All Data Privacy articles – Page 5

  • Blog

    With Safe Harbor Squashed, What's Next for European Data Transfers?


    As anticipated, on Tuesday the European Court of Justice ruled the Safe Harbor program for international data transfers between the United States and European Union is invalid. While U.S. officials fret that the ruling will “undercut the ability of other countries, businesses, and citizens to rely upon negotiated arrangements with ...

  • Article

    Data Security Impasse Overturns Safe Harbor Program


    An Austrian student’s displeasure with Facebook has invalidated the longstanding trans-Atlantic Safe Harbor program for international data transfers. That complaint, originally about Facebook’s alleged cooperation in U.S. government spying, has reached the highest court and Europe and overturned 15 years of data privacy rules. Companies are left with few viable ...

  • Blog

    French Data Regulator Rejects Google’s ‘Right To Be Forgotten’ Appeal


    Big news this week from France as the Commission Nationale de I’Informatique et des Libertes (CNIL) rejected Google’s appeal against the enforcement of “right to be forgotten.” If Google fails to comply with CNIL’s order, the company may be hit with sanctions, including a €300,000 fine, which could increase to ...

  • Article

    Managing Cyber-Risk in the Aviation Industry


    Cyber-risks are increasing everywhere, and this week we look specifically at the aerospace sector. Recent high-profile data breaches at major airlines have jolted the industry, which is trying to piece together better ways to manage the risks. “Airplanes themselves have never been more complex, never been more reliant on technology. ...

  • Blog

    Banks Fear EU Privacy Rules Will Make Fraud Harder to Detect


    Image: Bankers are claiming new EU privacy laws may end up doing more harm than good, as they will prevent banks from detecting fraud and terrorist financing. Consumer rights groups disagree, arguing that the updated laws will pave the way for more transparency and force banks to behave more responsibly ...

  • Article

    The Global State of the Right To Be Forgotten


    More than a year after the EU established is right-to-be-forgotten principle, U.S. compliance professionals in the tech sector probably wish the decision itself could be forgotten, too. France is insisting that the principle be applied worldwide; even before that ever happens, compliance within Europe is laborious and complicated. Our latest ...

  • Article

    CCOs Playing a Stronger Role in Data Privacy Practices


    Image: As data privacy laws proliferate, they are creating a web that traps how corporations use personal data in their operations. The challenge for compliance officers: how to play a more strategic role and ensure your business doesn’t get stuck. “The inclusion of the CCO function in defining controls related ...

  • Article

    SEC Pushes New Limits on Cyber-Security, Securities Fraud


    Another byproduct of life in the cyber-security age: The SEC is redefining insider trading to focus more on improper trading, even if you are a thief mining a company for inside information without actually working there. The misconduct—called, yes, “outsider trading”—seems to be an SEC-enforceable offense so far, and it ...

  • Article

    Suddenly, Washington Is Back at Cyber-Security Discussion


    Image: For the first time in years, Washington is abuzz with proposed changes to cyber-security disclosure, both in Congress and at the SEC. Above all, experts say, is a need to clarify terminology and expectations. “There should be minimum standards for what that security should be across the board,” says ...

  • Article

    Data Governance 101: Getting Started


    Amassing terabytes of data is easy; for most businesses, managing those valuable—and sometimes very risky—assets is the hard part. A successful data governance initiative, experts say, isn’t a project you can hand off to the IT department or solve with a software purchase. Compliance, audit, and risk executives all need ...

  • Article

    Managing the Risky Business of Loyalty Programs


    As the regulatory focus on data security expands, companies that offer customer loyalty programs should review them for red flags. How the data is stored, protected, and segmented is ripe for scrutiny, experts warn. Poorly designed loyalty programs could run afoul of antitrust laws, torpedo a merger, violate HIPAA, or ...

  • Article

    Insurers Feel Fresh Heat on Cyber-Security Practices


    Image: New York plan to bolster cyber-security oversight in the insurance sector, including regular, targeted assessments of cyber-security as part of its exam process. “Recent cyber-security breaches should serve as a stern wake-up call for insurers and other financial institutions to strengthen their cyber-defenses,” said New York Department of Financial ...

  • Article

    An Insider Look at the EU’s Binding Corporate Rules


    Companies that move data throughout Europe, or beyond its borders, face a long and exacting list of privacy and security demands. Some companies are choosing to take advantage of Binding Corporate Rules (BCRs), presenting their data compliance framework for approval by data protection authorities. BCRs, despite a lengthy approval process, ...

  • Article

    When State Attorneys General Come Knocking


    Sometimes a sheriff arrives from the federal government to take an enforcement action against your company, and sometimes a posse of state attorneys general follow behind, determined to investigate you too. Such is the case for JP Morgan, now being pressed by 19 states for more detail on its massive ...

  • Blog

    Anthem Discloses Huge Data Breach


    Health insurer Anthem said hackers gained unauthorized access to its IT systems and stole personal information relating to tens of millions of current and former members and employees. Calling it a “very sophisticated external cyber-attack,” Anthem CEO Joseph Swedish said the breach does not appear to have compromised credit card ...

  • Blog

    FTC Chair Warns of Internet of Things Data Privacy Concerns


    Federal Trade Commission Chairman Edith Ramirez took to the floor of the International Consumer Electronics show in Las Vegas last week to offer companies a warning about the “Internet of Things” and broadband-connected cars, wearable tech, and home appliances. Connected devices pose significant privacy and security implications, she said, urging ...

  • Blog

    Podcast: Navigating the Pitfalls of Geolocation Data


    Uber, Snapchat, and Golden Technologies are the latest companies to come under fire for how they use the geolocation data they collect from their customers. In this week’s podcast, we talk to Fernando Bohorquez, a partner at the law firm BakerHostetler who specializes in privacy and data security issues, about ...

  • Article

    It May Be Voluntary, but NIST Framework Is a Crucial Cyber-Security Tool


    Each day, it seems another big-name company falls victim to a cyber-attack. The new framework for assessing the security flaws, developed by the National Institute of Standards and Technology, may be intended for critical-infrastructure companies, but other businesses may find that its guidance offers more help than the mélange of ...

  • Blog

    TD Bank to Pay $625K for Data Breach


    TD Bank this week reached a $625,000 settlement with the Massachusetts Attorney General’s Office after losing unencrypted back-up tapes containing personal information of more than 260,000 consumers nationwide, and delaying notice of the incident. The final settlement amounted to $825,000, but the AG’s Office credited the bank $200,000 to reflect ...

  • Article

    The Real Data Breach Risks Are Right Under Your Nose


    While companies fret about shadowy hackers based in Russia and China hell bent on stealing customer information, employees—not cyber-criminals—pose the biggest threat to create data breaches and data loss, according to a recent study. Ungoverned and negligent file-sharing by employees is hitting epidemic proportions: More than half of respondents to ...