NIST’s new Privacy Framework offers much-needed guidance to help companies align their data privacy and cyber-security risk management practices.
Sen. Ron Wyden (D-Ore.) has introduced an updated version of his previously drafted data privacy bill that threatens jail time for executives at corporations that misuse Americans’ data.
The new California Consumer Privacy Act (CCPA) takes effect on January 1, 2020. Ahead of this milestone – and with several States working on new data management regulations – many financial services organizations are concerned with the risks of non-compliance.
Amendments to the California Consumer Privacy Act add clarity, offer a BTB communication reprieve to businesses, and ensure consumers have a method for submitting more information requests.
Companies subject to the California Consumer Privacy Act requirements now have 24 pages of direction on how to comply with the new law. But will that be enough?
PayPal leaving Facebook’s Libra project is just a bump in the road in the drive toward developing a global digital currency payments network, a Libra Association spokesperson says.
An economic impact assessment of California’s upcoming privacy law forecasts short-term disadvantages for smaller companies and emerging markets around compliance solutions and data-based product initiatives.
Facebook announced it has suspended “tens of thousands” of apps as part of an investigation launched in the aftermath of last year’s Cambridge Analytica scandal.
Facebook CEO Mark Zuckerberg met with about a half dozen senators at a dinner this week before visiting the White House to meet with President Trump. The key focus of the visit: discussing the future of internet regulation.
The Ecuadorian government has given itself 72 hours to finish drafting a national privacy law following a massive data breach that put the personal information of perhaps its entire population at risk.
Recently approved tweaks to California’s upcoming privacy law don’t change the fact compliance prep should already be well underway, experts say.
Most organizations failed to meet the May 2018 deadline to comply with the launch of the EU’s tough new privacy rules, and the majority of them still find compliance a challenge, according to a recent survey.
Margrethe Vestager is staying put as Europe’s leader in the fight against anti-competitive practices, with a continued focus on Big Tech.
CEOs from 51 different companies, including Amazon, Walmart, and Salesforce, have sent a letter to congressional leaders urging the passing of a comprehensive consumer data privacy law.
Coming on the heels of big enforcement actions against Google, Apple, Facebook, and Amazon, the European Commission is vowing to keep fighting against technology giants profiting at others’ expense.
A federal grand jury’s indictment of Anthony Scott Levandowski for allegedly stealing trade secrets from Google may be a wake-up call to protect intellectual property more aggressively.
Google and its subsidiary YouTube will pay $170 million to settle allegations that the video-sharing service illegally collected personal information from children without their parents’ consent.
The Dutch Data Protection Agency has referred Microsoft to its home EU regulator in Ireland regarding new privacy concerns with its Windows 10 operating system.
Mastercard is investigating two data breaches relating to a loyalty program it ran in Germany following a leak of personal information that saw customers’ names, addresses, and credit card numbers circulating on the internet.
Lawmakers in Greece voted to approve the implementation of partner legislation to the GDPR into national law, one month after being threatened with fines by the European Commission.
European Data Protection Supervisor Giovanni Buttarelli has passed away, his office announced in a statement Wednesday. He was 62.
Concerns abound over whether or not using facial recognition technology violates consumer privacy.
I lose no sleep over how much of my data privacy I potentially sacrifice in my daily life, and neither do most of us—deep down.
The European Central Bank announced unauthorized parties breached the security measures protecting its Banks’ Integrated Reporting Dictionary (BIRD) Website, which is hosted by an external provider.
It appears Capital One may be just one in a long list of companies and organizations to be victimized by what now appears to be the inner workings of a serial hacker, in what the Department of Justice is calling one of “the largest cyber intrusions and data thefts in ...
Data privacy compliance and national security seem to be in opposition—with one coming at the expense of the other. It’s time to instead focus the conversation on identifying opportunities for the private sector and government to collaborate.
While most healthcare organizations have pretty much nailed down their data privacy requirements for HIPAA and HITECH, new privacy mandates under the GDPR and CCPA could throw a wrench into the system.
The ruling of a federal appeals court has Facebook once again at risk of facing fines north of $1 billion for alleged misuse of users’ biometric data.
Data privacy leaders from the United States, United Kingdom, European Union, and Canada are among a group to come together and voice their concerns over Facebook’s planned venture into the cryptocurrency space with Libra.
With at least five regulations already in place and the California Consumer Privacy Act (CCPA) on the horizon, it is time to start thinking ahead to ensure your organization can meet many different compliance requirements.
Capital One Financial announced a hacker obtained the personal information of approximately 100 million individuals in the United States and approximately six million individuals in Canada.
The EU’s tough new data rules are “bearing fruit,” but some member states have still not put GDPR into law, and only 20 percent of EU citizens seem aware of which public authority is responsible for protecting their personal information.
The compliance aspects of what will be expected of Facebook going forward were fair enough, but a lack of personal liability has us questioning the settlement.
The FTC hit Facebook with a ground-breaking $5 billion penalty for privacy violations, but the bigger takeaway for CCOs is the unprecedented new privacy and corporate governance obligations the company must implement.
In addition to its record-breaking FTC fine, Facebook on Wednesday reached a $100 million settlement with the SEC for making misleading disclosures regarding the risk of misuse of its user data.
What resulted in the largest-ever breach of consumer data culminated in the largest data breach enforcement action in history.
Recent record-breaking fines for GDPR violations levied on British Airways and Marriott by the U.K. Information Commissioner’s Office offer a glimpse into what GDPR enforcement might look like going forward and serve up a warning to companies that data privacy protocols must be foolproof.
Ireland—home EU regulator to Big Tech firms including Google, Twitter, and Facebook—is the key country not to have issued a GDPR-related fine yet, though the regulator has said it has started at least 19 inquiries into the sector.
Most EU countries have now issued fines under the GDPR. Determining which are the toughest enforcers depends on one’s viewpoint—we lay out country-by-country look at the enforcement trends to date.
A plan by Facebook to enter the world of virtual currency is attracting predictable skepticism in Washington. It could also expedite the slow emergence of national data protection laws.
The FTC, by dragging its feet and keeping silent on a massive Facebook fine, raises concerns about its potential role as top cop on the data privacy beat.
The social media company is hardly quiet about its crypto initiative, but nevertheless failed to see the materiality of creating a global payments system.
Count Federal Reserve Chairman Jerome Powell and several members of Congress as concerned observers of Facebook’s planned foray into the world of virtual currency.
Marriott has disclosed in a filing with the SEC that the U.K.’s Information Commissioner’s Office intends to fine it roughly £99 million (U.S. $124 million) for infringements of the EU’s GDPR.
The CMA, U.K.’s competition watchdog, explores whether a separate regulator is needed to oversee leading digital firms that have become “data monopolies” that stifle competition.
British Airways was hit Monday with the largest penalty to date under the EU’s GDPR, a £183.39m (U.S. $230 million) fine stemming from the compromised data of nearly 500,000 customers.
The FTC is turning up the heat on the data security compliance requirements companies must meet in the event of an enforcement action following a data breach.
One of Facebook’s top executives added his voice to the growing movement among technology firms that the sector cannot police the internet on its own.
Would you give up social media for life in order to guarantee a lifetime of data privacy? According to a study by global cyber-security company Kaspersky, nearly 4 in 10 (38 percent) consumers would.