Market forces, not regs, leading the charge for data privacy
Data privacy is about to become a more tangible concept to Americans not due to regulation like the CCPA, but because the most influential brand in the nation is making it a pillar of how it does business.
CPE Webcast: Data breach litigation post CCPA
The biggest impact on business post CCPA, and presumably subsequent state regulations, is the impact on data breaches.
Ireland’s GDPR report shows it’s yet to hold Big Tech accountable
The Irish Data Protection Commission review of its GDPR investigations has come under fire for ignoring Big Tech and lacking information pertinent to inquiries into firms like Apple, Facebook, Google, and more.
Experts: CCPA enforcement will prioritize children’s privacy, digital marketing
What will enforcement of the California Consumer Privacy Act look like at first? Experts offer their take, in addition to providing guidance for companies still not in compliance with the landmark legislation.
CPE Webcast: Key privacy considerations for getting back to business
Throughout the pandemic, technology will play a critical role as businesses adapt to this “new normal.” One strategy industries will rely on to provide employees and consumers with peace of mind is the use of temperature screening technology.
EC report: More harmonization needed in GDPR efforts
The European Commission believes the General Data Protection Regulation is an “overall success” but points to harmonization among member states as an area for improvement.
Democratic privacy bill proposes new data agency
A draft privacy bill from Sen. Sherrod Brown (D-Ohio) would require companies seeking to collect sensitive personal data to receive a “certification of compliance” from a newly created independent agency.
FTC stumps for additional resources to police privacy
The FTC says it would consider creating three new units to pursue privacy enforcement investigations if Congress would increase its full-time employee headcount.
French court upholds Google’s $57M GDPR fine
The top administrative court in France shot down Google’s appeal of a €50 million (U.S. $57 million) fine the tech giant received last year for violations of the EU’s General Data Protection Regulation.
Contact tracing app development stunted by inaction in Congress
As federal officials dicker over details in a federal data privacy law, the coronavirus continues to spread. Development of a key technological tool in the fight is being kneecapped by their inaction.
Data broker lawsuit involving ZoomInfo could provide CCPA enforcement insight
As the July 1 enforcement deadline of the California Consumer Privacy Act inches closer, a recently filed lawsuit between two data marketing firms may shed light on the efforts companies must take to comply with the new law.
EDPB task force to probe TikTok privacy practices
The European Data Protection Board will establish a task force to acquire a more comprehensive overview of TikTok’s privacy practices and coordinate any potential actions against the company.
HyperBeard to pay $150K for COPPA violations
App developer HyperBeard reached a watered-down $150,000 settlement with the FTC for illegally collecting children’s personal data without adequate disclosure and parental authorization.
EDPB challenges Hungary’s GDPR suspension under Article 23
The European Data Protection Board will issue guidelines on the implementation of Article 23 of the GDPR after Hungary’s government used the article to suspend data subject rights until the end of its coronavirus state of emergency.
CPE Webcast: CCPA enforcement: What to expect after July 1
Signed into law in 2018, the California Consumer Privacy Act (CCPA) became effective January 1, 2020. The next milestone will be July 1, when the California Attorney General will begin enforcement.
No stopping CCPA enforcement deadline, says California AG
With one month to go to the July 1 enforcement deadline of the California Consumer Privacy Act, it is still full speed ahead for Attorney General Xavier Becerra’s office.
Coronavirus heightens focus on children’s online privacy compliance
With increased use of remote learning putting children’s online privacy in the spotlight, regulators are stepping up their oversight and responding accordingly.
Two years in, GDPR defined by mixed signals, unbalanced enforcement
It’s been two years since the EU’s GDPR went into effect, and we still don’t know how lingering questions about compliance—as well as non-compliance—will be answered going forward.
CPE Webcast: Calculating COVID-19 third-party privacy risks
COVID-19 has completely changed the way organizations do business, both internally and externally. The influx of sensitive data being collected makes proactively identifying and managing privacy risk a big challenge.
Facebook pays $6.8M to settle Canadian privacy violations
Facebook will pay $6.8 million in fines and penalties to settle claims it shared private information regarding 24 million Canadian customers with third parties over six years, despite promising users it was not doing so.
Six things CCOs need to know about ICO’s AI guidance
The U.K. Information Commissioner’s Office released guidance to help organizations explain how AI is used in decision making and how the technology uses personal data to form judgments.
Miniclip settles with FTC for falsely claiming participation in COPPA safe harbor program
Swiss-based digital game maker Miniclip has reached a settlement with the U.S. Federal Trade Commission for lying about its participation in a children’s privacy self-regulatory program.
White paper: Future-Proofing Corporate Data Privacy: Budgeting and Solutions to Address Tomorrow’s Compliance Challenges
Over 500 corporate data privacy leaders were surveyed to understand the solutions, strategies and budgets companies have planned to address data privacy challenges in the coming year.
Longtime holdout Ireland issues first GDPR fine
Child and family agency Tusla has become the first company to receive a fine from the Irish Data Protection Commission for violations of the General Data Protection Regulation.
Coronavirus has made CW2020 a (virtual) gathering like no other
The coronavirus pandemic has made getting together for our annual National Conference impossible, but it’s also made this virtual gathering (Monday and Tuesday) perhaps the most important one we’ve ever had.
e-Book: Data privacy enters age of Coronavirus
Compliance with specific regulations—such as the California Consumer Privacy Act—has taken a back seat during the coronavirus pandemic to more pressing concerns, including videoconference pitfalls, making sure remote workers are operating securely, and coronavirus disclosure.
