Twitter could face up to $250M FTC fine for misuse of data


Twitter disclosed in a regulatory filing that it could face fines of up to $250 million by the Federal Trade Commission for misusing people’s personal information for advertising purposes.


Five tips for EU-U.S. data transfers post-Privacy Shield


As the fallout from the demise of the Privacy Shield continues to play out, here are a handful of steps companies can take to protect themselves from potential GDPR violations when transferring data between the European Union and the United States.


What do FIFA chief, ‘Florida man,’ and Trump have in common? All Failed It this week

2020-07-30T18:18:00+01:00By Compliance Week

The lesson in this week’s edition of “Nailed It or Failed It?” is the more things change, the more they stay the same.

Data money

IBM report: Average data breach cost nearly $4M in past year


An IBM report that examined more than 500 cyber-security breaches occurring between August 2019 and April 2020 found the average breach costs companies $3.86 million and requires nearly 300 days to identify and contain.


CPE Webcast: Digital transformation & cyber risk: What you need to know

2020-07-28T14:00:00+01:00Provided by

Join Larry Ponemon, founder of Ponemon Institute, and Dave Stapleton, CISO of CyberGRX, as they discuss the impact digital transformation is having on cyber-security and some best practices you can implement to better protect your organization.

Egnyte smart content cover img

White paper: Smart Content Governance - Unleash the Power of the Modern Cloud-based Office

2020-07-28T02:06:00+01:00Provided by

Now more than ever, companies need strong data governance that can be applied across multiple repositories, apps, and devices, no matter where work gets done.

EU US privacy

Companies paying price for EU-U.S. Privacy Shield removal


The legal and financial burden for companies to comply with the recent ruling to invalidate the EU-U.S. Privacy Shield might actually be worse than first thought, if an FAQ from the European Data Protection Board is any indication.


Twitter cyber-attack should be wake-up call for firms

2020-07-21T17:57:00+01:00By Jake Plenderleith, International Compliance Association

The recent cyber-attack directed at Twitter was the online equivalent of an explosive device being detonated. The ICA breaks down lessons learned from the hack and what firms can do to enhance their cyber-security controls.

Twitter fail

How Twitter got hacked, and what you can learn from it


Twitter just suffered the biggest cyber-attack in its history. But is it being set up for something bigger? We explore that possibility and much more.

Europe Justice

Europe’s top court strikes down U.S.-EU data transfer rule


In a surprise decision that will have a major impact on trans-Atlantic data transfers, Europe’s top court ruled Thursday that a mechanism used by thousands of companies to send data to the United States is unlawful.


Nailed It or Failed It? Twitter’s meltdown exposes major vulnerability

2020-07-16T09:29:00+01:00By Compliance Week

In this week’s “Nailed It or Failed It?”, we reflect on the most troubling aspect of Wednesday’s giant Twitter hack while giving Wells Fargo a rare kudos for being good corporate citizens.


Giant Twitter hack impacts Joe Biden, Barack Obama, Bill Gates, others

2020-07-15T22:40:00+01:00By DeAnn Orie

Perhaps the biggest Twitter hack of all time was perpetrated Wednesday against such notable figures as Joe Biden, Bill Gates, Elon Musk, former President Barack Obama, and Jeff Bezos, among others.

AI United States

Study: U.S. largest target for ‘significant’ cyber-attacks


The United States has been on the receiving end of more significant cyber-attacks over the last 14 years than triple any other country, according to new research.


What regulators want to know about KYC technology


So, your company has decided to embark on an update of its legacy Know Your Customer system. Hear from experts on how to begin the process of onboarding that tech to the regulators.


Ask Amii mailbag: What to do when back-to-work guidance falls to you


Executive coach Amii-Barnard Bahn offers some tips for when your compliance title morphs into “Chief Public Health Officer,” plus ways to highlight the compliance function at your company and more.

David Lefort

Market forces, not regs, leading the charge for data privacy


Data privacy is about to become a more tangible concept to Americans not due to regulation like the CCPA, but because the most influential brand in the nation is making it a pillar of how it does business.


