Information Management Today

What You Should Know About Open Source License Compliance for M&A Activity

Data Breach Today

AUGUST 2, 2023

Companies are increasingly concerned about the security of applications built on open source components, especially when they’re involved in mergers and acquisitions. Just like copyright for works of art, each piece of open source software has a license that states legally binding conditions for its use.

Compliance

Compliance Security IT

ICANN Launches Service to Help With WHOIS Lookups

Krebs on Security

DECEMBER 6, 2023

ICANN made the policy change in response to the General Data Protection Regulation (GDPR), a law enacted by the European Parliament that requires companies to gain affirmative consent for any personal information they collect on people within the European Union. This video from ICANN walks through how the system works. The RDRS portal.

Phishing

Phishing GDPR Personal data Communications

The Now-Defunct Firms Behind 8chan, QAnon

Krebs on Security

OCTOBER 22, 2020

In practical terms, what this means is that the legal contracts which granted these companies temporary control over large swaths of Internet address space are now null and void, and American Internet regulators would be well within their rights to cancel those contracts and reclaim the space. ” and “207.”

Communications

Communications IT Access Security

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

The Cost of Non-Compliance: Financial Implications of Inadequate Legal Holds

Gimmal

MARCH 12, 2024

In today’s litigious business climate, the specter of legal disputes looms large, and the effective management of legal holds has become a critical component of corporate compliance. This blog post delves into the financial implications of inadequate legal holds and underscores the importance of compliance.

Compliance

Compliance e-Discovery Data preservation Risk

Thinking of Hiring or Running a Booter Service? Think Again.

Krebs on Security

JANUARY 17, 2023

Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law. com , a popular and powerful attack-for-hire service that he registered with the state of Hawaii using his real name and address.

Government

Government IT Education Cybersecurity

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

Among the companies that checked to see if Jim still wanted that loan he never applied for last May was Mountain Summit Financial (MSF), a lending institution owned by a Native American tribe in California called the Habematelol Pomo of Upper Lake. How about a 900 percent interest loan? Then on Nov.

Financial Services

Financial Services IT Data breaches Authentication

Meta Fined €390 Million by Irish DPC for Alleged Breaches of GDPR, Including in Behavioral Advertising Context

Hunton Privacy

JANUARY 20, 2023

Meta”) with respect to the company’s Instagram and Facebook platforms. In anticipation of the GDPR entering into force, Meta updated its Terms of Service and asked its users to accept the new terms before continuing to access its services.

GDPR

GDPR Personal data Compliance Privacy

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

Dmsell said: “I’m actually very glad that I switched to legal spam mailing,” prompting Tarelka and Ika to scoff. As we’ll see in a moment, Salomon is now behind bars, in part because he helped to rob dozens of small businesses in the United States using some of those same harvested passwords.

Computer and Electronics

Computer and Electronics Passwords Sales Government

Six eDiscovery Trends for 2024

eDiscovery Daily

JANUARY 10, 2024

By Rick Clark and Jacob Hesse 2023 was an eventful year in the world of legal technology, with new technology emerging to address both traditional and new challenges legal teams face when collecting, processing, and reviewing data for litigation, investigations, or public access requests. Laws within nations are evolving as well.

Blockchain

Blockchain Artificial Intelligence Cloud Compliance

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Security Affairs

JANUARY 21, 2023

The DPC has given six months to the Meta-owned company to bring its data processing operations in compliance with the privacy regulation. ” On May 2018, ahead of the adoption of the GDPR, WhatsApp updated the Terms of Service imposing users to agree to the revised terms in order to continue using the messaging app. .

GDPR

GDPR Metadata Encryption Communications

Conti Ransom Gang Starts Selling Access to Victims

Krebs on Security

OCTOBER 25, 2021

It’s also not obvious why they would advertise having hacked into companies if they plan on selling that access to extract sensitive data going forward. “But it’s somewhat stupid to do it that way as you will alert the companies that they have a breach going on.” Conti did not respond to requests for comment.

