The European Central Bank announced unauthorized parties breached the security measures protecting its Banks’ Integrated Reporting Dictionary (BIRD) website, which is hosted by an external provider.
It appears Capital One may be just one in a long list of companies and organizations to be victimized by what now appears to be the inner workings of a serial hacker, in what the Department of Justice is calling one of “the largest cyber intrusions and data thefts in ...
Data privacy compliance and national security seem to be in opposition—with one coming at the expense of the other. It’s time to instead focus the conversation on identifying opportunities for the private sector and government to collaborate.
While most healthcare organizations have pretty much nailed down their data privacy requirements for HIPAA and HITECH, new privacy mandates under the GDPR and CCPA could throw a wrench into the system.
The ruling of a federal appeals court has Facebook once again at risk of facing fines north of $1 billion for alleged misuse of users’ biometric data.
Data privacy leaders from the United States, United Kingdom, European Union, and Canada are among a group to come together and voice their concerns over Facebook’s planned venture into the cryptocurrency space with Libra.
With at least five regulations already in place and the California Consumer Privacy Act (CCPA) on the horizon, it is time to start thinking ahead to ensure your organization can meet many different compliance requirements.
Capital One Financial announced a hacker obtained the personal information of approximately 100 million individuals in the United States and approximately six million individuals in Canada.
The EU’s tough new data rules are “bearing fruit,” but some member states have still not put GDPR into law, and only 20 percent of EU citizens seem aware of which public authority is responsible for protecting their personal information.
The compliance aspects of what will be expected of Facebook going forward were fair enough, but a lack of personal liability has us questioning the settlement.
The FTC hit Facebook with a ground-breaking $5 billion penalty for privacy violations, but the bigger takeaway for CCOs is the unprecedented new privacy and corporate governance obligations the company must implement.
In addition to its record-breaking FTC fine, Facebook on Wednesday reached a $100 million settlement with the SEC for making misleading disclosures regarding the risk of misuse of its user data.
What resulted in the largest-ever breach of consumer data culminated in the largest data breach enforcement action in history.
Recent record-breaking fines for GDPR violations levied on British Airways and Marriott by the U.K. Information Commissioner’s Office offer a glimpse into what GDPR enforcement might look like going forward and serve up a warning to companies that data privacy protocols must be foolproof.
Ireland—home EU regulator to Big Tech firms including Google, Twitter, and Facebook—is the key country not to have issued a GDPR-related fine yet, though the regulator has said it has started at least 19 inquiries into the sector.
Most EU countries have now issued fines under the GDPR. Determining which are the toughest enforcers depends on one’s viewpoint—we lay out country-by-country look at the enforcement trends to date.
A plan by Facebook to enter the world of virtual currency is attracting predictable skepticism in Washington. It could also expedite the slow emergence of national data protection laws.
The FTC, by dragging its feet and keeping silent on a massive Facebook fine, raises concerns about its potential role as top cop on the data privacy beat.
The social media company is hardly quiet about its crypto initiative, but nevertheless failed to see the materiality of creating a global payments system.
Count Federal Reserve Chairman Jerome Powell and several members of Congress as concerned observers of Facebook’s planned foray into the world of virtual currency.
Marriott has disclosed in a filing with the SEC that the U.K.’s Information Commissioner’s Office intends to fine it roughly £99 million (U.S. $124 million) for infringements of the EU’s GDPR.
The CMA, U.K.’s competition watchdog, explores whether a separate regulator is needed to oversee leading digital firms that have become “data monopolies” that stifle competition.
British Airways was hit Monday with the largest penalty to date under the EU’s GDPR, a £183.39m (U.S. $230 million) fine stemming from the compromised data of nearly 500,000 customers.
The FTC is turning up the heat on the data security compliance requirements companies must meet in the event of an enforcement action following a data breach.
One of Facebook’s top executives added his voice to the growing movement among technology firms that the sector cannot police the internet on its own.
Would you give up social media for life in order to guarantee a lifetime of data privacy? According to a study by global cyber-security company Kaspersky, nearly 4 in 10 (38 percent) consumers would.
Bills working through Congress would make it harder for tech companies to profit from consumer data and force them to better secure networked devices.
Senators are seeking answers from American Medical Collection Agency, the third-party billing agency at the center of a recent data breach that compromised the personal, financial, and medical information of 20 million patients.
The Federal Trade Commission is warning over a dozen companies in the form of letters not to falsely claim participation in the EU-U.S. Privacy Shield program.
Amid growing antitrust scrutiny and data privacy complaints, Facebook is nevertheless expanding into the cryptocurrency space.
France’s data watchdog CNIL levied a €400,000 (U.S. $453,000) fine on real estate services provider Sergic for failing to adequately protect the data of its Website’s users.
While Congress largely remains mired in hearings and pre-election posturing, states are increasingly putting their own scrutiny on large tech companies and their data collection policies.
Seven our of 10 major EU Websites have issues relating to data security and protection, according to an inspection by the European Data Protection Supervisor.
European data protection authorities met on June 4 to discuss guidelines for Codes of Conduct in relation to the General Data Protection Regulation.
Year 1 under the General Data Protection Regulation saw no fines handed out in the United Kingdom. Year 2 could be a much different story,
European privacy rights groups have launched a campaign to stop social media platforms and internet search engines from “spying” on users through online advertising by filing GDPR complaints with nine EU data regulators.
Transparency for all AI-generated decisions is not as important as context, according to new research from U.K. data regulator the Information Commissioner’s Office.
Whether you’re starting from scratch or leveraging an existing privacy program, developing the processes required for California Consumer Privacy Act (CCPA) compliance can be challenging. From understanding the regulation and all of its nuances, to managing requirements including data inventories, risk assessments and consumer access requests, most companies need help ...
California has not only been on the forefront of emerging technologies, it’s also been the most active state when it comes to regulating that new tech, especially when it comes to data privacy.
A Freedom of Information Act request shows Britain’s data protection watchdog has imposed just 29 financial penalties in the last year, none of which came under the EU’s General Data Protection Regulation.
The Irish Data Protection Commission is investigating whether Google’s online Ad Exchange violated General Data Protection Regulation provisions.
As the EU’s General Data Protection Regulation celebrates its first “birthday,” an expert panel met at Compliance Week 2019 to share their experiences in prepping, implementing, and following up.
As General Data Protection Regulation (GDPR) completes one year and other global and national trends in data privacy regulations such as CCPA, NYSDFS are rolling out, a discussion with leading insurers is imperative.
An initiative to strengthen and enhance the California Consumer Privacy Act was basically left for dead in that state’s legislature.
The European Data Protection Supervisor is warning social media and tech companies that their consumer terms and conditions may soon come under increased scrutiny if they fail to comply with the agency’s rules.
The second proposed data privacy regulation in the nation has failed to come to fruition for the time being.
A new study from Compliance Week and TrustArc says companies are not yet prepared for the coming California Consumer Privacy Act, the Golden State’s version of the EU’s GDPR.
The European Data Protection Supervisor, which is responsible for enforcing and monitoring EU companies’ compliance with data protection rules, said it is has launched an investigation into the compliance of contractual arrangements between EU institutions and Microsoft.
On his own company blog, Facebook CEO Mark Zuckerberg voiced his support for implementing a U.S. version of the European Union’s General Data Protection Regulation.