September 27, 2022

Volume XII, Number 270


September 26, 2022

Subscribe to Latest Legal News and Analysis

Cybersecurity Bill Vetoed in Georgia

On May 8, Georgia governor Nathan Deal vetoed Senate Bill 315, a proposed cybersecurity law imposing penalties of up to one year in jail and a $5,000 fine for “unauthorized computer access.”  In his veto, Governor Deal expressly cited concerns with the “national security implications” of the bill.  He noted the it could “inadvertently hinder the ability of government and private industries” to protect against cybersecurity breaches.

With this step, Georgia remains one of only three states without any law addressing unauthorized computer access.  SB 315 provided for criminalizing “any person who intentionally accesses a computer or computer network with knowledge that such access is without authority.”  This approach was in line with other states’ laws and with the federal Computer Fraud and Abuse Act, which prohibits knowing unauthorized access of protected computers, financial records, and government information.  The bill also included exemptions for members of the same household; access for “legitimate business activity”; active defense measures to prevent or detect unauthorized access; and violations of terms of service or user agreements.

SB 315 passed in Georgia Senate with a 42-7 vote.  But tech companies, cybersecurity researchers, and others in the industry expressed concern with the scope of the bill.  Certain tech giants, including Google Inc. and Microsoft Corp., even jumped into the debate, drafting a letter to Governor Deal.  From the cybersecurity realm, the concern was that while defense measures, especially “hacking back,” have value, the bill as drafted failed to prevent misuse of those measures “for anti-competitive, not protective purposes.”

Still, this is likely not the last we will hear of a cybersecurity bill in Georgia: in issuing the veto, Governor Deal encouraged the legislature to “work with the cyber security and law enforcement communities moving forward to develop a comprehensive policy that promotes national security, protects online information, and continues to advance Georgia’s position as a leader in the technology industry.”  With cybersecurity a hot topic in the news, the Georgia legislature may take the issue up again in its next session.

© Copyright 2022 Squire Patton Boggs (US) LLPNational Law Review, Volume VIII, Number 141

About this Author

Petrina McDaniel Commercial Litigation Attorney Squire Patton Boggs Atlanta, GA

Petrina McDaniel is a commercial litigator and Certified Information Privacy Professional (CIPP/US) whose practice uniquely blends complex litigation and class action defense, regulatory compliance, and privacy risk management. Business-focused and pragmatic, clients laud Petrina as an “extremely energetic and engaged advocate” who provides “legally comprehensive and business-oriented advice.”

Complex Commercial Litigation and Class Action Defense

A member of the firm’s Litigation and Data Privacy & Cybersecurity Practices, Petrina helps domestic and...

Keshia Lipscomb, Squire Patton Law Firm, Atlanta, Litigation Attorney

Keshia Lipscomb is a member of the firm’s Litigation Practice. She focuses her practice on complex commercial litigation and has a wide range of experience defending clients in state and federal courts at the trial and appellate levels. Keshia has experience representing companies across various industries in class action litigation and in lawsuits arising from general business disputes.