All Data Privacy articles
-
ArticleSeven years in, GDPR faces growing challenges from AI and ‘consent or pay’ models
Europe’s pioneering data protection legislation turned seven years old in May, but the compliance and enforcement difficulties that have dogged the rules since they came into force look set to present both companies and data regulators with fresh headaches for some time to come.
-
News BriefCommunication and relationships is increasingly critical for compliance teams
Compliance is increasingly in the spotlight as companies are tackling everything from artificial intelligence and other new technologies to risk management and mitigation. But it’s soft skills of communication and relationship building that are becoming the most critical tools for success.
-
News BriefApple, Google face compliance crossroads as states push digital safeguards
A new law in Texas will go into effect next January that requires Apple and Google to verify the age of their app store users. This marks another piece of legislation from the state level intended to protect children, and the second such law specifically from Texas to limit children’s ...
-
PremiumInside the Mind of the CCO: Compliance in an uncertain world, still with fuzzy reporting lines
The world is rapidly changing. The European Union is stepping up rules and enforcement, while the United Kingdom is charting its own course. And now the United States is taking a third tack, with unclear regulation enforcement under a mercurial Donald Trump’s second term as president underway.
-
News BriefFTC orders GoDaddy to upgrade cybersecurity defenses following three breaches
The Federal Trade Commission has ordered web hosting company GoDaddy to implement a “robust” information security program following at least three data breaches that the agency said were aided by lax cybersecurity measures.
-
PremiumUK’s deregulation drive raises compliance risk, say top lawyers
The United Kingdom’s latest effort to encourage regulators to pare down rules to attract companies and investment as a way to stimulate the economy has received mixed reviews from lawyers.
-
News BriefEU looking to scale back GDPR in coming weeks
The European Union’s General Data Protection Regulation has been in effect since 2018, requiring companies to securely handle users’ personal data. The European Commission will reportedly review the regulations and claw back some of the rules, which could make doing business in Europe a little easier for these companies.
-
Premium'Measured approach' or light-handed GPDR? Noyb reports only 1.3 percent of EU cases result in fine
When Europe’s strict set of data protection rules came into force nearly seven years ago, privacy campaigners, industry experts, and lawyers all warned that noncompliance could result in eye-watering fines and other costly sanctions, especially for repeated breaches. However, the reality appears to be very different.
-
EventPhoto gallery: Cyber Risk & Data Privacy Summit
Compliance Week’s Cyber Risk & Data Privacy Summit, held Feb. 10-11 in Alexandria, Va., gathered legal, compliance, and risk professionals in person for the first time since before the pandemic to benchmark best practices on managing cyber risks.
-
PremiumFinancial crime in the shadows of the dark web
The dark web has been depicted as a long-standing hub for crimes, where illegal activities such as drug dealing, financial fraud, weapon sales, murder for hire, stolen credit cards, and ransomware gags are easily accessible to the public.
-
PremiumExperts: U.K. digital market reforms a ‘watershed moment,’ could speed up enforcement
The U.K.’s competition regulator has outlined new plans to regulate Big Tech firms that will enable it to take a much more flexible and proactive approach towards investigations.
-
News BriefFBI, Europol shut down hacking sites selling personal info, tools for cybercriminals
Two massive hacking websites–where criminals sold everything from stolen social security numbers to tools for cybercriminals to gain access to computers–have finally been shut down by an international law enforcement team, the Department of Justice announced.
-
PremiumEDPB shift forces AI firms to embed procurement, risk management in GDPR considerations
Efforts to clarify the circumstances in which artificial intelligence models may or may not be violating the General Data Protection Regulation could result in yet more confusion for tech firms, companies deploying the technology, and even data protection authorities, according to experts.
-
OpinionFive reasons why I’m excited about CW’s Cyber Risk & Data Privacy Summit
Having worked for Compliance Week for three years, I’ve found it remarkable how compliance professionals can be so consistently upbeat about their plight. An often refrain in compliance circles is “be comfortable with being uncomfortable.” As difficult as the job can be, that clearly doesn’t mean it can’t be fun.
-
PremiumExperts say DORA compliance not coming easy as more firms pass buck to IT providers
New rules have come into effect across the European Union to promote better cybersecurity and IT resilience across the financial services sector, but experts warn that compliance is likely to be patchy and regulatory enforcement across the bloc perhaps even patchier.
-
News BriefTrump gives TikTok 75-day reprieve after ban goes into effect
President Donald Trump signed an executive order Monday delaying the Department of Justice (DOJ) from enforcing the long-awaited TikTok ban. While the social media platform’s fate is still up in the air, Trump signaled his support for it being sold, with the U.S. as a “partner.”
-
News BriefGM sued by FTC for selling location and behavioral data without drivers' consent
General Motors failed to disclose to customers that it tracked their precise locations and driving behavior and sold the data to third parties, the Federal Trade Commission alleged in a proposed order.
-
News BriefFTC orders Mobilewalla, Gravy Analytics to stop collecting geolocation data without permission
Two large data brokers, Mobilewalla and Gravy Analytics, collected billions of records containing sensitive geolocation and personal data of millions of people, and then sold it without their consent, the Federal Trade Commission said.
-
PremiumCJEU ruling adds to GDPR liability over unfair competition, AML/CFT
Legal cases and fines for noncompliance with EU’s GDPR could rise sharply after a court found that a breach was a source of unfair competition. The judgment also opens doors to civil cases over companies that ignoring expensive or challenging rules, such as those regarding AML/CFT.
-
News BriefNew CFPB payment privacy rule on the way for gaming companies, cryptocurrencies, Big Tech
The Consumer Financial Protection Bureau has issued a proposed rule aimed at protecting the privacy of the public when using novel digital payment systems, such as those offered by large technology platforms and video gaming companies.