2020, 2023 and Data Privacy - Information Management Today

Hong Kong’s data privacy law reform may come in 2023

Data Protection Report

MARCH 6, 2023

The reform of Hong Kong’s Personal Data (Privacy) Ordinance (Cap.486) In our earlier post in 2020, we reported that the Constitutional and Mainland Affairs Bureau published a discussion paper (the Discussion Paper ) seeking the Legislative Council’s Panel on Constitutional Affairs’ (the Panel ) views on proposed changes to the PDPO.

Data Privacy

Data Privacy Privacy Paper Personal data

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

IT Governance

NOVEMBER 6, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Records breached: According to the library’s 4 November update , there is “no evidence that the personal information of our staff or customers has been compromised”.

Data Privacy

Data Privacy Privacy Security Libraries

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

IT Governance

NOVEMBER 20, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Date of breach: 26 October 2023 Breached organisation: Homeland, Inc., An investigation found that there was unauthorised access to its network between 18 and 23 May 2023.

Data Privacy

Data Privacy Privacy Data breaches Security

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

2020 Predictions: New Challenges for Data Privacy and the 5G Hackathon

Thales Cloud Protection & Licensing

JANUARY 14, 2020

Along with innovation and technology proliferation, new challenges that will shape business during 2020. The importance of data and the power of being an insights-driven enterprise are increasing the amount of damage that data breaches can cause. So what’s in store for data privacy and the rollout of of 5G technology?

Data Privacy

Data Privacy Privacy IoT GDPR

Brazilian Data Protection Authority Publishes Regulatory Strategy for 2021 – 2023

Hunton Privacy

FEBRUARY 8, 2021

On January 28, 2021, international Data Privacy Day, the newly formed Brazilian data protection authority ( Agência Nacional de Proteção de Dados , the “ANPD”) published its regulatory strategy for 2021-2023 and work plan for 2021-2022 (in Portuguese). Regulatory strategy for 2021-2023. ANPD Regulatory Strategy.

Data breaches

Data breaches Data Privacy Compliance Privacy

Private UK health data donated for medical research shared with insurance companies

The Guardian Data Protection

NOVEMBER 11, 2023

An Observer investigation has found that UK Biobank opened up its vast biomedical database to insurance sector firms several times between 2020 and 2023. The data was provided to insurance consultancy and tech firms for projects to create digital tools that help insurers predict a person’s risk of getting a chronic disease.

Insurance

Insurance Data Privacy Privacy Risk

New York Becomes First State to Require CLE in Cybersecurity, Privacy and Data Protection

Hunton Privacy

AUGUST 15, 2022

On June 10, 2022, New York became the first state to require attorneys to complete at least one credit of cybersecurity, privacy and data protection training as part of their continuing legal education (“CLE”) requirements. The new requirement will take effect July 1, 2023.

Cybersecurity

Cybersecurity Privacy Data Privacy Data breaches

European Commission adopts its adequacy decision for the EU-US Data Privacy Framework

Data Protection Report

JULY 11, 2023

On 10 July, the European Commission adopted its adequacy decision for the EU-US Data Privacy Framework (the DP Framework ). More broadly, the DP Framework will significantly reduce the challenges faced by EU organisations transferring personal data to the US, at least for the time being.

Data Privacy

Data Privacy Privacy IT Personal data

Navigating the EU-US Data Protection Framework

Thales Cloud Protection & Licensing

JANUARY 10, 2024

Navigating the EU-US Data Protection Framework sparsh Thu, 01/11/2024 - 05:26 On 10 July 2023, the European Commission adopted a new adequacy decision regarding the Data Privacy Framework (“DPF”). This follows the invalidation of the EU-US Privacy Shield, by the Court of Justice of the European Union on 16 July 2020.

Data Privacy

Data Privacy Personal data Privacy Cloud

CPPA Board Discusses Agency’s Top Priorities and the Status of CPRA Rulemaking Process

Hunton Privacy

MARCH 9, 2023

On March 3, 2023, the California Privacy Protection Agency (“CPPA”) Board held a public meeting regarding the Agency’s priorities, budget, the status of the California Privacy Rights Act of 2020 (“CPRA”) rulemaking process and the activities of the CPPA subcommittees.

Privacy

Privacy Insurance Data Privacy Cybersecurity

The Not-so-True People-Search Network from China

Krebs on Security

MARCH 20, 2024

DomainTools.com shows that both TruePeopleSearch and FastPeopleSearch appeared around 2020 and were registered through Alibaba Cloud , in Beijing, China. com was registered in June 2020 via Alibaba Cloud Beijing in China. com was registered in June 2020 via Alibaba Cloud Beijing. But in September 2023, the U.S.

