An initiative to strengthen and enhance the California Consumer Privacy Act was basically left for dead in that state’s legislature.
Webcast details: June 4, 2019 – 2 p.m. ET | CPE Credit(s): 1
The European Data Protection Supervisor is warning social media and tech companies that their consumer terms and conditions may soon come under increased scrutiny if they fail to comply with the agency’s rules.
The second proposed data privacy regulation in the nation has failed to come to fruition for the time being.
A new study from Compliance Week and TrustArc says companies are not yet prepared for the coming California Consumer Privacy Act, the Golden State’s version of the EU’s GDPR.
The European Data Protection Supervisor, which is responsible for enforcing and monitoring EU companies’ compliance with data protection rules, said it is has launched an investigation into the compliance of contractual arrangements between EU institutions and Microsoft.
On his own company blog, Facebook CEO Mark Zuckerberg voiced his support for implementing a U.S. version of the European Union’s General Data Protection Regulation.
To get the full use of your data as data privacy rules increase, you need an innovative technology approach.
With new privacy regulations in the works, the California Consumer Privacy Act (CCPA), effective January 2020, stands out as the next big privacy regulation companies will need to grapple with.
With a January 2020 deadline just 10 months away, only 14 percent of companies report they are compliant with the California Consumer Privacy Act. Nearly half have not yet started implementation, says a new survey from TrustArc.
The Dutch Data Protection Authority says giving visitors access to websites only if they agree to their internet browsing activities being tracked by so-called “cookies” or other tracking software does not comply with the EU’s General Data Protection Regulation.
Just this year, countries that consist of 50% of the world’s GDP are considering or enforcing stricter data regulations. Fines from 2 to 4% of a company’s global annual revenue to criminal sanctions are available under the GDPR and in emerging jurisdictions such as Asia and Latin America. In the ...
Mark Zuckerberg, founder and CEO of Facebook, wrote a long, detailed blog post on Wednesday to announce new data security and privacy initiatives. Has he seen the light, or is this yet another false promise from the social media giant?
The Federal Trade Commission is seeking public comment on proposed amendments to rules under the Gramm-Leach-Bliley Act that protect the privacy and security of customer information held by financial institutions.
Internal audit is making strides in steering its focus and resources toward companies’ emerging risks—but there’s still some work to be done, the IIA says.
Hilary Wandall, senior vice president, general counsel, and chief data governance officer at TrustArc, explains to columnist Tom Fox why U.S. companies should address data privacy now, regardless of their motivations.
NIST’s new Risk Management Framework—used with the agency’s Cybersecurity Framework—offers companies direction in integrating cyber-security, privacy, and supply-chain risk management.
As Europe settles into life under the General Data Protection Regulation (GDPR), the United States is grappling with potential legislation of its own to protect consumer information. Questions remain about what U.S. data privacy legislation might look like, but companies have already begun to strategize.
If you are feeling challenged by new privacy regulations, you’re not alone. It’s increasingly difficult to create a consolidated view of data across borders to enable innovation and more efficient controls. So how do you keep innovation projects running amidst “data minimization” initiatives?
It was a tight race, but we are officially declaring Facebook founder and CEO Mark Zuckerberg as the executive most in need of a compliance makeover in 2019.
The biggest ethics and compliance failures of 2018 feature some big names, such as Wells Fargo, Danske Bank, and Tesla, and highlight some key lessons for compliance officers.
Establishing an effective and compliant data privacy plan isn’t easy considering insufficient U.S. regulation, flaws with the EU’s GDPR, and Big Data feeding the beast.
The EU’s General Data Protection Regulation and Britain’s upcoming divorce from the European Union both have a tremendous impact on European compliance, but strategizing solutions around either one has proven to be difficult due to a lack of guidance and, in the case of Brexit, just plain chaos.
Are companies transferring too much decision-making power to machines? That’s the opinion of EU data regulators, who say companies should “think seriously” about telling investors and stakeholders automatons are now in charge of their data.
In the event of a ‘no-deal’ Brexit, EU data commissioners are warning of data transfer restrictions between the European Union and the United Kingdom, which will be treated as a third country.
Six months after its enactment, the EU’s data privacy regulation still hasn’t provided the clarity many were looking for … and it might not come for a while yet.
Speaking at the recent Compliance Week Europe conference in Amsterdam, leading privacy campaigner Max Schrems cast doubt on whether the newly enacted GDPR would have any teeth.
Some will argue a strict data privacy regime will have a negative effect on growing companies, create conflicting requirements in other instances, and potentially cause impediments to corporate investigations. We explore all three.
Common Sense Media Founder and CEO James Steyer lays out the three key reasons why individual state privacy laws would trump a federal mandate.
Cameron F. Kerry, senior counsel at Sidley Austin, explains how a federal data privacy law could represent a win for business, privacy advocates, and consumers.
Components from preexisting privacy laws are likely to compose a significant portion of the parameters into which a federal privacy mandate would fit, writes our guest columnist.
Organizations in sectors outside of technology are voicing their opinions on what a data privacy regulation should entail.
Commonalities among tech companies, when it comes to U.S. data privacy legislation, include a single-standard approach, elevating the FTC, and mandating a risk-based methodology.
The following is a look at some of the many questions companies may have as debates continue over national and state laws and regulations pertaining to data privacy protections.
Struggling to keep up with privacy regs? Stop the guesswork and follow these best practices for thinking strategically about how privacy practices fit into the overall business strategy.