SPRINGFIELD UPDATE 

Hello Tech Council and good morning!  The Illinois legislature is in full swing and the statehouse is buzzing with energy and committee hearings.  While the Tech Council is tracking 77 pieces of legislation, nothing of major significance has moved out of committee that is worth mentioning.  However, a couple of bills to note have advanced out of committee (more on that further down).  

The two main committees where a bulk of tech-related legislation is debated has been relatively quiet.   In the House, the House Cybersecurity, Data Analytics and IT Committee has only met three times this session.  Once  to advance a bill to modernize state websites (HB 816), a second time to hold a subject matter hearing (no votes taken) on a bill (HB 2829) that would require financial institutions and insurance companies to implement cyebrsecurity standards and a third time where Committee Chairman Jamie Andrade (D-Chicago) announced the likely introduction of a data privacy omnibus bill.

The Chairman's comments alluded to a larger data privacy bill in which Illinois would model legislation after California (California Consumer Privacy Act) and Washington state (Washington Privacy Act).  While legislation has not been formally introduced, legislation would conceptually provide Illinois consumers the "right to know" what information/data in being collected on them and the ability to "opt-out" of sale of personally identifiable information.  Another goal of Chairman Andrade is for this privacy bill to encompass several  other privacy bills into one large bill (or omnibus).  Once and if the legislation is filed, I will share with the group and ask for feedback. There are several other bills posted for House Cyber Committee this week.  However, it is too early to determine what bills will be called.   

Over in the Senate, the Senate Telecommunications and IT Committee has not been as active.  However, a couple of bills are posted this week that are problematic.  SB 1624 (Glowiak) and SB 1719 (Castro).  SB 1624, seeks to amend the state's data breach notification law (PIPA) by requiring a data collector to report breaches of more than 100 people to the Attorney General in 14 days.  Current law requires notification to Illinois residents and not the Attorney General.  Current law also requires notification to be made "in the most expedient time possible and without unreasonable delay."  This is far different from the 14 day requirement in SB 1624.  Under this bill, you could have circumstances where the data collector notifies the Attorney General (14 days) before they notify the Illinois resident.  We believe this sets a bad precedent and are opposed to the bill as is.  We met with the sponsor last week and will continue to find ways to work with her on this proposal.  

Also up in Senate Telecommunications is SB 1719 (Castro).  The Chamber also met with sponsor last week in what was first of several negotiation meetings on the proposed regulation of microphone enabled devices (TV remotes, smart phones, refrigerators, IoT devices, cars, etc.).  Under Sen. Castro's bill, the proposal would provide  that no private entity may turn on or enable, cause to be turned on or enabled, or otherwise use a digital device's microphone to listen for or collect information, including spoken words or other audible or inaudible sounds, unless a user first agrees to a written policy meeting specified criteria.  The Chamber is opposed to this for several reasons.  One, we don't believe Springfield should be regulating these devices (in addition to what is done at the federal level).  This is best done at the federal level.  Such a proposal would interrupt the supply chain for device manufacturers nationwide.  Second, some of the definitions are unclear and would open up liability for businesses.  The sponsor indicated that she wanted to move the bill this session. 

The Senate deadline for bills out of committee is this Friday and the House deadline is next Friday.  Deadlines can always be extended on bills -- stay tuned.  

ALL THOSE OTHER TECH BILLS

Data Breach

As referenced above, there is an attempt to amend the state's data breach notification law in the Senate.  However, there are also two pending bills that seek to amend the same law in the House.  Rep. Ann Williams has HB 2784 that seeks to add additional definitions to what would trigger a notification shall the information be breached.  And Rep. Pappas has HB 3200 which would require data collectors to notify an individual within 5 days of discovering a breach.  The Chamber is opposed to both of these bills.  

Geolocation

Perhaps one bill that may likely pop out of Committee before the House deadline next week is Rep. Ann William's geolocation bill, HB 2785.  This bill would create the Geolcoation Privacy Protection Act and seek to regulate "location-based applications."  The bill would require apps to receive consent from users before collecting, using, storing, or disclosing geolcoation information.  The Chamber is opposed to this bill as it would increase liability for mobile application developers.  In addition, it would also impact companies who use tellematics for engine diagnostics.   We are hopeful that any data privacy omnibus bill includes geolcoation.  

IoT Devices

As mentioned above, Sen. Castro has SB 1719 that would seek to regulate microphone enabled devices.  However, in the House, Rep. Pap has HB 3391 which would create the Security of Connected Devices Act. This bill would require manufacturers of connected devices to equip the device with security features that are designed to protect the device and any information the device contains from unauthorized access, destruction, use, modification, or disclosure.

 

Autonomous Vehicles

It appears that the momentum on passing an autonomous vehicle bill in Springfield this year is dead.  HB 2575 (Zalewski) would provide "that liability for incidents involving a fully autonomous vehicle shall be determined under existing product liability law or common law negligence principles."  The bill remains in committee and Rep. Zalewski has made note that it is time to pump the brakes on the bill for the year.  Concerns over liability from the trial bar and opposition from motorcycle groups has slowed the legislation down to a halt.  However, the Chamber supports the legislation. 