Dutch DPA probing TikTok over children’s privacy
The Dutch Data Protection Authority has launched an investigation into popular social networking service TikTok over whether children’s privacy is being adequately protected.
Can a CCO be a DPO? Belgian data authority not so sure
A recent ruling out of Belgium throws water onto the idea that the head of audit, risk, or compliance at a company can also serve as data protection officer as required by the GDPR.
Senate Republicans to introduce contact tracing privacy bill
Senate Republicans say they will soon introduce a coronavirus-specific data privacy bill that would create regulations under the FTC for companies collecting personal data to fight the ongoing pandemic.
Tech firm: GDPR ‘in danger of failing’ due to lack of resources
A new report says Europe’s data protection regulators don’t have the skills, knowledge, or budget to effectively enforce such privacy rules as the GDPR.
Survey: CCPA, GDPR, and the state of your data privacy program
Help to benchmark your program by participating in this survey that gets at the motivations, obstacles, tools, budget, and requirements for your data privacy program.
EDPB aims to clarify app development needs in coronavirus battle
The European Data Protection Board has released guidelines that aim to help app developers and regulators process individuals’ health data without compromising their privacy under such regulations as the GDPR and ePrivacy Directive.
Coronavirus could further stall BA, Marriott GDPR fines
Record-setting proposed penalties announced by the U.K. Information Commissioner’s Office last year against British Airways and Marriott for violations of the GDPR may continue to linger amid the ongoing coronavirus pandemic.
Do we have to give up our privacy to be safe from coronavirus?
How much of your privacy rights and civil liberties are you willing to give up in the fight against the coronavirus pandemic? Our collective answer might determine how successful we are in the next phase of this fight.
Is tracking adherence to stay-at-home mandates a privacy concern?
Google has offered health officials a way to use data to monitor people’s behavior during the government’s mandatory quarantines, but some say the gesture may “raise significant privacy concerns.”
First round of finalists named for Excellence in Compliance Awards
Compliance Week has pared down its list of more than 300 nominees for its first annual Excellence in Compliance Awards and is pleased to announce the finalists for nine of the 15 categories.
Lessons from Zoom: Coronavirus exposes videoconference risks
Stay-at-home orders during the coronavirus pandemic have led to explosions of use for popular videoconferencing platforms, some of which have struggled to adjust to new privacy concerns.
Latest Marriott breach exposes 5.2M guests
Marriott International says a breach may have compromised the personal data of 5.2 million customers, the second significant data breach for the hotel chain since 2018.
App offers $1M bounty for proof of alleged hacking smear campaign
Popular face-to-face social networking app Houseparty is on the defensive amid claims of a data breach, offering a $1 million bounty for proof in what it believes may be a “paid commercial smear campaign.”
8 compliance challenges facing European companies in coronavirus crisis
Due diligence, data, solvency, and supply chain management risks are just some of the issues Europe’s employers are struggling with as normal business has come to a standstill during the coronavirus pandemic.
Webcast: How plaintiffs weaponize CCPA and privacy laws
You’re in charge of mitigating risk and protecting your organization. But how do you develop the best strategy when you aren’t sure what your opponents’ plans are? Understand how to develop a strategy that meets compliance regulations, while mitigating inevitable legislation.
CCPA, SHIELD Act to take back seat during coronavirus pandemic?
With state attorneys general now fixated on “stay at home” directives amid the coronavirus pandemic, oversight of data privacy regulation may dip. But consumers—and the plaintiffs’ bar—are still watching.
Confusion around GDPR during coronavirus prompts EDPB response
The European Data Protection Board has released a statement attempting to clarify how personal data can be processed by companies during the ongoing coronavirus pandemic.
Study: Fear of data breaches stifling bank innovation
Research by consultancy firm Accenture shows companies in financial services are more concerned with guarding themselves against the impact of a data breach than realizing any financial benefits of using the data.
5 tips to immunize yourself against coronavirus-emboldened hackers
In this time of fear and uncertainty, it’s more critical than ever to practice good cyber-security hygiene (just think of it as the technical version of proper handwashing).
Advice for European compliance officers dealing with coronavirus
Although the coronavirus situation is constantly changing, lawyers say there are several areas of corporate life that are going to test compliance officers and which management will need greater assurance on.
EDPB chair: Processing personal data in the context of coronavirus
The chair of the European Data Protection Board addresses things companies need to consider as they process different types of personal data in the context of the coronavirus.
Swedish watchdog fines Google $7.6M for GDPR non-compliance
Google has received its second fine to date for violating Europe’s General Data Protection Regulation; Sweden’s Data Protection Authority fined the internet giant 75 million Swedish Kroner (U.S. $7.6 million).
T-Mobile data breach: A cautionary tale for all companies
For the second time in a matter of four months, T-Mobile announced it has suffered a data breach. Cyber-security experts say it’s a cautionary tale about the vulnerabilities of e-mail accounts that are not properly secured.
Virgin Media could face GDPR pressure after data breach
Virgin Media is likely to be in the GDPR crosshairs after disclosing a recent breach that affected approximately 900,000 customers to the U.K.’s data regulator.