Access

Access Ransomware Sales IT

Irish Data Protection Commission fined Meta $414 Million

Security Affairs

JANUARY 5, 2023

In advance of 25 May 2018, Meta Ireland had changed the Terms of Service for its Facebook and Instagram services. In advance of 25 May 2018, Meta Ireland had changed the Terms of Service for its Facebook and Instagram services. The decisions relate only to which legal basis Meta uses when offering certain advertising.

GDPR

GDPR Compliance Marketing IT

An Update on International and Cross-Border Discovery

AIIM

OCTOBER 27, 2020

Parties in the US are allowed broad and liberal discovery of electronically stored information (ESI) relevant and proportional to the claims and defenses in a legal action. When a US-based litigant seeks ESI stored in other countries, however, it raises thorny legal and practical issues.

e-Discovery

e-Discovery Personal data Privacy GDPR

Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

Krebs on Security

JANUARY 31, 2020

11, 2019, two security experts at a company that had been hired by the state of Iowa to test the physical and network security of its judicial system were arrested while probing the security of an Iowa county courthouse, jailed in orange jumpsuits, charged with burglary, and held on $100,000 bail. On Thursday Jan. Image: Wikipedia.

Security

Security Education Access Sales

The Break-Up List - A Checklist to Avoid Information Management Issues with Employee Separation

AIIM

JULY 30, 2019

These can cause significant information management issues, particularly if the separation was not on good terms. Social media accounts used on behalf of the organization. If the separation is on good terms, much of this can and should happen prior to separation; if not, it needs to be done as soon as is practicable.

Records Management

Records Management Archiving Access Cloud

Privacy Shield shafted – but do SCCs really deliver better privacy protections?

Data Protector

AUGUST 17, 2020

It was stuff designed to cleanse our souls and provide us with helpful words of comfort, to prepare us for the horrors that would be inflicted upon each and every one of us during the school week ahead. Presumably, most of the companies that have used the Privacy Shield will decide to adopt the SCC approach.

Privacy

Privacy Personal data Risk Compliance

GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping

The Last Watchdog

OCTOBER 17, 2022

More and more consumers are using apps every year. In fact, Google Play users downloaded 111.3 billion apps in 2021 alone, up more than 47 percent since 2018. Related: Microsoft CEO calls for regulating facial recognition. Rampant ‘sharing’ The study revealed that more than half (55.2 percent share approximate location history.

Privacy

Privacy Data Privacy Personal data Data collection

Exploring the risks and alternatives of ChatGPT: Paving a path to trustworthy AI

IBM Big Data Hub

AUGUST 16, 2023

And when in doubt, I recommend you use the same common sense that you’ve always used when employing new Internet services. Evolution of AI tools ChatGPT harnesses the immense power of GPT-3 and GPT-4 , belonging to a new class of “gargantuan” and widely popular large language models used in various AI applications.

Risk

Risk Artificial Intelligence Compliance Privacy

Digital Signatures 101 – Drivers, Barriers, and User Research

AIIM

APRIL 6, 2021

This may already the reality for some leading companies, but for most organizations, forms, contracts, agreements, and signoffs are still rooted in wet ink on paper. Often called Electronic Signatures, Digital Signatures, or e-signatures - it’s likely you’ve come across these terms in some way. Aren’t these terms all the same thing?

Paper

Paper Healthcare Authentication Passwords

Licenses vs. Entitlements: Know your rights

Thales Cloud Protection & Licensing

OCTOBER 19, 2021

How can you ensure that your company is complying with its contractual obligations around the use of third-party software? It all starts by understanding the fundamental difference between the terms ‘software license’ (or licensing) and ‘entitlement’ (or entitlement management). Tue, 10/19/2021 - 08:16.