Ireland’s GDPR report shows it’s yet to hold Big Tech accountable


The Irish Data Protection Commission review of its GDPR investigations has come under fire for ignoring Big Tech and lacking information pertinent to inquiries into firms like Apple, Facebook, Google, and more.


Experts: CCPA enforcement will prioritize children’s privacy, digital marketing


What will enforcement of the California Consumer Privacy Act look like at first? Experts offer their take, in addition to providing guidance for companies still not in compliance with the landmark legislation.


CPE Webcast: Key privacy considerations for getting back to business

2020-06-25T14:00:00+01:00Provided by

Throughout the pandemic, technology will play a critical role as businesses adapt to this “new normal.” One strategy industries will rely on to provide employees and consumers with peace of mind is the use of temperature screening technology.


FTC stumps for additional resources to police privacy


The FTC says it would consider creating three new units to pursue privacy enforcement investigations if Congress would increase its full-time employee headcount.


French court upholds Google’s $57M GDPR fine


The top administrative court in France shot down Google’s appeal of a €50 million (U.S. $57 million) fine the tech giant received last year for violations of the EU’s General Data Protection Regulation.

Social media

DOJ proposes rollback of legal shields for Twitter, Facebook


The Department of Justice has proposed a series of rollbacks of protections for online platforms that would encourage them to police their content.


Report slams ‘woefully lax’ cyber-security controls at CIA


Cyber-security protections deployed for some of the nation’s most secret data was “woefully lax,” according to a 2017 intelligence brief that detailed shortcomings at the CIA following the agency’s 2016 data breach.


Contact tracing app development stunted by inaction in Congress


As federal officials dicker over details in a federal data privacy law, the coronavirus continues to spread. Development of a key technological tool in the fight is being kneecapped by their inaction.


Report: AI tools carry many benefits, some risks for securities industry


A study on the use of artificial intelligence in the securities industry by FINRA found a number of challenges with the technology—data bias, customer privacy, and cyber-security among them—but noted it can offer “significant benefits.”

California lawsuit

Data broker lawsuit involving ZoomInfo could provide CCPA enforcement insight


As the July 1 enforcement deadline of the California Consumer Privacy Act inches closer, a recently filed lawsuit between two data marketing firms may shed light on the efforts companies must take to comply with the new law.


Could rethinking facial recognition tech provide guide for police reform?


Facial recognition technology, under assault for alleged biases and misuse by law enforcement, could be facing a moment of reckoning.

Child Privacy

Coronavirus heightens focus on children’s online privacy compliance


With increased use of remote learning putting children’s online privacy in the spotlight, regulators are stepping up their oversight and responding accordingly.


Two years in, GDPR defined by mixed signals, unbalanced enforcement


It’s been two years since the EU’s GDPR went into effect, and we still don’t know how lingering questions about compliance—as well as non-compliance—will be answered going forward.

Coronavirus crime

Five ways to protect yourself from coronavirus cyber-attacks

2020-05-26T17:28:00+01:00By Holly Thomas-Wrightson, International Compliance Association

Cyber-criminals are making attempts to test the cyber-security of those working from home during the coronavirus pandemic. Here are ways to help defend yourself and your business from these potential threats.

Artificial intelligence

Six things CCOs need to know about ICO’s AI guidance


The U.K. Information Commissioner’s Office released guidance to help organizations explain how AI is used in decision making and how the technology uses personal data to form judgments.

blackline 300x200

CPE Webcast: Best practices for enabling remote audit with tech

2020-05-21T14:00:00+01:00Provided by

Although company management and auditors may not see eye to eye on everything, they can agree that teams must find new ways to effectively work together during the COVID-19 crisis.

Penman EIC

Penman an E&C pioneer with an uncanny ability to connect


Lifetime Achievement in Compliance award winner Carrie Penman walks us through her compliance journey—from creating the first corporate-wide ethics program at Westinghouse Electric to her influential ethics and compliance work at NAVEX Global.


