Data Privacy


Videoconference

Lessons from Zoom: Coronavirus exposes videoconference risks

2020-04-03T17:04:00+01:00By

Stay-at-home orders during the coronavirus pandemic have led to explosions of use for popular videoconferencing platforms, some of which have struggled to adjust to new privacy concerns.

Marriott

Latest Marriott breach exposes 5.2M guests

2020-03-31T19:51:00+01:00By

Marriott International says a breach may have compromised the personal data of 5.2 million customers, the second significant data breach for the hotel chain since 2018.

Houseparty

App offers $1M bounty for proof of alleged hacking smear campaign

2020-03-31T18:44:00+01:00By

Popular face-to-face social networking app Houseparty is on the defensive amid claims of a data breach, offering a $1 million bounty for proof in what it believes may be a “paid commercial smear campaign.”

EuropeLockdownCOVOID-19

8 compliance challenges facing European companies in coronavirus crisis

2020-03-26T18:13:00+00:00By

Due diligence, data, solvency, and supply chain management risks are just some of the issues Europe’s employers are struggling with as normal business has come to a standstill during the coronavirus pandemic.

exterro300x200

Webcast: How plaintiffs weaponize CCPA and privacy laws

2020-03-26T14:32:00+00:00Provided by

You’re in charge of mitigating risk and protecting your organization. But how do you develop the best strategy when you aren’t sure what your opponents’ plans are? Understand how to develop a strategy that meets compliance regulations, while mitigating inevitable legislation.

EyeOnDataPrivacy

CCPA, SHIELD Act to take back seat during coronavirus pandemic?

2020-03-24T18:26:00+00:00By

With state attorneys general now fixated on “stay at home” directives amid the coronavirus pandemic, oversight of data privacy regulation may dip. But consumers—and the plaintiffs’ bar—are still watching.

/web/img/field/image/privacy.jpg

Confusion around GDPR during coronavirus prompts EDPB response

2020-03-20T18:32:00+00:00By

The European Data Protection Board has released a statement attempting to clarify how personal data can be processed by companies during the ongoing coronavirus pandemic.

Cyber locks

Study: Fear of data breaches stifling bank innovation

2020-03-19T15:20:00+00:00By

Research by consultancy firm Accenture shows companies in financial services are more concerned with guarding themselves against the impact of a data breach than realizing any financial benefits of using the data.

Hackers

5 tips to immunize yourself against coronavirus-emboldened hackers

2020-03-17T20:16:00+00:00By

In this time of fear and uncertainty, it’s more critical than ever to practice good cyber-security hygiene (just think of it as the technical version of proper handwashing).

UKCoronavirus

Advice for European compliance officers dealing with coronavirus

2020-03-16T17:49:00+00:00By

Although the coronavirus situation is constantly changing, lawyers say there are several areas of corporate life that are going to test compliance officers and which management will need greater assurance on.

Data

EDPB chair: Processing personal data in the context of coronavirus

2020-03-16T14:58:00+00:00By

The chair of the European Data Protection Board addresses things companies need to consider as they process different types of personal data in the context of the coronavirus.

Google building

Swedish watchdog fines Google $7.6M for GDPR non-compliance

2020-03-12T19:02:00+00:00By

Google has received its second fine to date for violating Europe’s General Data Protection Regulation; Sweden’s Data Protection Authority fined the internet giant 75 million Swedish Kroner (U.S. $7.6 million).

PhoneHack

T-Mobile data breach: A cautionary tale for all companies

2020-03-06T19:11:00+00:00By

For the second time in a matter of four months, T-Mobile announced it has suffered a data breach. Cyber-security experts say it’s a cautionary tale about the vulnerabilities of e-mail accounts that are not properly secured.

Virgin Media

​Virgin Media could face GDPR pressure after data breach

2020-03-06T17:54:00+00:00By

Virgin Media is likely to be in the GDPR crosshairs after disclosing a recent breach that affected approximately 900,000 customers to the U.K.’s data regulator.

Health records

GoodRx’s mea culpa: Lessons for internet companies handling personal health data

2020-03-04T21:11:00+00:00By

Telemedicine platform GoodRx has committed to enhancements of its consumer data protection after Consumer Reports called out its sharing practices regarding personal health information.

Cathay Pacific

U.K.’s ICO fines Cathay Pacific for pre-GDPR breach

2020-03-04T18:37:00+00:00By

The U.K. Information Commissioner’s Office has fined airline Cathay Pacific £500,000 (U.S. $643,000) for failing to protect the personal data of millions of customers.