Paper

Paper Marketing Access IT

Understanding and Managing eDiscovery Costs

eDiscovery Daily

DECEMBER 9, 2021

According to the International Legal Technology Association (ILTA), the pandemic has created a data explosion by encouraging frequent usage of chat applications. On the other hand, the influx of modern data types has created an expensive headache for legal teams. Don’t spend too much time on search term negotiations.

e-Discovery

e-Discovery Communications Risk Access

12 Data Loss Prevention Best Practices (+ Real Success Stories)

eSecurity Planet

APRIL 12, 2024

This also protects sensitive data and minimizes legal and reputational issues. Explore some real-world instances below and discover when and how to use DLP procedures for optimal data security. Company resources: Examine your budget allocations and IT infrastructure capabilities.

Encryption

Encryption Risk Data breaches Access

Privacy in a Parallel Digital Universe: The Metaverse

Data Protection Report

JANUARY 25, 2022

The metaverse is an abstract concept that uses a digital environment to permeate the boundaries of our physical world. We are also seeing major gaming companies developing their own versions of the metaverse. Legal Considerations in the Metaverse. Instead of reading this article, you could be immersed in it.

Privacy

Privacy Artificial Intelligence Personal data Data collection

Pending Updates to Regulations of Archives in Colombia

AIIM

MAY 30, 2023

Through this state norm, Colombia and all its public institutions have made substantial progress in document management and archives administration, so much so that it has been recognized nationally and internationally as a reference for several countries to develop their own legal frameworks on their public archive policies.

Archiving

Archiving Search queries Digital preservation Big data

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

In 2019, a Canadian company called Defiant Tech Inc. LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In a legal settlement that is quintessentially Canadian, the matter was resolved in 2019 after Defiant Tech agreed to plead guilty.

Passwords

Passwords Data breaches Marketing IT

How Secure Is Cloud Storage? Features, Risks, & Protection

eSecurity Planet

JANUARY 18, 2024

Here’s the difference between cloud and local storage in terms of accessibility, distribution, security measures, and more: Cloud Storage Local Storage Data Storage & Accessibility Hosted on remote servers; accessible via third-party APIs and internet connectivity; access anywhere.

Cloud

Cloud Risk Security Encryption

New FTC Policy Statement Targets Dark Patterns

Hunton Privacy

NOVEMBER 2, 2021

On October 28, 2021, the Federal Trade Commission announced the issuance of a new enforcement policy statement warning companies against using dark patterns that trick consumers into subscription services. They often appear in the context of negative option marketing.

Marketing

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

MAY 28, 2020

The ad campaign follows a similar initiative launched in late 2017 that academics say measurably dampened demand for such services by explaining that their use to harm others is illegal and can land potential customers in jail. For example, search in Google for the terms “booter” or “stresser” from a U.K.

Cybersecurity

Cybersecurity Risk Paper IT

National Security Risks of Late-Stage Capitalism

Schneier on Security

MARCH 1, 2021

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. It was a huge attack, with major implications for US national security. Who is at fault? SolarWinds certainly seems to have underspent on security.

Risk

Risk Security Cybersecurity Marketing

GDPR compliance checklist

IBM Big Data Hub

JANUARY 22, 2024

The General Data Protection Regulation (GDPR) is a European Union (EU) law that governs how organizations collect and use personal data. Any company operating in the EU or handling EU residents’ data must adhere to GDPR requirements. The company regularly monitors the activity of EEA residents, such as by using tracking cookies.

GDPR

GDPR Compliance Personal data Privacy

Subject Access Request: Germany’s highest court widens the scope of data subject access requests in Germany

Data Protection Report

JULY 28, 2021

The defendant was a life insurance company and the claimant their insured. With regards to the scope of the data subject access right, the FCJ refers to the legal definition of personal data in Article 4(1) GDPR. It held that the claimant failed to demonstrate that the information already provided by the controller was incomplete.

