of voting systems in elections.
  • WA H 2406
    Status: Enacted. Chap. 218
    Concerns election security practices around auditing and equipment, adds options to the auditing process for local elections administrators, concerns maximizing the security benefits of having locally run, decentralized counting systems.
  • WA H 2678
    Status: Failed – Adjourned
    Modifies cybercrime provisions.
  • WA H 2999
    Status: Failed – Adjourned
    Concerns security breaches of election systems or election data. Requires the secretary of state to submit a report to the governor, lieutenant governor, state chief information security officer, attorney general, a designated county auditor representative or other designated local election official, and the chairs and ranking members of the appropriate legislative committees from the senate and house of representatives that includes information on any instances of security breaches identified under subsection (1) of this section, and options to increase the security of the election systems and election data, and prevent future security breaches.
  • WA S 5048
    Status: Failed – Adjourned
    Makes fiscal biennium operating appropriations, provides for the appropriation and authorization to be incurred for salaries, wages, and other expenses of the agencies and offices of the state and for other specified purposes for the fiscal biennium.
  • WA S 5455
    Status: Failed – Adjourned
    Concerns statewide cybersecurity performance.
  • WA S 6032
    Status: Enacted. Chap. 299
    Makes supplemental operating appropriations, relates to the general fund.
  • WA S 6202
    Status: Failed – Adjourned
    Concerns election security practices around auditing and equipment.

West Virginia

  • WV H 4342
    Status: Failed – Adjourned
    Relates to commercial insurance rates.
  • WV S 495
    Status: Enacted. Chap. 128
    Relates to commercial insurance rates, designates cybersecurity insurance coverage as exempt from the requirements of filing rates with the insurance commissioner.

Wyoming

  • WY H 1
    Status: Enacted. Chap. 134
    Makes appropriations for the fiscal biennium commencing July 1, 2018 and ending June 30, 2020, provides definitions, provides for appropriations and transfers of funds for the period of the budget and for the remainder of the current biennium as specified, provides for carryover of certain funds beyond the biennium as specified, provides for employee positions as specified.

U.S. TERRITORIES

District of Columbia

  • DC B 782
    Status: Failed – Adjourned
    (Permanent Law) Creates a program under which volunteers may provide services to District government agencies and offices to respond to cybersecurity incidents, to provide for protection from liability for personal injury and property damage, and to create the District of Columbia Cyber Civilian Collective and prescribe its powers and duties.
  • DC B 783
    Status: Failed – Adjourned
    (Permanent Law) Amends Chapter 46 of Title 47 to establish a $1,000 tax credit to create incentives for certified business enterprises and certified small business enterprises to purchase qualified data breach insurance, to require the Council to reauthorize the use of this tax incentive annually, and to require the Chief Financial Officer to establish rules and regulations to implement this act.
  • DC B 805
    Status: Failed – Adjourned
    Establishes a pilot program within the Office of the Chief Technology Officer for veterans to acquire skills, knowledge, and experience necessary to enter the cybersecurity field.

Puerto Rico

  • PR H 246
    Status: Adopted
  • PR HR 257
    Status: Pending
    Orders the House Committees on Finance and Public Security to investigate the information systems of the Department of the Treasury, its maintenance and the reasons for a cyber virus that caused on Monday, January 6 of 2017 the Department of the Treasury to raise about $20 million, determines if the information from taxpayers and the government hosted on the servers of the Department of the Treasury was affected as a result of this cyber virus.
  • PR HR 367
    Status: Pending
    Orders the House Committee on Public Safety to assess the feasibility of establishing a forensic laboratory in cyber crimes, similar to that of the Immigration and Customs Enforcement, which provides services exclusively to state agencies.
  • PR HR 475
    Status: Pending
    Orders the House Committee on Public Safety to research the practices and policies of cyber security and of the executive departments and agencies of the Government, with urgency in the Department of the Treasury, the State Department and Department of Public Safety.
  • PR SR 158
    Status: Pending
    Orders the Senate Committee on Finance of the Senate to study cyber attacks on the electronic systems of the Department of the Treasury and the Municipal Revenues Collection Center, studies the effect of this incident in the fulfillment of the functions of these agencies regarding any information, either from the Government or its taxpayers, that was affected, studies preventive measures to be established to avoid that this continues happening.

 

 

SCARS the Society of Citizens Against Relationship Scams Incorporated

 
SCARS™ Team

Miami Florida U.S.A.

 

TAGS: – SCARS, U.S. Legislative, News Laws, U.S. States, U.S. Territories, Cybercrime Laws, Cybersecurity Laws,  Score: F – Fail, Regulatory Update, Regulatory Action Against Cybercrime, Laws Against Cybercrime, Laws Against Scams, Legislative Action Against Cybercrime


END


FAQ: How Do You Properly Report Scammers?

It is essential that law enforcement knows about scams & scammers, even though there is nothing (in most cases) that they can do.

Always report scams involving money lost or where you received money to:

  1. Local Police – ask them to take an “informational” police report – say you need it for your insurance
  2. Your National Police or FBI (www.IC3.gov »)
  3. The SCARS|CDN™ Cybercriminal Data Network – Worldwide Reporting Network on www.Anyscam.com »

This helps your government understand the problem, and allows law enforcement to add scammers on watch lists worldwide.


– – –

Visit our Main SCARS Facebook page for much more information about scams and online crime: www.facebook.com/Society.Against »

Please be sure to report all scammers on www.Anyscam.com »

All original content is Copyright © 1991 – 2020 SCARS All Rights Reserved Worldwide & Webwide – SCARS/Romance Scams Now & SCARS/Society of Citizens Against Relationship Scams are all trademarks of Society of Citizens Against Relationship Scams Incorporated (formerly the Society of Citizens Against Romance Scams)

 

State of Local Cybercrime / Internet Crime Laws & Legislation in the United States 2

 

Legal Notices: 

All original content is Copyright © 1991 – 2020 SCARS All Rights Reserved Worldwide & Webwide. Third-party copyrights acknowledge.

SCARS, RSN, Romance Scams Now, SCARS|WORLDWIDE, SCARS|GLOBAL, SCARS, Society of Citizens Against Relationship Scams, Society of Citizens Against Romance Scams, SCARS|ANYSCAM, Project Anyscam, Anyscam, SCARS|GOFCH, GOFCH, SCARS|CHINA, SCARS|CDN, SCARS|UK, SCARS Cybercriminal Data Network, Cobalt Alert, Scam Victims Support Group, are all trademarks of Society of Citizens Against Relationship Scams Incorporated.

Contact the law firm for the Society of Citizens Against Relationship Scams Incorporated by email at legal@AgainstScams.org