Mobile location

FCC proposes fines against T-Mobile, AT&T, Verizon, Sprint

2020-02-28T20:54:00+00:00By

The FCC proposed fines against the four largest wireless carriers in the United States for allegedly selling access to their customers’ location information without taking reasonable measures to protect against unauthorized access.

DataPrivacyLetter

California AG seeks federal data privacy legislation modeled on CCPA

2020-02-28T18:50:00+00:00By

In a letter to Congressional committee leaders, California Attorney General Xavier Becerra suggests any federal data privacy law should still allow states to have parallel enforcement authority as well as their own laws.

Facial recognition

Controversial facial image aggregator Clearview AI reveals breach

2020-02-27T20:03:00+00:00By

A company with a huge database of facial images informed its law enforcement customers this week that it suffered a data breach.

Data sharing

Proposed EU data strategy spells big changes for Big Tech

2020-02-21T18:56:00+00:00By

The European Commission unveiled its long-awaited plans about how it wants to regulate artificial intelligence as well as promote greater data sharing throughout the EU to stimulate further growth and competition in digital services.

AIdata

Resurgent BIPA more than second fiddle to CCPA?

2020-02-21T16:36:00+00:00By

The California Consumer Privacy Act seems to be in the spotlight lately, but the Illinois Biometric Information Privacy Act should not be overlooked.

GDPR

Ireland GDPR caseload nearly doubled in 2019

2020-02-20T21:48:00+00:00By

The Irish Data Protection Commission received 7,215 complaints during the first full year the General Data Protection Regulation was in force, representing a 75 percent increase on 2018’s figures of just over 4,000.

MGM Resorts

Reports: Bieber, Twitter’s Dorsey among 10.6M affected by MGM Resorts hack

2020-02-20T18:03:00+00:00By

Pop star Justin Bieber and Twitter CEO Jack Dorsey were among 10.6 million MGM Resorts guests to have their personal information exposed in a data breach last year, according to multiple reports.

Gillibrand

Sen. Gillibrand floats agency to oversee U.S. privacy

2020-02-18T19:23:00+00:00By

Senator Kirsten Gillibrand (D-N.Y.) has introduced legislation to create a “Data Protection Agency” in the United States in order to oversee and enforce federal privacy mandates.

Facebook Dating

Ireland raid over privacy concerns jilts Facebook Dating

2020-02-13T21:38:00+00:00By

Facebook wants to play Cupid in Europe, but the Irish Data Protection Commission got its arrow in the tech giant first.

CCPA

More than minor changes? Assessing the latest CCPA updates

2020-02-13T16:53:00+00:00By

The business community was already rushing to comply with the CCPA’s Jan. 1 effective date. But does this latest change ease the way to compliance or just raise more questions?

Chinese hackers

Equifax indictment and the making of a Chinese cyber-attack

2020-02-10T19:21:00+00:00By

The DOJ announced four members of the Chinese military have been indicted on charges of hacking into the computer systems of Equifax, ultimately resulting in the largest-ever breach of consumer data. From an ERM standpoint, the indictment offers an inside look at the making of a Chinese cyber-attack.

Brexit star

Experts weigh in on Brexit consequences for GDPR, AML, more

2020-02-10T18:40:00+00:00By

The wheels to the United Kingdom’s exit from the European Union are finally in motion, but the hard work still remains as to what kind of future trading relationship the country has with the single market.

Googlecrop

Ireland probing Google, Tinder for GDPR violations

2020-02-05T20:47:00+00:00By

Ireland’s data regulator has announced new investigations into Google and MTCH Technology Services—the company behind dating app Tinder—over complaints users’ personal data is being misused in violation of the GDPR.

Salesforce

CCPA cited in Hanna Andersson/Salesforce breach lawsuit

2020-02-05T18:27:00+00:00By

A lawsuit filed against online retailer Hanna Andersson and its e-commerce platform Salesforce is among the first to cite the fledgling California Consumer Privacy Act in its judgment sought.

Libra

​Mastercard CEO lists Libra red flags as reason for exit

2020-02-05T16:49:00+00:00By

Mastercard CEO Ajay Banga cites concerns with compliance, data management, and making money within regulatory constraints among the reasons his company left the Facebook-led Libra Association late last year.

600x400 finalist story banner11

First four ‘Excellence in Compliance Awards’ finalists revealed

2020-02-04T17:19:00+00:00By

Compliance Week is proud to announce its first four finalists for the “Excellence in Compliance Awards,” a newly formed program that recognizes individual achievement in one of 13 categories relating to risk and compliance.

Germany privacy

Germany’s dual approach to data regulation under the GDPR

2020-02-03T18:22:00+00:00By

Germany is staying ahead of the game with an advanced crackdown on data privacy and competition law violations.