Access

Access GDPR Personal data Insurance

EU & Ireland: Meta’s legal basis for targeted ads found to breach GDPR

DLA Piper Privacy Matters

JANUARY 10, 2023

Ireland’s Data Protection Commission ( DPC ) announced on January 4, 2023, that it has fined Meta a total of €390 million after finding that the company’s Facebook and Instagram platforms lacked proper legal grounds for processing millions of Europeans’ personal data for targeted advertising. Background. Draft DPC Decision.

GDPR

GDPR Personal data IT Compliance

Uber Data Breach Results in Corporate Cooperation and Executive Conviction

Data Matters

OCTOBER 13, 2022

The Company did not disclose the 2016 incident to FTC investigators, and entered into a consent decree with the FTC in August 2016. As properly stated in the jury instruction used in this case for the misprision offense: the “[m]ere failure to report a federal felony is not a crime.

Data breaches

Data breaches Government Privacy Cybersecurity

World IP Day 2023: Defending Against the On-Going Threat to Intellectual Property

Thales Cloud Protection & Licensing

APRIL 25, 2023

More than just a chance to draw attention to the significant weight of IP and IP rights in today’s society, World IP Day also provides us the opportunity to discuss how the IP landscape can change for the better. Intellectual property is a term that covers a lot of ground. It can also hurt a company’s reputation and market share.

Marketing

Marketing Cybersecurity Sales Access

Lowe’s Market chain leaves client data up for grabs

Security Affairs

MARCH 19, 2023

A misconfiguration on a website owned by the US-based Lowe’s Market grocery store chain could have allowed threat actors to gain control of its systems. The supermarket chain’s website was leaking a treasure trove of private credentials, which left the company vulnerable to potential attacks by cybercriminals. databases were exposed.

Marketing

Marketing Access Risk IT

FRANCE: NEW GUIDANCE FOR DATA RETENTION

DLA Piper Privacy Matters

SEPTEMBER 4, 2020

The CNIL’s Guidelines apply to all private companies and public organizations processing personal data. The CNIL’s Guidelines apply to all private companies and public organizations processing personal data. Should a personal data be systematically erased at the end of the data retention term? Scope of application. Key points.

Personal data

Personal data Archiving GDPR Government

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

Securities and Exchange Commission (SEC) strongly advised public companies to improve their cybersecurity. This requirement copies the strategies of previous legislation that dramatically improved financial reporting for both public and private companies. Also read: Security Compliance & Data Privacy Regulations.

Cybersecurity

Cybersecurity Compliance Risk Communications

Written IT Security Policies: Why You Need Them & How to Create Them

eSecurity Planet

MARCH 18, 2022

IT practitioners sometimes become confused about the definition of a security policy because security practitioners use the word “policy” as terminology for two very different purposes: Implemented IT policies incorporated into operating system, firewall, or network rules. There is, however, a next step: Documenting policies.

IT

IT Compliance Security Access

On Robots Killing People

Schneier on Security

SEPTEMBER 11, 2023

One day in 1979, a robot at a Ford Motor Company casting plant malfunctioned—human workers determined that it was not going fast enough. Self-driving cars are already on American streets, and robotic "dogs" are being used by law enforcement. Regulation must push companies toward safe innovation and innovation in safety.

Artificial Intelligence

Artificial Intelligence Risk Government IT

Switzerland Recognizes New EU Standard Contractual Clauses and Issues Guidance on International Data Transfers

Data Matters

SEPTEMBER 27, 2021

The aim of these documents is to reduce uncertainties in a post- Schrems II era and to help companies ensure the ongoing lawful transfer of personal data. The aim of these documents is to reduce uncertainties in a post- Schrems II era and to help companies ensure the ongoing lawful transfer of personal data.

Personal data

Personal data GDPR Encryption Privacy

CIPL Responds to FTC’s ANPR on Commercial Surveillance and Data Security

Hunton Privacy

NOVEMBER 28, 2022

The ANPR sought public comment on, among other things, whether the FTC should implement new rules addressing the ways in which companies collect, aggregate, protect, use, analyze and retain consumer data. privacy framework.

Privacy

Privacy Security Risk IT

Hyperscale vs. colocation: Go big or go rent?

