Data collection, Personal data and Sales - Information Management Today

Two FTC complaints that over-retention of personal data violates Section 5

Data Protection Report

FEBRUARY 13, 2024

In both cases, the FTC’s complaint alleged that the companies retained personal data for longer than was necessary, and that conduct violated Section 5 of the Federal Trade Commission Act as an unfair act or practice. Under the proposed consent orders, both companies do not confirm or deny the allegations. Complaint at ¶¶ 18-19).

Personal data

Personal data Privacy Marketing Data collection

New York Legislature Considers New York Child Data Privacy and Protection Act

Hunton Privacy

OCTOBER 25, 2022

The bill, which resembles the recently passed California Age-Appropriate Design Code Act , bans certain data collection and targeted advertising and requires data controllers to, among other obligations, assess the impact of their products on children.

Data Privacy

Data Privacy Privacy Personal data Sales

Florida Comprehensive State Privacy Law Sent to Governor for Signature

Hunton Privacy

MAY 17, 2023

Enforcement The FDBR would provide for enforcement by the Florida Department of Legal Affairs, civil penalties of up to $50,000 per violation, and tripled penalties for certain violations, such as those involving a known child.

Privacy

Privacy Personal data Sales Government

Connecticut Makes Five: The Constitution State Enacts Broad Data Privacy Law Effective July 2023

Data Matters

JUNE 22, 2022

Carves out personal data processed solely for payments from definition of persons subject to the law – Persons subject to the law are defined with reference to the volume of data processed about Connecticut residents, as we have seen in other laws. Data in Scope – The Majority Approach.

Data Privacy

Data Privacy Privacy Personal data Sales

UK Tribunal Rules on Direct Marketing ICO Case Against Experian

Hunton Privacy

FEBRUARY 23, 2023

On February 20, 2023, in the case of Experian Limited v The Information Commissioner , the First-Tier Tribunal in the UK (the “ Tribunal ”) ruled on the ICO’s action to require Experian to make changes to how it processes personal data for direct marketing purposes.

Marketing

Marketing Personal data GDPR Privacy

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

Phishers also use to share stolen personal data with their subscribers. “Malicious actors offer “premium” phishing and scam pages for sale. User personal data for sale. Crooks offers data collected through phishing campaign to the subscribers. ” continues the report.

Phishing

Phishing Sales Archiving Personal data

Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again

Security Affairs

JULY 12, 2021

Researchers from Cyber News Team have spotted threat actors offering for sale 600 million LinkedIn profiles scraped from the platform, again. For the third time in the past four months, LinkedIn seems to have experienced another massive data scrape conducted by a malicious actor. Original post: [link].

Archiving

Archiving Passwords Data collection Sales

EU Council Presidency Releases Revised Draft of ePrivacy Regulation

Hunton Privacy

OCTOBER 21, 2019

On October 4, 2019, the Presidency of the European Council published its revised text (the “Revised Draft”) of the Proposal for a Regulation Concerning the Respect for Private Life and the Protection of Personal Data in Electronic Communications (the “Draft ePrivacy Regulation”).

GDPR

GDPR Personal data Data collection Sales

CHINA: Important new risks and practical guidance on China data protection, data security, e-commerce and online platform compliance

DLA Piper Privacy Matters

NOVEMBER 16, 2021

The draft Network Data Security Management Regulation (“ Draft Regulation ”) was published for consultation on 14 November 2021, and is very wide-ranging in the compliance areas covered. Time to respond to DSRs: data controllers must respond to data subject requests within 15 working days (as compared to 30 days previously).

Compliance

Compliance Personal data Security Risk

Freshly scraped LinkedIn data of 88,000 US business owners shared online

Security Affairs

JULY 1, 2021

About a week after scraped data from more than 700 million LinkedIn profiles were put for sale online , it seems that threat actors have no intention of stopping their abuse of the social media platform’s scrape-friendly systems. Our teams have investigated a set of alleged LinkedIn data that has been posted for sale.

Data breaches

Data breaches Sales Data collection Libraries

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One cannot overstate the importance of data privacy for businesses today.

Data Privacy

Data Privacy Privacy GDPR Personal data

Another fine for over-retention of data

Data Protection Report

APRIL 7, 2022

A third regulator has recently entered into a proposed consent that includes a $500,000 fine based in part on a company’s over-retention of personal data for longer than it was needed. The first regulator was the French data protection authority, the CNIL, in 2021, which we wrote about here.

Privacy

Privacy Compliance Insurance Data collection

5 Topics CCPA-Compliant Privacy Awareness Training Needs to Cover

KnowBe4

SEPTEMBER 16, 2019

It’s imperative to be prepared: the law will regulate the use and disclosure of personal information of nearly 40 million consumers, and is expected to affect more than 500,000 companies across the U.S. Biometric data (thumbprint scans). Geolocation data (location data collected from a personal fitness app).

Privacy

Privacy Personal data Compliance Data collection

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Instead the PIPL is a robust data privacy framework designed to safeguard individuals’ personal data against abuse, but at the same time to reflect cultural and business attitudes to data in China, as well as new technologies (including advances in AI, biometrics and data analytics), and to enable flows of personal data.

Data Privacy

Data Privacy Privacy Compliance Analytics

Privacy in an open-data world: Why government agencies need to be proactive

Collibra

JUNE 23, 2023

As more of our interactions and transactions occur online, the need for robust data protection measures becomes increasingly critical to safeguard personal data and maintain public trust in government institutions. There’s no going back.

Privacy

Privacy Government Data Privacy Data breaches

In California, Data Privacy Foresight is 2020: Data Privacy Trends

eDiscovery Daily

JULY 5, 2018

The bill requires companies to disclose personal data collected when a consumer requests it, up to two times a year, and to delete and stop selling the personal information to third parties upon request.