Right to Repair

The Chamber has received word that HB 2026 (Mussman) is dead (for now).  This bill would create the Digital Fair Repair Act and force original equipment manufacturers to provide proprietary diagnostic repair documentation to the owners of any equipment or device (from tablets to tractors). However, the bill currently remains alive in the Senate.  Senator Fine is carrying the Senate version, and (SB 2088) has been assigned to the Commerce and Economic Development Committee but has not been posted for a hearing.  The Chamber remains opposes to these proposals for safety, intellectual property theft, emission concerns, and warranty issues.  

Work Verify Software

BILLS PASSED COMMITTEE 

Below is a list of tech-related bills that have passed committees in recent weeks.

• HB 2557 (Andrade) creates the Artificial Intelligence Video Interview Act. Further provides that an employer that asks applicants to record video interviews and uses an artificial intelligence analysis of applicant-submitted videos shall: notify each applicant in writing before the interview that artificial intelligence may be used to analyze the applicant's facial expressions and consider the applicant's fitness for the position; provide each applicant with an information sheet before the interview explaining how the artificial intelligence works and what characteristics it uses to evaluate applicants; and obtain written consent from the applicant to be evaluated by the artificial intelligence program. Provides that an employer may not use artificial intelligence to evaluate applicants who have not consented to the use of artificial intelligence analysis.  The Chamber did not take a position on this bill.  However, we are urging members to take a look at this legislation if they use AI to interview candidates. 
• SB 54 (Harmon) passed out of Committee last week.  This bill creates a third-party liquor facilitator license under the Liquor Control Act.   Provides that a retailer may deliver alcoholic liquors to the home or other designated location of a consumer in this State if specified conditions are met, including verifying that the individual accepting the delivery is at least 21 years of age. Provides that a retailer may use the services of a third-party facilitator by means of the Internet or mobile application to facilitate the sale of alcoholic liquors to be delivered to the home.  The Chamber supports this legislation. 
• HB 2133 (Wheeler)  passed out of Committee last week.  This bill amends the Criminal Code of 2012. Expands the definition of "computer" to include equipment of cloud-based networks of remote servers hosted on the Internet to store, manage, and process data. Makes the definition of "computer" apply to multiple provisions under the computer fraud subdivision of the Code.  The Chamber has no position on the bill.  

Notable Bills in Subcommittee

Generally speaking in the Illinois legislature, bills that get sent to subcommittee's tend to not advance any further.  In short, they go there to die.  While it's never over until its over, here are a few notbles bills that have been sent to subcommittees.  

NEW BILLS OF NOTE 

A couple of bills that received amendments that I have flagged for members.  

• SB 55 (Hastings) Amends the Transportation Network Providers Act. Deletes language requiring an applicant to become a transportation network company driver to submit a full legal name, social security number, or date of birth. Requires an applicant to submit fingerprints to the Department of State Police in an electronic format that complies with the form and manner for requesting and furnishing criminal history record information as prescribed by the Department of State Police and provide a copy of a permit issued by the Secretary of State in accordance with specified procedures...
• SB 1599 (Sims) received an amendment that may seek to further define an aggrieved injury under the Consumer Fraud Act post-Six Flags.  
• SB 1608 (Sims)  Establishes the Illinois Small Business Innovation Research (SBIR) and Small Business Technology Transfer (STTR) Matching Funds Program to be administered by the Department of Commerce and Economic Opportunity. Provides that the Department of Commerce and Economic Opportunity may make grants to eligible businesses to match federal funds received by the business as an SBIR or STTR Phase I award and to encourage businesses to apply for Phase II awards up to a maximum of $50,000.

PRITZKER NAMES KEY POSITION FOR TECHNOLOGY 

Recently, Gov. Pritzker announced the appointment of Ron Guerrier as the state's chief information officer for the Department of Innovation and Technology.  Guerrier has more than two decades' experience in information technology in the private sector. He last served as CIO for Express Scripts, a pharmacy benefit manager.  Welcome Ron!

EVENTS

Fly in a C-130

On April 16 the Illinois National Guard is planning to fly Chief Information Officers or other executives involved in cyber or network protection on an Illinois Air National Guard C-130 Hercules from Chicago Midway to Camp Atterbury, Indiana. The purpose of the flight is to observe the Cyber Shield Exercise and learn more about the National Guard's cyber capabilities. Cyber Shield is a two week exercise, April 5-19, involving members of the National Guard from 40 states and territories, the U.S. Army Reserve, state and federal government agencies, and industry partners. Over 800 participants meet to train, exchange best practices and test their cyber mettle. By working closely with interagency partners and the private sector, the National Guard seeks to strengthen network cybersecurity and leverage new and emerging technologies for homeland defense. Cyber Shield is part of the National Guard's ongoing effort to be a versatile capability for governors of all 54 states and territories. The flight will depart early in the morning of April 16 and return in the late afternoon/evening.  If you would like to participate in this event, please let me know ASAP.