Alvaro Bedoya has now been sworn in as a commissioner for the U.S. Federal Trade Commission. This restores a Democratic majority on the Commission and will enable the agency to move forward with the aggressive agenda of Chair Lina Khan. As a result, we can expect to see significant actions by the FTC on privacy and data security in the near term.

The Better Business Bureau recently announced the launch of the TeenAge Privacy Program, which proposes a self-regulatory framework for companies to use in order to protect teen consumers and guide the responsible collection and management of teen data.

The U.S. Securities and Exchange Commission proposed rules that will require public disclosure not only of cybersecurity incidents, but also of aspects of public companies' preparedness for cyber threats.

Federal Trade Commission Chair Lina Khan made her first speech about privacy at the opening of this year's International Association of Privacy Professionals conference. She noted ways the FTC is using its resources to "rein in" what she called "surveillance-based business models."

China's internet watchdog, the Cyberspace Administration of China, has continued to tighten its regulation of internet industries and driven the formulation of many new laws and regulations in cybersecurity and data protection in China.

On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022. This follows increased reporting of cyber threats facing critical infrastructure sectors, particularly the energy sector.

A new U.S. Supreme Court decision holds that federal courts cannot enforce or vacate arbitration awards under Sections 9 and 10 of the Federal Arbitration Act unless they have an independent jurisdictional basis to consider the case.

In the latest in a series of setbacks for employers facing claims under the Illinois Biometric Information Privacy Act, the Supreme Court of Illinois held last month that the Illinois Workers' Compensation Act does not preempt BIPA claims for statutory damages brought by employees. The decision in McDonald v. Symphony Bronzeville Park, LLC, et al.

Companies doing business in the United States should start preparing for the Utah Consumer Privacy Act, which was signed into law on March 24, 2022, and will go into effect on December 31, 2023. The law is more business-friendly than existing omnibus state privacy laws, in that it generally provides fewer consumer rights and company obligations.

In rapid succession, the following occurred:

The U.S. Federal Communications Commission is seeking public comment on vulnerabilities that threaten the security and integrity of the Border Gateway Protocol, which is central to the internet's global routing system. The BGP's design is widely deployed and lacks security features to ensure trust in the information being exchanged.

The FCC has unanimously adopted an order to revoke China Unicom Americas' section 214 authorizations. This action follows the FCC order in October 2021 to revoke China Telecom Americas' authorizations.