AdvaMed issues pandemic compliance guidance for med-tech


The Advanced Medical Technology Association has released new compliance guidance for medical-technology companies to guide them in mitigating compliance and corruption risks as they help healthcare providers fight coronavirus.


Amazon shuttered in France over COVID-19 emergency costs


E-commerce giant Amazon has shut up shop in France because the cost of compliance with the country’s COVID-19 emergency measures is deemed to be too high.

columnist icons - kyle

VP’s abrupt exit paints Amazon as coronavirus villain


Saying there is “evidence of a vein of toxicity” running through Amazon’s company culture, a now-former VP is the most prominent voice to speak out against the tech behemoth’s actions during the coronavirus pandemic.


Senate Republicans to introduce contact tracing privacy bill


Senate Republicans say they will soon introduce a coronavirus-specific data privacy bill that would create regulations under the FTC for companies collecting personal data to fight the ongoing pandemic.


Tech firm: GDPR ‘in danger of failing’ due to lack of resources


A new report says Europe’s data protection regulators don’t have the skills, knowledge, or budget to effectively enforce such privacy rules as the GDPR.


Current cyber-environment calls for proactive approach


The conventional wisdom on cyber-security is to play defense and respond quickly to breaches. But these are not normal times, and proper cyber-hygiene is more important than ever.

Work from home

Four ways to maximize your virtual learning experience

2020-04-23T18:23:00+01:00By David Povey, International Compliance Association

By now many of us have adapted to the new “normal,” but this time also provides an ideal opportunity to boost your knowledge, expand your skills, and bolster your future career opportunities.


EDPB aims to clarify app development needs in coronavirus battle


The European Data Protection Board has released guidelines that aim to help app developers and regulators process individuals’ health data without compromising their privacy under such regulations as the GDPR and ePrivacy Directive.

Libra global

Back against wall, Libra turns to compliance


Looking to get back on track for its planned 2020 release, Libra is pushing a new word at the forefront of its latest attempt to get critics on board with its digital currency mission: compliance.


How Highmark Health uses AI to root out fraud, waste, and abuse


Highmark Health’s chief compliance officer shares how the organization has realized hundreds of millions of dollars in savings through its use of artificial intelligence in rooting out fraud, waste, and abuse.


Do we have to give up our privacy to be safe from coronavirus?


How much of your privacy rights and civil liberties are you willing to give up in the fight against the coronavirus pandemic? Our collective answer might determine how successful we are in the next phase of this fight.


CPE Webcast: 5 strategies for scaling your social selling program

2020-04-14T14:25:00+01:00Provided by

Social selling is critical for today’s financial services firms to find and engage with customers. But it also brings some risk to these firms.

Carrie Penman

Carrie Penman named Lifetime Achievement in Compliance winner


Compliance Week is proud to announce Carrie Penman as the winner of its inaugural Lifetime Achievement in Compliance award, the top honor in the first annual Excellence in Compliance Awards program.


CPE Webcast: Stepping up to the DOJ guidance

2020-04-07T14:41:00+01:00Provided by

With Big Data and AI becoming pervasive across business functions, learn how tech-enabled strategies using behavioral insights can establish programs that drive higher efficiency, deliver better business outcomes, and provide strong alignment to DOJ guidance.

finalists banner 600x400

Introducing finalists for Compliance Week’s ‘CCO of the Year’


Day 2 of Compliance Week’s rollout of the Excellence in Compliance Awards finalists features the short lists for 4 categories, including the prestigious Chief Compliance Officer of the Year.

finalists banner 600x400

First round of finalists named for Excellence in Compliance Awards


Compliance Week has pared down its list of more than 300 nominees for its first annual Excellence in Compliance Awards and is pleased to announce the finalists for nine of the 15 categories.


Lessons from Zoom: Coronavirus exposes videoconference risks


Stay-at-home orders during the coronavirus pandemic have led to explosions of use for popular videoconferencing platforms, some of which have struggled to adjust to new privacy concerns.