Defines Data Breach and Requires Data Security Controls
New York has brought itself into line with a number of states concerning how they define a data breach, and, where applicable, what substantive security controls they require.
This article explores legal developments over the past year that may impact compliance officer personal liability.
A new report from the law firm of Pinsent Masons shows that there has been a high level of GDPR "over-reporting" at the U.K.'s Information Commissioner's Office, but organizations who may think they are playing it safe may actually be opening themselves up to further regulatory scrutiny.
New Study Shows U.S. Companies Are Taking the Same Failed Approach To Complying With California's Privacy Regulation As They Did for GDPR
U.S. companies haven't learned much from the missteps they made while preparing for the European Union's General Data Protection Regulation (GDPR), suggests a new study on data privacy regulation compliance.
Legislation expanding the types of personal data that will trigger a required notification to customers in case of a breach, including email addresses and passwords, was signed into law by Gov. Phil Murphy.
New York's financial regulatory agency has created a first-in-the-nation cybersecurity division to place special focus on protecting the state's consumers and industries from digital threats.
The CCPA is the first of its kind, generally applicable data protection law in the United States. What makes the CCPA unique is not only its applicability to companies like those in the entertainment and media industries, but also the rights it provides to consumers regarding their personal information (PI).
Elections have consequences, and the election of President Trump has resulted in a significant shift in law enforcement priorities. Corporate enforcement activity is at lows not seen in decades, despite an overall increase in federal criminal cases. This is a product of a change in priorities, both in terms of types of offenses and types of offender. So, for the time being, there will be almost unprecedented opportunity to achieve favorable resolutions for corporate clients.
Tech giants' privacy counsel and U.S. senators discussed opt-in policies, lengthy, legalese-filled privacy notices and location tracking. The discussion aimed to further shape a potential U.S. federal data privacy law.
A unanimous U.S. Supreme Court, led by Justice Brett Kavanaugh, held that the phrase “full costs” in §505 of the Copyright Act means all of the costs specifically enumerated in the general cost-shifting statutes, such as transcripts and fees for court-appointed experts and interpreters.
