2017, Compliance and Personal data - Information Management Today

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be underestimated. data subjects, using the GDPR terminology) located within India.

Personal data

Personal data GDPR Data breaches Compliance

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

In September 2017, then-SEC Chairman Jay Clayton issued a public statement that provided an overview of the SEC’s approach to cybersecurity and underscored it as a priority for the SEC. Companies should regularly assess compliance with current policies and procedures to confirm the effectiveness as adequate controls. 20, 2017).

Cybersecurity

Cybersecurity Financial Services Risk Compliance

ICO issues warning to charity workers

IT Governance

NOVEMBER 23, 2017

The warning follows the prosecution of a charity worker for making personal copies of sensitive data and sending them to a personal email account without the knowledge of his employer, Rochdale Connections Trust. The investigation revealed that a similar database had been sent to a personal email account on 14 June 2016.

Personal data

Personal data Information Security Education Compliance

Germany: First court decision on GDPR

DLA Piper Privacy Matters

JUNE 6, 2018

Article 5 (1) lit b) and c) GDPR dictate that personal data may only be collected for specified, explicit and legitimate purposes and shall be adequate, relevant and limited to what is necessary in relation to the purpose. Per the court, ICANN could not show credibly the necessity to collect the Admin-C and Technical-C.

GDPR

GDPR Compliance Personal data Security

CIPL Responds to ICO Call for Views on Creating a Regulatory Sandbox

Hunton Privacy

OCTOBER 17, 2018

On October 11, 2018, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth LLP submitted comments to the UK Information Commissioner’s Office (“ICO”) in response to its call for views on creating a regulatory sandbox.

Financial Services

Financial Services Paper Personal data Compliance

Belgium Adopts Law Reforming the Belgian Privacy Commission

Hunton Privacy

JANUARY 18, 2018

On January 10, 2018, the Law of 3 December 2017 creating the Data Protection Authority (the “Law”) was published in the Belgian Official Gazette (available in French and Dutch ). The Law was submitted in the Chamber of Representatives on August 23, 2017, and was approved by the Parliament in plenary meeting on November 16, 2017.

Privacy

Privacy Computer and Electronics Personal data GDPR

China’s First Data Protection Measures Lifting Its Veils

HL Chronicle of Data Protection

JUNE 13, 2019

The scope of application of the Data Security Measures. The data covered by the Data Security Measures includes personal data and important data. Requirements for personal data collection statements. Other items required by laws and administrative regulations.

Personal data

Personal data IT Data collection Compliance

Article 29 Working Party Releases GDPR Guidance on Consent and Transparency

Data Matters

DECEMBER 14, 2017

On 28 November 2017, the Article 29 Working Party (the “ WP29 ”) published detailed draft guidelines on consent under the EU General Data Protection Regulation (the “ GDPR ”), which is to come into effect on 25 May 2018. Under the GDPR, consent is one of six legal bases to process personal data. Explicit Consent?

GDPR

GDPR Personal data Compliance Marketing

China: Navigating China Episode 19: China’s new Data Security Law: what multinational businesses need to know

DLA Piper Privacy Matters

JUNE 21, 2021

The speed of its passing has left multinational businesses scrabbling to understand the key compliance obligations. While many of the practical compliance steps will be detailed in measures and guidelines to be published over the coming weeks and months, here’s what we already know: 1.

Security

Security Compliance Data Privacy Risk

Irish DPA Issues €450,000 Fine Against Twitter for Data Breach Following EDPB Decision under the GDPR Consistency Mechanism

Hunton Privacy

DECEMBER 17, 2020

Twitter estimated that 88,726 Twitter users in Europe were affected between September 5, 2017 and January 11, 2019. This bug impacted Twitter users on Android devices who had changed the email address associated with their Twitter accounts. The bug was discovered on December 26, 2018.

GDPR

GDPR Data breaches Personal data Compliance

Germany: Bonn Regional Court overrules GDPR Fining Guidelines by German Data Protection Authorities

DLA Piper Privacy Matters

NOVEMBER 24, 2020

How to properly calculate administrative fines for non-compliance with the EU General Data Protection Regulation (‘ GDPR ’) is one of the most important questions when applying the GDPR on practical level, e.g. : What is actually meant by the reference to “undertaking” in Article 83 (4) to (6) GDPR? million Euro as was too high.