Avast

Avast dissolves analytics arm following privacy scandal

2020-01-31T22:33:00+00:00By

Avast maintains it always acted “fully within legal bounds,” but the British cyber-security company terminated the provision of data to its analytics arm, Jumpshot, after being accused of putting users’ privacy at risk.

CCPA

Ad industry requests delay on CCPA enforcement

2020-01-30T22:09:00+00:00By

Insufficient time to prepare was the argument invoked by five advertising trade bodies this week when requesting a further delay to the enforcement of the newly enacted California Consumer Privacy Act

Facebook

Facebook reveals $550M settlement for Illinois privacy lawsuit

2020-01-30T20:10:00+00:00By

Facebook has reached a $550 million settlement in principle in connection with a class-action lawsuit it faced in Illinois over violations of a state biometric law.

CFTC

CFTC to adopt NIST Privacy Framework

2020-01-28T19:34:00+00:00By

The Commodity Futures Trading Commission will become the first federal agency to adopt the National Institute of Standards and Technology Privacy Framework, the agency has announced.

Microsoft

Microsoft data leak points to industry-wide security vulnerabilities

2020-01-24T15:41:00+00:00By

Microsoft made headlines when it was discovered that nearly 250 million customer service and support records were exposed on the Web through several unsecured cloud servers. But that’s only a glimpse into wider cloud-security weaknesses throughout the industry.

Data money

Lawmakers push for FTC probe into Envestnet data sales

2020-01-21T20:47:00+00:00By

Democratic Sens. Ron Wyden and Sherrod Brown and Rep. Anna Eshoo sent a letter to the Federal Trade Commission urging the agency to investigate Envestnet’s selling practices regarding consumer financial data.

GDPR

Study expects GDPR fines to rise in 2020

2020-01-21T16:22:00+00:00By

DLA Piper’s latest data breach survey suggests the penalties handed out under the General Data Protection Regulation thus far are not as harsh as they could have been—though that could change in 2020.

Race2020

NAVEX Global: Top 10 compliance trends for 2020

2020-01-17T19:20:00+00:00By

A recent Webinar, and complementary report, from NAVEX Global offers a look at the top 10 risk and compliance trends for 2020.

conduent gdpr cover img

e-Book: Firms face mounting pressure from GDPR

2020-01-17T05:34:00+00:00Provided by

More firms have been stymied by the General Data Protection Regulation.

AdobeStock_132649171

App firms, adtech industry in firing line over possible GDPR violations

2020-01-16T15:52:00+00:00By

The Norwegian Consumer Council, a consumer rights champion, has uncovered a serious no-no in the world of GDPR: popular apps sharing user data, such as religious beliefs and sexual preferences, to advertising and marketing firms in order to drive their own revenue.

LockHoleNetwork

British retailer Dixons fined for pre-GDPR breach

2020-01-10T19:15:00+00:00By

The ICO has fined Dixons Carphone for failing to take “basic, commonplace” security measures that would have alerted it to one of the country’s worst cyber-attacks.

cw2020jpg

Special report: Compliance 2020

2020-01-06T14:24:00+00:00By

CW Editor in Chief Dave Lefort offers 10 predictions on what will dominate compliance headlines in 2020.

Timeline

Compliance 2020: A timeline

2020-01-02T14:03:00+00:00By Compliance Week

Compliance Week looks back at two decades of scandals, enforcement actions, and regulatory policies (2000-2019) that shaped the compliance function we see today.

CCPA

Survey: CCPA still poses compliance nightmare

2019-12-30T18:18:00+00:00By

With the clock ticking toward the Jan. 1 implementation date, Compliance Week and ACA Aponix asked 100 compliance practitioners whether their company would be CCPA compliant by the deadline. Their collective answer? Nope.

columnist icons - kyle

Apple, Walmart among compliance winners of 2019

2019-12-27T17:13:00+00:00By

Strong social stances, a dedication to doing what’s right, and leading by example highlight the qualities exemplified by our list of ethics and compliance winners of 2019.

columnist icons

Top ethics and compliance failures of 2019

2019-12-27T17:13:00+00:00By

From antitrust and privacy concerns in the tech world to compliance officer liability in the pharmaceutical industry to unethical practices in the banking and accounting professions, more than a dozen companies made Compliance Week’s list of the biggest compliance fails in 2019.

GDPR

ICO hands out first GDPR fine as BA, Marriott cases linger

2019-12-23T21:08:00+00:00By

The U.K. Information Commissioner’s Office has levied its first fine under the GDPR against a London-based pharmacy. Record-setting penalties announced by the ICO in July against British Airways and Marriott are still not finalized.