In recent years, we have seen efforts to get in front of the potential problems posed by autonomous vehicles and ridesharing companies, drones and data protection. And despite the varied approaches to these efforts, successes have been measured. The need to regulate is always balanced against the need to maintain momentum and keep the ball rolling in the right direction from a business vantage point. While most bills falter and die at the hands of the fickle legislative process, looking at the early drafts is a good indicator of what states are — or think they are — grappling with.
Some of the bills being proposed in states across the country are a solid indicator of what other states may begin considering to streamline, connect and protect.
1. Rethinking Procurement and Partnerships
One direction state lawmakers seem to be moving is toward more streamlined procurement and partnership mechanisms.In Montana, Senate Bill 335 was introduced in November 2016, and takes aim at enabling the use of public-private partnerships (PPP) to meet state needs. The proposed legislation would allow the public and private entities to partner across a number of government services, including information technology delivery. In addition to allowing the state to leverage PPPs, the bill would also divide liability between the state and its partner.
2. Stiffer Oversight and Punishments for Cybercrime
The 2016 presidential election stirred up a great deal of attention to cybercrime and the capabilities of hackers. Where many states and the federal government have said malicious intrusions via computer are illegal, many state lawmakers have entered legislation to better outline the rules around the use of computers and software for nefarious purposes.In Texas, the so-called Cybercrime Act (House Bill 9 and SB 1020) amends the state’s penal code, making it a third-degree felony to intentionally interrupt computer systems or networks. The proposal also addresses the use of malware and ransomware, making intentional distribution of software against individuals, businesses and government entities for profit a felony.
Across the country in Vermont, HB 474 takes a similar approach to using ransomware as an extortion tool, making it a crime punishable by incremental fines and imprisonment. The proposal, from Rep. Michael Mrowicki’s, D-Windham, office, would also create the Cybercrime Study Committee to study and make recommendations on computer-based crimes and enforcement.
In a slight divergence from the legislation proposed in Vermont and Texas, Minnesota’s HB 817 makes it a crime of varying degrees to electronically interfere or penetrate with point-of-sale terminals, such as gas pumps and ATMs.
3. The Battle for Rural Broadband
With many larger cities and towns connected to high-speed Internet, extending connections to rural and underserved communities has been a significant focus for lawmakers across the country. Where some have proposed the creation of grants funding mechanisms for utility providers, others have taken a slightly different tack and geared their proposals to create entities meant to prompt network expansion.New Mexico’s Senate Bill 308 would amend the state’s Rural Telecommunications Act to create the Public Regulation Commission and an accompanying fund tasked with bolstering rural connectivity. The fund would be financed through a surcharge on “intrastate retail public telecommunications services.” Missouri Rep. Delus Johnson, R- District 9, has also proposed a bill, House Bill 2741, to create the Rural Broadband Development Fund.
Tennessee’s Senate Bill 126 and House Bill 930 would make way for the Tennessee Rural Broadband Grant Expansion Program, which would be charged with evaluating, prioritizing and distributing grant funds to improve broadband service in unserved areas. Similarly, New York lawmakers are trying to amend existing legislation with Assembly Bill 4869, the Credit for Rural Broadband Act of 2017, to create a tax credit for the deployment of rural broadband networks.
4. Better Constituent Data Protections
With increasingly more constituent data routed through state and private systems on a daily basis, lawmakers in several states have proposed legislation to create notification requirements around data sharing practices and state security. In Illinois, the Right to Know Act would create an information sharing notification requirement for websites and online that share personally identifiable information with third parties. Consumers would have the right to know how their personal data was being used.As Government Technology reportedearlier this month, Oregon’s Senate Bill 90 is poised to create the Cybersecurity Center of Excellence within the office of the CIO and the mechanism needed to pursue federal funding.
In an effort to protect students’ educational data, Utah Gov. Gary Herbert signed SB 102 in mid-March. The bill requires that educational institutions provide training on student privacy laws, as well as maintain records as to the authorized users of educational records. The new law also prevents the sharing of student data with anyone without authorized access.
5. Consolidating the Enterprise
As IT agencies evolve, states are finding their own organizational stride. Agencies that once fell under the umbrella of the Department of Administrative Services (DAS) are now looking to become stand-alone entities. This is the case in Oregon, where Senate Bill 872 stands ready to revamp the agency should it pass.In Kansas, House Bill 2331 creates the Information Security Office, and consolidates the functions and staff relating to executive branch cybersecurity, among other things. Similarly, Minnesota’s House Bill 2298 creates a commission to review the consolidation of the state’s information technology systems and services.