House Communications & Technology Committee approves bills to increase consumer protections and strengthen state government’s digital defenses
Southeast Delegation October 7, 2025 | 11:21 AM
HARRISBURG, Oct. 7– Legislation to increase consumer protections and strengthen the state government’s information technology defenses was approved by the PA House Communications and Technology Committee today and sent to the full House for further consideration, state Rep. Joe Ciresi, majority chair of the committee, announced.
The bills would protect Pennsylvanians by prohibiting the use of “grinch bot” or “scalper bot” software that automatically purchases event tickets and resells them at a higher price, and by requiring all state IT contracts to meet the National Institute of Standards and Technology’s cybersecurity standards.
“These bills will help inform, empower and protect Pennsylvanians from digital technologies used to rip off consumers and compromise residents’ personal data,” said Ciresi, D-Montgomery.
Additionally, the committee approved a House resolution recognizing the historic role newspapers have played in Pennsylvania.
The following measures were approved:
House Resolution 322 (State Rep. Ben Waxman) would recognize the vital role of the newspaper industry as a pillar of democracy and designate Oct. 5–11, 2025, as National Newspaper Week in Pennsylvania.
“I’m glad we are passing this resolution during National Newspaper Week, recognizing the historic role that newspapers have played in the flourishing of democracy in Pennsylvania from colonial times to the present,” Ciresi said.
House Bill 1063 (State Rep. Steve Malagari) would prohibit the use of software to obtain tickets for resale and ban the sale of tickets that were knowingly — or reasonably should have been known to be — purchased using such software. The legislation would help ensure that fans have a fair opportunity to buy tickets to events.
“It was egregious that coordinated ‘grinch bot’ attacks overwhelmed Ticketmaster’s system in November 2022, when presale tickets for Taylor Swift’s Eras Tour launched,” Ciresi said. “Prices soared, with some fans paying as much as 70 times the face value.
“House Bill 1063 would ensure that fans have a fair chance to buy tickets at a fair price.”
Senate Bill 377 (State Sen. Kristin Phillips-Hill) would require that any state government purchase of computer hardware meet NIST standards and best practices for computer security.
“Cybersecurity attacks cost businesses and governments trillions of dollars every year, with attacks taking down hundreds or thousands of machines in a single incident,” Ciresi said. “Pennsylvania residents’ personal information has been breached by cyberattacks hitting nearly every state agency. We’ve got to be able to fight these adversaries who, day and night, are launching cyberattacks on our state government, and the way to do that is to utilize the best tools and procedures on the market.”
Recent attacks on state governments have been especially concerning, including a December cyberattack that forced Rhode Island to take down its public benefits network, where residents access Medicaid and SNAP benefits. Hackers obtained sensitive personal information, including Social Security numbers and banking information, which was later found on the dark web.
“We’ve got to develop strong and proactive policies aimed at increasing the commonwealth’s cyber defenses — especially now,” Ciresi said. “Due to the Trump administration’s March 2025 executive order devolving many cybersecurity responsibilities to state and local governments while at the same time cutting federal resources aimed at preventing cyberattacks, we’ve got to do more with less to protect Pennsylvanians.”
According to Ciresi, S.B. 377 would require every computer or printer purchase made by the state government to meet NIST’s cybersecurity standards as a critical procurement requirement. Those guidelines and best practices are the most effective way to manage cybersecurity-related risk. NIST’s cybersecurity standards are both flexible and cost-effective, promoting the protection and resilience of the commonwealth’s IT systems. These standards have also been adopted by the U.S. government for all federal IT procurements.
“Senate Bill 377 is an important step toward fortifying the commonwealth against cyberattacks by enemies of the United States,” Ciresi said.