Marketing

Marketing Cloud Privacy Data Privacy

IAB Releases for Public Comment Proposed Contractual Framework and U.S. State Signals Specifications for Compliance with Five States’ Privacy Laws

Hunton Privacy

OCTOBER 14, 2022

The proposed contractual framework, IAB Privacy’s Multi-State Privacy Agreement (“MSPA”), updates the IAB’s Limited Service Provider Agreement first released in 2020 for compliance with the California Consumer Privacy Act of 2018 (“CCPA”).

Compliance

Compliance Privacy Data Privacy Sales

US State Privacy Update: California Privacy Protection Agency Announces Revised Rulemaking Timeline Under The CPRA

Privacy and Cybersecurity Law

FEBRUARY 21, 2022

In 2018, California became the first state in the US to sign into law a comprehensive consumer data privacy law known as the California Consumer Privacy Act (CCPA). Under the CPRA, the CPPA must complete its rulemaking under the CPRA no later than July 1, 2022 and begin enforcing the CPRA no earlier than July 1, 2023.

Privacy

Privacy Compliance Data Privacy IT

Big California Privacy News: Legislative and Enforcement Updates

Data Matters

SEPTEMBER 6, 2022

Passage of the bill comes on the heels of US Congressional inquiries about the use and protection of health data collected by mental health apps and an uptick in private litigation in the area. If this bill becomes law, it will be effective beginning January 1, 2023. Monitor social media for comments about data subject rights. .

Privacy

Privacy B2B Sales Compliance

Lessons on international transfers to the US to organisations caught by the GDPR

Data Protection Report

SEPTEMBER 11, 2024

The fine relates to the transfer of drivers’ personal data to the US. In 2024, with the EU-US Data Privacy Framework (DPF) in place, regulatory focus appears to have shifted from international transfers to other topics, such as artificial intelligence and the right to access. On 27 November 2023, Uber Technologies Inc.

GDPR

GDPR Personal data Compliance Artificial Intelligence

A Look Back On Five Key Developments in Cybersecurity and Data Protection in Southeast Asia in 2022

Data Protection Report

JANUARY 9, 2023

With the year 2022 firmly in the rear view, and as we look to start the new year in 2023, Norton Rose Fulbright’s Regulatory Compliance and Investigations team looks back and rounds up the five key cyber and data protection developments that took place in Southeast Asia in 2022. . in damages to its customer over data leak.

Cybersecurity

Cybersecurity Personal data Data breaches Ransomware

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

The Last Watchdog

MAY 9, 2023

One meeting I had at RSA Conference 2023 , was a briefing about a new partnership , announced this morning, between a top-rung Silicon Valley tech giant and the leading provider of digital trust. To account for data sovereignty, Oracle has set up “ sovereign cloud regions ” in Germany and Spain to meet new data privacy rules.

Cloud

Cloud Digital transformation Military Retail

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

The Security Ledger

FEBRUARY 21, 2024

With the launch of OpenAI’s ChatGPT-4 large language model (LLM) artificial intelligence in March, 2023, the use- and applications of AI have exploded. ” So in 2020 we said. An update on AI risk Four years later, A LOT has changed.

Artificial Intelligence

Artificial Intelligence Risk Military Security

California, Massachusetts, and Michigan – 2020 Ballot Initiatives on Privacy

Data Protection Report

NOVEMBER 6, 2020

elections on November 3, 2020 included three states with privacy-related ballot initiatives: California, Massachusetts, and Michigan. California – California Privacy Rights Act (CPRA). Voters supported all three initiatives.

Privacy

Privacy B2B Communications Access

Rallying troops against cybercrime with QRadar SIEM

IBM Big Data Hub

NOVEMBER 30, 2023

The cyberthreat landscape is evolving and countries such as India are facing an alarming rate of increase in cyberattacks ( Q2 of 2023 saw a 90% increase ). Today, these attacks exhibit an unprecedented level of frequency, ingenuity and speed. This is creating more attack opportunities and vulnerabilities for businesses than ever before.

Digital transformation

Digital transformation Compliance Cybersecurity Data breaches

US: As expected, California ballot initiative passes, significantly altering the California Consumer Privacy Act

DLA Piper Privacy Matters

NOVEMBER 16, 2020

As the business community takes stock of (and impatiently waits for) 2020 election results, it should place particular significance on the passage of Proposition 24, the California Privacy Rights Act (CPRA) by about a 12 percent margin. Substantive requirements. There are several positive developments in the CPRA for businesses.