GDPR

GDPR Authentication Compliance Personal data

China Ministries Jointly Release Guidelines for Protecting Personal Information Online

Hunton Privacy

APRIL 30, 2019

On April 11, 2019, the People’s Republic of China’s Network Security Bureau of the Ministry of Public Security, the Beijing Network Industry Association and the Third Research Institution of the Ministry of Public Security jointly released a “Guide to Protection of Security of Internet Personal Information (the “Guide”). Application.

Cybersecurity

Cybersecurity Information Security Personal data Security

Weekly podcast: 2018 end-of-year roundup

IT Governance

DECEMBER 13, 2018

Also in January, the ICO (Information Commissioner’s Office) fined Carphone Warehouse £400,000 – one of the largest fines it issued under the DPA (Data Protection Act) 1998 – for multiple security inadequacies that led to a 2015 data breach in which three million customers’ personal data was compromised.

Data breaches

Data breaches Personal data Access GDPR

Singapore proposes changes to cybersecurity and data protection regimes

Data Protection Report

SEPTEMBER 25, 2017

In a bid to keep pace with advancements in the technological landscape, the Singapore Government has in recent months embarked on public consultations on its draft Cybersecurity Bill (the Cyber Bill) and its proposed amendments to Singapore’s Personal Data Protection Act (PDPA) to update the country’s data protection regime.

Cybersecurity

Cybersecurity Data breaches Personal data Compliance

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. Europe’s omnibus new framework for data protection law applies to (almost) all entities that collect and process EU personal data regardless of where the data are processed.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Opinion 5/2019 on the interplay between the ePrivacy Directive and the GDPR, particularly regarding the competence, tasks, and powers of data protection authorities (12.3.2019) – The EDPB confirmed that where the ePD provides for a more specific rule than the GDPR, the specific rule will prevail.

GDPR

GDPR Personal data Privacy Information architecture

China Issues Draft of Data Security Administrative Measures

Hunton Privacy

JUNE 10, 2019

The Measures, which, when finalized, will be legally binding, supplement the Cybersecurity Law of China (the “Cybersecurity Law”) that took force on June 1, 2017, with detailed and practical requirements for network operators who collect, store, transmit, process and use data within Chinese territory.

Security

Security Data breaches Data collection Cybersecurity

Weekly podcast: Exactis, BetVictor, Ticketmaster, and GDPR complaints

IT Governance

JUNE 29, 2018

Exactis is yet to confirm or comment on the incident, but if what Wired says is true, the breach would be one of the largest in history – far bigger than last year’s Equifax breach, which saw nearly 150 million consumers’ personal data exposed, although still some way off Yahoo’s record of 3 billion affected accounts.

GDPR

GDPR Passwords Data breaches Access

Singapore’s new Cybersecurity Act come into force: Here’s what you need to know

Data Protection Report

SEPTEMBER 6, 2018

Our comments on the draft Cybersecurity Bill which was released for public feedback in connection with the Public Consultation in 2017 as a pre-cursor to the Act, can be accessed here. The 11 critical sectors of essential services that are identified in the Act are: Energy. Creation of a cybersecurity regulator. Info-communications.

Cybersecurity

Cybersecurity Compliance Data Privacy Personal data

2019 end-of-year review part 1: January to June

IT Governance

DECEMBER 27, 2019

Among other news: B&Q breached the personal data of 70,000 people who had been caught stealing products from its stores. Sensitive data belonging to hundreds of German politicians and public figures was published online. Victims of Equifax’s 2017 data breach were given the go-ahead to launch a class-action lawsuit.

Data breaches

Data breaches GDPR Passwords Personal data

Persistent privacy powers professional businesses

CGI

SEPTEMBER 25, 2018

While for some, compliance with the General Data Protection Regulation (GDPR) was business as usual (BAU), for others it represented a huge effort—and a bit of a panic for a minority. Persistent privacy powers professional businesses. harini.kottees…. Tue, 09/25/2018 - 02:46.

Privacy

Privacy GDPR Cybersecurity Unstructured data

UK: ICO announces intention to fine Facebook £500,000 and publishes data analytics investigation update

DLA Piper Privacy Matters

JULY 12, 2018

On 10 July 2018, the Information Commissioner published an update on its investigation into the use of data analytics in political campaigns.

