2021, Compliance and Personal data - Information Management Today

2021

Compliance

Personal data

Irish data protection commission fines Meta over 2021 data-scraping leak

Security Affairs

NOVEMBER 28, 2022

Irish data protection commission (DPC) fined Meta for not protecting Facebook’s users’ data from scraping. million) by the Irish data protection commission (DPC) for the data leak suffered by Facebook in 2021 that exposed the data belonging to millions of Facebook users. Pierluigi Paganini.

GDPR

GDPR Personal data Compliance Privacy

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. This resolution highlights the SEC’s continued focus on cybersecurity.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

ICO Consultation on International Data Transfer Agreement to Replace SCCs

Hunton Privacy

AUGUST 12, 2021

On August 11, 2021, the UK Information Commissioner’s Office (“ICO”) launched a consultation on its draft international data transfer agreement (“IDTA”) and guidance for organizations on international transfers (the “Guidance”). Hunton will prepare a response in conjunction with our Centre for Information Policy Leadership.

GDPR

GDPR Personal data Risk Access

Identity Proofing: The New Foundation for Every Digital Identity

Thales Cloud Protection & Licensing

NOVEMBER 30, 2021

Tue, 11/30/2021 - 06:01. During the Thales Trusted Access Summit 2021, I discussed how advances in identity proofing such as biometrics and smartphone technologies are enabling organizations to deliver KYC effectively by offering a quick, frictionless, and secure identity proofing environment.

Authentication

Authentication Privacy Compliance Retail

EDPB adopts final Recommendations on Supplementary Measures

DLA Piper Privacy Matters

JUNE 23, 2021

On 21 June 2021, the European Data Protection Board (“ EDPB ”) published the final Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data (“ Recommendations ”). Key takeaways.

GDPR

GDPR Personal data Compliance Risk

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

Data Matters

DECEMBER 9, 2021

On November 26, 2021, the U.S. Department of Commerce (Commerce) issued a notice of proposed rulemaking (Proposed Rule) implementing Executive Order 14034 on Protecting Americans’ Sensitive Data from Foreign Adversaries (EO 14034). Commerce invited interested parties to submit comments on the Proposed Rule by December 27, 2021.

Communications

Communications Manufacturing Data collection Risk

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

DLA Piper Privacy Matters

JUNE 4, 2021

Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation. China is a leading marketing for connected and autonomous vehicles, and use and analytics of connected vehicle data has been encouraged by Chinese Government support of big data and AI technology.

Big data

Big data Compliance Personal data Insurance

China: Navigating China Episode 19: China’s new Data Security Law: what multinational businesses need to know

DLA Piper Privacy Matters

JUNE 21, 2021

China’s Data Security Law (“ DSL ”) has come into force and takes effect on 1 September 2021. The speed of its passing has left multinational businesses scrabbling to understand the key compliance obligations. The DSL applies to data in general, and forms part of the broader China data framework.

Security

Security Compliance Data Privacy Risk

UK: ICO rules regarding the online privacy of children enter into force

DLA Piper Privacy Matters

SEPTEMBER 2, 2021

The Age Appropriate Design Code (“ Code ”), a new statutory Code of Practice published by the UK Information Commissioner’s Office (“ ICO ”), enters into force today (2 September 2021) following a one year transition period. The Children’s Code is not new law, but a statutory Code of Practice under the Data Protection Act 2018.

Privacy

Privacy Education Personal data Compliance

CNIL publishes a draft TIA guide

Data Protection Report

FEBRUARY 6, 2024

The Court of Justice of the European Union ( CJEU )’s Schrems II decision [1] clarified strict rules for personal data transfers outside of the European Union. Article 44 GDPR places restrictions on transfers of personal data outside the European Economic Area ( EEA ). When is a TIA required?

GDPR

GDPR Personal data Compliance IT

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

DLA Piper Privacy Matters

MARCH 4, 2021

In contrast, only 70 valid data breach notifications were received under the ePrivacy Regulations and 25 notifications under the Law Enforcement Directive. Around 60% of the data breaches notified occurred in the private sector. Unauthorised disclosure of personal data continues to be the leading reason for breach notifications.

GDPR

GDPR Compliance Data breaches Marketing

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

Additionally in 2017, Connecticut passed legislation requiring that health insurers, third-party administrators, and related entities implement and maintain a comprehensive information security program with specific minimum requirements to protect insureds’ personal data. More states are sure to follow.

Insurance

Insurance Cybersecurity Data breaches Financial Services

CNIL Publishes Standard on Whistleblowing Hotlines

Hunton Privacy

DECEMBER 16, 2019

On December 10, 2019, the French Data Protection Authority (the “CNIL”) published the final version of its standard (“Referential”) concerning the processing of personal data in the context of whistleblowing hotlines. The Referential sets a single set of data protection rules that cover all these whistleblowing systems.

Personal data

Personal data GDPR Compliance Privacy

Weekly podcast: German data breach, poor passwords, Marriott, NHS Digital and Patch Tuesday

IT Governance

JANUARY 10, 2019

This week, we discuss a high-profile German data breach, the top worst passwords of 2018, the resignation of NHS Digital’s CISO, and Microsoft’s latest patches. Hello and welcome to the first IT Governance podcast of 2019 – for Friday, 11 January. If it’s not too late to say happy new year, happy new year.

Data breaches

Data breaches Passwords GDPR Personal data

Irish data protection commission fines Meta over 2021 data-scraping leak

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Trending Sources

ICO Consultation on International Data Transfer Agreement to Replace SCCs

Identity Proofing: The New Foundation for Every Digital Identity

EDPB adopts final Recommendations on Supplementary Measures

U.S. Commerce Department Proposes Expansion of Information and Communications Technology and Services Review Process

China: Navigating China episode 18: Increased scrutiny over connected car and automobile industry data from Chinese regulators, including push towards data localisation

China: Navigating China Episode 19: China’s new Data Security Law: what multinational businesses need to know

UK: ICO rules regarding the online privacy of children enter into force

CNIL publishes a draft TIA guide

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

CNIL Publishes Standard on Whistleblowing Hotlines

Weekly podcast: German data breach, poor passwords, Marriott, NHS Digital and Patch Tuesday

Stay Connected