Privacy

Privacy Unstructured data B2B GDPR

California Privacy Compliance Obligations May Soon Change Under CPRA Ballot Initiative

HL Chronicle of Data Protection

MAY 26, 2020

The California Privacy Rights Act (CPRA) is progressing through California’s elections process for inclusion on the November 2020 ballot. Businesses may want to begin considering how their data privacy obligations in California may change if voters enact CPRA. The CPRA would significantly amend the CCPA.

Privacy

Privacy Compliance Sales Data Privacy

3 AppSec Predictions For 2021

ForAllSecure

JANUARY 6, 2021

The 2020 Standard C++ Foundation annual survey showed that 37% of developers are now using fuzzing in concert with continuous deployment. A legacy organization may leave things like secrets management and user data privacy to the ops team. billion by 2023. DevOps/DevSecOps drive fuzzing mainstream.

Data Privacy

Data Privacy Cybersecurity Security Marketing

3 AppSec Predictions For 2021

ForAllSecure

JANUARY 6, 2021

The 2020 Standard C++ Foundation annual survey showed that 37% of developers are now using fuzzing in concert with continuous deployment. A legacy organization may leave things like secrets management and user data privacy to the ops team. billion by 2023. DevOps/DevSecOps drive fuzzing mainstream.

Data Privacy

Data Privacy Cybersecurity Security Marketing

The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech

Data Matters

JUNE 1, 2022

April 2023: The DMA becomes applicable (i.e., June 2023: Deadline for notifications to the Commission on whether the undertaking meets the criteria and falls within the definition of “gatekeeper.”. August 2023: Commission designates companies as gatekeepers. after a six-month transition period).

Marketing

Marketing Computer and Electronics Communications GDPR

How to foster a culture that values data privacy

Collibra

MAY 22, 2020

Similarly, Lockheed Martin indicates data protection and cybersecurity as focal points in its strategy to improve operational efficiency and gain competitive advantage. They put data at the forefront of their strategies to get ahead of competitors. Data is an asset. They need to embed data privacy in their ethics and culture.

Data Privacy

Data Privacy Privacy Analytics Marketing

European Commission adopts new adequacy decision for EU-US data flows

DLA Piper Privacy Matters

JULY 11, 2023

Authors: Jim Sullivan , Rachel De Souza, Heidi Waem , John Magee and David Brazil On 10 July 2023, the European Commission adopted its long-awaited adequacy decision for the EU-US Data Privacy Framework ( DPF ).

Personal data

Personal data Privacy Compliance Insurance

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

The results are in, and California voters have approved the California Privacy Rights Act (CPRA) which was listed on the ballot as Proposition 24. And indeed, CCPA obligations continue to evolve, with proposed amendments to the regulations proposed by the Attorney General’s Office mid-October 2020. Next Steps. New Enforcement Agency.

Privacy

Privacy B2B Sales Data breaches

ASEAN releases Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses and AI Governance Guide

Data Protection Report

FEBRUARY 27, 2024

Joint MCC – SCC Guide To recap, the first part of the Joint MCC – SCC Guide (the Reference Guide ) was first published in May 2023. 2] Our previous article on the Reference Guide can be accessed at: European Commission and ASEAN releases Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses | Data Protection Report.

Government

Government Personal data Compliance Risk

California AG posts final proposed CCPA Regulations and offers insights ahead of July 1 enforcement deadline

DLA Piper Privacy Matters

JUNE 5, 2020

The California Attorney General has posted the final proposed CCPA Regulations , which were submitted to the California Office of Administrative Law (OAL) on June 1, 2020. By Kate Lucente , Jim Halpert, Lael Bellamy. The final proposed regulations are virtually unchanged from the prior version , posted on March 11. Review process.

Unstructured data

Unstructured data Compliance Privacy Sales

Developments in Cookie Regulation: French CNIL Declares Intent to Audit Websites for Cookie Compliance

Data Matters

APRIL 26, 2021

The CNIL had issued several recommendations, guidelines and cookie tools to raise awareness on the importance of this topic, with a final set of guidelines published on October 1, 2020 following public consultation rounds (“ Cookie Guidelines ”). It issued a total fine of €135m against two U.S.