Analytics

Analytics GDPR Personal data Marketing

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

For example, the New York Department of Financial Services (‘NYDFS’) in March 2017 issued its Cybersecurity Regulation (23 NYCRR 500) (‘the NYDFS Cybersecurity Regulation’), a groundbreaking and far-reaching regulatory regime focused on financial institutions licensed in New York, including insurance companies.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Wednesday LTNY 2018 Sessions: eDiscovery Trends

eDiscovery Daily

JANUARY 30, 2018

be interviewing several industry thought leaders to see what they think are the significant trends for 2017 and, which of those are evident at LTNY. and Mary (as in Mary Mack, Executive Director of ACEDS) and Marc Zamsky (from ComplianceDS) at Ruth’s Chris Steak House at 148 West 51st Street on Wednesday from 4:00pm to 6:00pm.

e-Discovery

e-Discovery Artificial Intelligence GDPR Education

How data breaches are affecting the retail industry

IT Governance

AUGUST 21, 2018

Looking more broadly than the retail sector for a moment, the ICO reports that there were a total of 957 data security incidents during the first quarter of 2018 (a 17% increase on Q3) and the World Economic Forum believes that cyber attacks are one of the top five risks to global stability in the next five years, so we all need to take heed.

Retail

Retail Data breaches GDPR Compliance

Jamaica’s New Privacy Protection Bill

Data Matters

NOVEMBER 21, 2017

On 10 October 2017, Jamaica introduced into its House of Parliament a comprehensive Bill for privacy and data protection, entitled “An Act to Protect the Privacy of Certain Data and for Connected Matters.” If passed, the new law will be named the “Data Protection Act, 2017.” .

Privacy

Privacy Personal data Compliance Data breaches

CNIL Unveils 2019 Inspection Program and 2018 Annual Activity Report

Hunton Privacy

APRIL 30, 2019

percent compared to the number of complaints in 2017). This upward trend was confirmed in the first few months of 2019, and may be due to the media impact of the EU General Data Protection Regulation (“GDPR”) and increased public awareness. percent of complaints); the banking/credit sector (8.9 percent of complaints); and.

GDPR

GDPR Personal data Data breaches Marketing

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

We want businesses to ensure that their customers and future customers have consented to having their personal data processed, but we also need to ensure that the enormous potential for new data rights and freedoms does not open us up to new threats. Where she finds criminality, she can prosecute.

GDPR

GDPR Personal data Government IT

Weekly podcast: German data breach, poor passwords, Marriott, NHS Digital and Patch Tuesday

IT Governance

JANUARY 10, 2019

This week, we discuss a high-profile German data breach, the top worst passwords of 2018, the resignation of NHS Digital’s CISO, and Microsoft’s latest patches. Hello and welcome to the first IT Governance podcast of 2019 – for Friday, 11 January. If it’s not too late to say happy new year, happy new year. 123456789.

Data breaches

Data breaches Passwords GDPR Personal data

Information Management Today

India: New Digital Personal Data Protection Act, Start Planning Now.

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Trending Sources

ICO issues warning to charity workers

Germany: First court decision on GDPR

CIPL Responds to ICO Call for Views on Creating a Regulatory Sandbox

Belgium Adopts Law Reforming the Belgian Privacy Commission

China’s First Data Protection Measures Lifting Its Veils

Article 29 Working Party Releases GDPR Guidance on Consent and Transparency

China: Navigating China Episode 19: China’s new Data Security Law: what multinational businesses need to know

Irish DPA Issues €450,000 Fine Against Twitter for Data Breach Following EDPB Decision under the GDPR Consistency Mechanism

Germany: Bonn Regional Court overrules GDPR Fining Guidelines by German Data Protection Authorities

China Ministries Jointly Release Guidelines for Protecting Personal Information Online

Weekly podcast: 2018 end-of-year roundup

Singapore proposes changes to cybersecurity and data protection regimes

Privacy and Cybersecurity Top 10 for 2018

GDPR – The Year in Review

China Issues Draft of Data Security Administrative Measures

Weekly podcast: Exactis, BetVictor, Ticketmaster, and GDPR complaints

Singapore’s new Cybersecurity Act come into force: Here’s what you need to know

2019 end-of-year review part 1: January to June

Persistent privacy powers professional businesses

UK: ICO announces intention to fine Facebook £500,000 and publishes data analytics investigation update

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Wednesday LTNY 2018 Sessions: eDiscovery Trends

How data breaches are affecting the retail industry

Jamaica’s New Privacy Protection Bill

CNIL Unveils 2019 Inspection Program and 2018 Annual Activity Report

The debate on the Data Protection Bill in the House of Lords

Weekly podcast: German data breach, poor passwords, Marriott, NHS Digital and Patch Tuesday

Stay Connected