In response to a number of recent high-profile cyber attacks aimed at federal agencies, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity (EO) on May 12, 2021. The EO which created a new Cyber Safety Review Board to review major cyber incidents and requires information and communications technology (ICT) service providers entering into contracts … Continue Reading
In a recent Q&A with Nevada Attorney General (AG) Aaron Ford, the first term AG discusses Nevada’s new data privacy law (Senate Bill 220), which provides consumers with a right to opt out of the sale of their data. AG Ford also outlines his perspective on federal privacy law and his office’s data breach enforcement … Continue Reading
By a new decision of sanction rendered on 28 May 2019, the French data protection authority Commission nationale de l’informatique et des libertés (CNIL) imposed a €400,000 fine on French property management company Sergic for failure to comply with its obligation to maintain the security of and to limit the storage of personal data. This … Continue Reading
The latest in the series of blogs from the UK Information Commissioner’s Office (ICO) looks at some of the myths around data breach reporting under the General Data Protection Regulation (GDPR). Given the misleading press stories on this topic, the ICO’s blog should provide some welcome clarification for concerned businesses as they prepare to comply … Continue Reading
Ever since January 2014, when South Korea’s credit card industry lost huge amounts of customer data during a data breach, the South Korean government has been gradually announcing stricter penalties for those who run afoul of data protection rules. The latest amendment to the Personal Information Protection Act (PIPA), Bill No. 15737 (‘Amendment’), published 7 … Continue Reading
France’s data protection authority, the Commission Nationale De L’informatique et Des Libertés (CNIL), released a new mandatory online notification procedure for French electronic communications service providers (Providers) to rapidly report data breaches to CNIL in compliance with new EC Regulation (No.611/2013) (the Regulation). Any data breach must be reported to CNIL via a new standardized … Continue Reading
The UK data protection authority, Information Commissioner’s Office (ICO), has published statistics regarding breach incidents in the first quarter of this year (1 April – 30 June 2013). In a related press release, the ICO discussed conclusions drawn from the numbers regarding the most common types of data breaches and the sectors that appear to … Continue Reading