Compliance

Compliance Analytics Privacy GDPR

A Close Up Look at the Consumer Data Broker Radaris

Krebs on Security

MARCH 8, 2024

These data brokers do not want to be treated as CRAs, and for this reason their people search reports typically do not include detailed credit histories, financial information, or full Social Security Numbers (Radaris reports include the first six digits of one’s SSN). But in September 2023, the U.S. The FTC levied a $5.8

Privacy

Privacy Data Privacy Government Marketing

EU Council Agrees on Proposed ePrivacy Regulation

Data Matters

MARCH 10, 2021

In the meantime, however, the EU Electronic Communications Code (EECC), as of December 21, 2020, has extended the scope of the ePrivacy Directive to cover these services to avoid a gap in the current legislative framework (until the new ePrivacy Regulation is adopted).

GDPR

GDPR Metadata Communications Privacy

The Week in Cyber Security and Data Privacy: 1 – 7 April 2024

IT Governance

APRIL 9, 2024

Enforcement Google agrees to delete billions of records and reduce incognito user tracking Google has agreed to settle a 2020 class action lawsuit accusing it of invading people’s privacy by collecting user data even in incognito mode.

Data Privacy

Data Privacy Privacy Security Manufacturing

CPPA Board Holds Meeting on Status of CPRA Rulemaking and Other Topics

Hunton Privacy

DECEMBER 19, 2022

On December 16, 2022, the California Privacy Protection Agency (“CPPA”) Board held a public meeting regarding the status of the California Privacy Rights Act of 2020 (“CPRA”) rulemaking process and other topics, such as the CPPA’s advocacy regarding proposed federal and state privacy legislation.

Privacy

Privacy Cybersecurity Risk Data Privacy

The Return of the Mac: CCPA 2.0 Qualifies for California’s November 2020 Ballot and Could Usher In Sweeping Changes to CCPA

Data Matters

JUNE 26, 2020

The California Privacy Rights Act (CPRA), a proposed initiative to codify far-reaching amendments to the California Consumer Privacy Act (CCPA) and sometimes referred to as “CCPA 2.0”, is back in play and heading to the November 2020 ballot. Impacts on Businesses if Voters Approve CPRA. The post The Return of the Mac: CCPA 2.0

Data breaches

Data breaches Privacy Passwords Risk

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

IT Governance

JANUARY 30, 2024

and its CISO, Tim Brown, have filed a dismissal motion at New York federal court, denying SEC allegations of fraud and internal control failures relating to its cyber security practices following the cyber attack it suffered from 2019 to 2020. SolarWinds seeks dismissal of SEC cyber security lawsuit SolarWinds Corp. noyb survey: 74.4%

Data Privacy

Data Privacy Retail Privacy Manufacturing

EU/U.S: EDPB Welcomes Improvements in the EU-U.S. Data Privacy Framework, but Challenges Remain

DLA Piper Privacy Matters

MARCH 6, 2023

Authors: Jim Sullivan , John Magee , Rachel De Souza & Christopher Connell The European Data Protection Board (“ EDPB ” or the “ Board ”) on 28 February 2023, released its non-binding opinion on the draft adequacy decision underlying the EU-U.S. Data Privacy Framework (“ DPF ”).

Data Privacy

Data Privacy Privacy Compliance Data collection

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Phishing Attacks: Phishing is the top cyber attack, causing 90% of data breaches. Ransomware Attacks: In 2023, a whopping 72.7% Data Breach Costs: The average global cost of a data breach in 2023 was $4.45 Shockingly, 96% of these attacks come through email. of organizations faced ransomware. million per breach.

Security

Security Phishing IoT Ransomware

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

At the same time – in fact, as a direct result of data’s central importance – more adversaries are working harder and finding more nefarious ways to steal or otherwise compromise your data. As just one measure, the number of data breaches in the first nine months of 2021 exceeded all those in 2020, a new record.

Encryption

Encryption Cloud Privacy GDPR

What Is Firewall-as-a-Service? FWaaS Ultimate Guide

eSecurity Planet

AUGUST 29, 2023

Data Privacy Concerns The use of third-party cloud servers for routing network traffic raises concerns about data privacy and compliance. Organizations handling sensitive data might hesitate due to potential exposure to data breaches. This updates a Dec.

Cloud

Cloud Data Privacy Compliance Privacy

Data Privacy Legislation: What You Should Be Looking for in 2023

Thales Cloud Protection & Licensing

JANUARY 24, 2023

Data Privacy Legislation: What You Should Be Looking for in 2023 divya Wed, 01/25/2023 - 06:31 Comprehensive data protection laws exist across the globe. Lawmakers’ efforts have intensified in the last two years, with many data protection law initiatives being passed and adopted.