IBM Big Data Hub

MARCH 27, 2024

Now the word comes down from on high that you’ve been tasked with designing and implementing your company’s hyperscale computing solution—whatever that should be. The company is working with extremely high volumes of data and expects this situation to continue or grow. However, that’s just one set of opinions.

Cloud

Cloud Marketing Retail Artificial Intelligence

Acuity Who? Attempts and Failures to Attribute 437GB of Breached Data

Troy Hunt

NOVEMBER 14, 2023

Which immediately yielded this top result from June : Ah, so Acuity is a healthcare company. How many companies called "Acuity" that have been breached are there?! So how many "Acuity" companies are out there in total?! Allegedly, Acuity had a data breach. The other 3, however. This is clean - too clean.

Insurance

Insurance Data breaches Mining IT

EDPB Guidelines on international transfers: 6 key takeways

Data Protection Report

MARCH 13, 2023

The Guidelines note that the GDPR does not contain a legal definition of the notion “ transfer of personal data to a third country or to an international organisation ”. The Guidelines provide an example of an Italian resident completing an online form to buy a dress from a website operated by a company in third country.

GDPR

GDPR Personal data Data Privacy Risk

What You Should Know About Open Source License Compliance for M&A Activity

ICANN Launches Service to Help With WHOIS Lookups

Webinars

Trending Sources

The Now-Defunct Firms Behind 8chan, QAnon

Webinars

The Cost of Non-Compliance: Financial Implications of Inadequate Legal Holds

Thinking of Hiring or Running a Booter Service? Think Again.

Scary Fraud Ensues When ID Theft & Usury Collide

Meta Fined €390 Million by Irish DPC for Alleged Breaches of GDPR, Including in Behavioral Advertising Context

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Six eDiscovery Trends for 2024

The Irish DPC fined WhatsApp €5.5M for violating GDPR

Conti Ransom Gang Starts Selling Access to Victims

Irish Data Protection Commission fined Meta $414 Million

An Update on International and Cross-Border Discovery

Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

The Break-Up List - A Checklist to Avoid Information Management Issues with Employee Separation

Privacy Shield shafted – but do SCCs really deliver better privacy protections?

GUEST ESSAY: A breakout of how Google, Facebook, Instagram enable third-party snooping

Exploring the risks and alternatives of ChatGPT: Paving a path to trustworthy AI

Digital Signatures 101 – Drivers, Barriers, and User Research

Licenses vs. Entitlements: Know your rights

Understanding and Managing eDiscovery Costs

12 Data Loss Prevention Best Practices (+ Real Success Stories)

Privacy in a Parallel Digital Universe: The Metaverse

Pending Updates to Regulations of Archives in Colombia

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

How Secure Is Cloud Storage? Features, Risks, & Protection

New FTC Policy Statement Targets Dark Patterns

UK Ad Campaign Seeks to Deter Cybercrime

National Security Risks of Late-Stage Capitalism

GDPR compliance checklist

Subject Access Request: Germany’s highest court widens the scope of data subject access requests in Germany

EU & Ireland: Meta’s legal basis for targeted ads found to breach GDPR

Uber Data Breach Results in Corporate Cooperation and Executive Conviction

World IP Day 2023: Defending Against the On-Going Threat to Intellectual Property

Lowe’s Market chain leaves client data up for grabs

FRANCE: NEW GUIDANCE FOR DATA RETENTION

New SEC Cybersecurity Rules Could Affect Private Companies Too

Written IT Security Policies: Why You Need Them & How to Create Them

On Robots Killing People

Switzerland Recognizes New EU Standard Contractual Clauses and Issues Guidance on International Data Transfers

CIPL Responds to FTC’s ANPR on Commercial Surveillance and Data Security

Hyperscale vs. colocation: Go big or go rent?

Acuity Who? Attempts and Failures to Attribute 437GB of Breached Data

EDPB Guidelines on international transfers: 6 key takeways

Stay Connected