Data Privacy

Data Privacy Privacy GDPR Compliance

The synergy between UEM and medical device risk management

IBM Big Data Hub

OCTOBER 9, 2023

At the beginning of 2023, according to IBM Security’s “ Threat Intelligence Index ” report, healthcare was in the top 10 most-attacked industries on the planet. The “ Cost of a Data Breach 2023” report also uncovered that, since 2020, healthcare data breach costs have increased by 53.3%.

Risk

Risk Cybersecurity Data breaches Compliance

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

eSecurity Planet

MAY 27, 2024

GitLab also patched six medium-severity vulnerabilities, including CSRF via Kubernetes Agent Server, ( CVE-2023-7045 ) and DoS ( CVE-2024-2874 ). The problem: CVE-2020-17519 , a four-year-old vulnerability that affects Apache Flink versions 1.11.0 The fix: To mitigate CVE-2020-17519, upgrade to Apache Flink versions 1.11.3

Authentication

Authentication Access Systems administration Security

Hong Kong’s data privacy law reform may come in 2023

The Week in Cyber Security and Data Privacy: 30 October – 5 November 2023

Webinars

Trending Sources

The Week in Cyber Security and Data Privacy: 13 – 19 November 2023

Webinars

2020 Predictions: New Challenges for Data Privacy and the 5G Hackathon

Brazilian Data Protection Authority Publishes Regulatory Strategy for 2021 – 2023

Private UK health data donated for medical research shared with insurance companies

New York Becomes First State to Require CLE in Cybersecurity, Privacy and Data Protection

European Commission adopts its adequacy decision for the EU-US Data Privacy Framework

Navigating the EU-US Data Protection Framework

CPPA Board Discusses Agency’s Top Priorities and the Status of CPRA Rulemaking Process

The Not-so-True People-Search Network from China

IAB Releases for Public Comment Proposed Contractual Framework and U.S. State Signals Specifications for Compliance with Five States’ Privacy Laws

US State Privacy Update: California Privacy Protection Agency Announces Revised Rulemaking Timeline Under The CPRA

Big California Privacy News: Legislative and Enforcement Updates

Lessons on international transfers to the US to organisations caught by the GDPR

A Look Back On Five Key Developments in Cybersecurity and Data Protection in Southeast Asia in 2022

MY TAKE: DigiCert and Oracle partner to extend digital trust and scalable infrastructure globally

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

California, Massachusetts, and Michigan – 2020 Ballot Initiatives on Privacy

Rallying troops against cybercrime with QRadar SIEM

US: As expected, California ballot initiative passes, significantly altering the California Consumer Privacy Act

California Privacy Compliance Obligations May Soon Change Under CPRA Ballot Initiative

3 AppSec Predictions For 2021

3 AppSec Predictions For 2021

The Digital Markets Act Is Almost Here: 10 Things to Know About the EU’s New Rules for Big Tech

How to foster a culture that values data privacy

European Commission adopts new adequacy decision for EU-US data flows

California Privacy Law Overhaul – Proposition 24 Passes

ASEAN releases Joint Guide to ASEAN Model Contractual Clauses and EU Standard Contractual Clauses and AI Governance Guide

California AG posts final proposed CCPA Regulations and offers insights ahead of July 1 enforcement deadline

Developments in Cookie Regulation: French CNIL Declares Intent to Audit Websites for Cookie Compliance

A Close Up Look at the Consumer Data Broker Radaris

EU Council Agrees on Proposed ePrivacy Regulation

The Week in Cyber Security and Data Privacy: 1 – 7 April 2024

CPPA Board Holds Meeting on Status of CPRA Rulemaking and Other Topics

The Return of the Mac: CCPA 2.0 Qualifies for California’s November 2020 Ballot and Could Usher In Sweeping Changes to CCPA

The Week in Cyber Security and Data Privacy: 22 – 28 January 2024

EU/U.S: EDPB Welcomes Improvements in the EU-U.S. Data Privacy Framework, but Challenges Remain

26 Cyber Security Stats Every User Should Be Aware Of in 2024

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

What Is Firewall-as-a-Service? FWaaS Ultimate Guide

Data Privacy Legislation: What You Should Be Looking for in 2023

The synergy between UEM and medical device risk management

Vulnerability Recap 5/27/24 – Google, Microsoft & GitLab Fixes

Stay Connected