Data Privacy

Data Privacy Privacy Sales Data collection

How to Take Your Business to The Next Level with Data Intelligence

erwin

JUNE 11, 2020

Big IT companies even have off-the-shelf data analytics software ready to be configured by a company to their needs. Apply real-time data in marketing strategies. Real-time data analytics can be used by businesses to better meet customer needs as it arises and improve customer satisfaction. Data quality management.

Analytics

Analytics Blockchain Artificial Intelligence Big data

Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world

Security Affairs

JANUARY 27, 2020

According to Group-IB’s data, the suspects have managed to infect hundreds of websites in various locations, including in Indonesia, Australia, the United Kingdom, the United States, Germany, Brazil, and some other countries. Payment and personal data of thousands of online shoppers from Asia, Europe, and the Americas have been stolen.

e-Discovery

e-Discovery Personal data Marketing Cybersecurity

Top 5 Application Security Tools & Software for 2023

eSecurity Planet

MAY 19, 2023

Their main purpose is to protect applications from unauthorized access, data breaches, and malicious attacks. These tools play a vital role in ensuring the security, integrity, and confidentiality of sensitive information, such as personal data and financial records. Additionally, you can take advantage of a 14-day free trial.

Security

Security Cloud Compliance Risk

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Right to Prevent or “Opt Out” of the Sale of Personal Information.

GDPR

GDPR Privacy Sales Data breaches

Online market for counterfeit goods in Russia has reached $1,5 billion

Security Affairs

OCTOBER 15, 2018

Group-IB, an international company that specialises in the prevention of cyber attacks, has estimated that online sales of counterfeit goods are now worth $1.5 GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC.

Marketing

Marketing Phishing Retail Cybersecurity

Senate Commerce Committee Broadens Data Broker Investigation

Hunton Privacy

SEPTEMBER 27, 2013

On September 25, 2013, Senator Jay Rockefeller (D-WV), Chair of the Senate Committee on Commerce, Science and Transportation, expanded his investigation of the data broker industry by asking twelve popular health and personal finance websites to answer questions about their data collection and sharing practices.

Privacy

Privacy Data collection Sales Personal data

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Right to Prevent or “Opt Out” of the Sale of Personal Information.

GDPR

GDPR Privacy Sales Data breaches

Payment data of thousands of customers of UK and US online stores could have been compromised

Security Affairs

MARCH 14, 2019

Most recent breaches similar to this include British Airways and Ticketmaster which were first analyzed by RiskIQ research team, where cybercriminals managed to compromise personal information of thousands of travelers and concert goers with a few of lines of code. FILA UK website ( fila.co [.]uk)

e-Discovery

e-Discovery CMS Marketing Data breaches

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The European Commission Fact Sheet and Q&A includes statistics that nine out of ten Europeans have expressed concern about mobile apps collecting their data without their consent, and seven out of ten worry about the potential use that companies may make of the information disclosed. Challenge #1.

GDPR

GDPR Personal data Compliance Data breaches

EU Commission Issues Recommendation on RFID, Privacy and Data Protection

Hunton Privacy

MAY 13, 2009

In summary, the recommendation provides that: Operators of RFID immediately must deactivate RFID tags automatically and free-of-charge at the point of sale, unless the consumer explicitly opts in by asking to keep the chip operational. This principle is, however, subject to exceptions.

Privacy

Privacy Data collection Sales Personal data

A Guide to CCPA Compliance and How the California Consumer Privacy Act Compares to GDPR

erwin

APRIL 18, 2019

Collects, sells or shares the personal data of 50,000 or more consumers, households or devices. Earns 50% of more of its annual revenue by selling consumers’ personal information. As the name suggests, the legislation is designed to protect the personal data of consumers who reside in the state of California.

GDPR

GDPR Compliance Privacy Personal data

First multi-million Euro GDPR fine: Google LLC fined €50 million under GDPR for transparency and consent infringements in relation to use of personal data for personalised ads

Data Protection Report

JANUARY 25, 2019

noting that Google Ireland was not described as the entity making decisions in relation to the processing in the Privacy Policy, had no Data Protection Officer of its own covering this processing, and was not stated to have been involved in the development of the Android operating system.

GDPR

GDPR Personal data Privacy Compliance

EDPB Issues Long-Awaited Guidance on Territorial Scope of the GDPR

Data Matters

NOVEMBER 30, 2018

Some key takeaways include : Not all companies that process personal data relating to individuals in the EU are necessarily subject to the GDPR. In the opinion of the EDPB, EU representatives should not take on the role of Data Protection Officer for the same controller/processor.

GDPR

GDPR Personal data Privacy Marketing

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

The Governor also signed into law a bill protecting the privacy and security of genetic data processed by direct-to-consumer genetic testing companies and a bill designed to prevent the sale, purchase and use of data obtained by illegal means. The bill uses the same definition of “genetic data” as provided for in AB-825.

Privacy

Privacy Insurance Security Data breaches

Gaining control of personal information ahead of CPRA

Collibra

JANUARY 25, 2022

The CPRA covers consumer privacy rights and related business obligations for the collection and sale of personal information. . Minimizing risks by governing sensitive data. Ensuring enterprise-wide compliant access to data. Key CPRA concepts . Section 1798.140 of CPRA covers several new or updated definitions.

Data Privacy

Data Privacy Privacy Personal data Government

EU: New EDPB Guidelines on the territorial scope of the GDPR

DLA Piper Privacy Matters

NOVEMBER 28, 2018

Under Article 3(1), the GDPR applies to “ the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not ”. However, the Guidelines do not address other key interpretive questions arising from Art.

GDPR

GDPR Personal data Sales Communications

California Consumer Privacy Act: The Challenge Ahead — Key Terms in the CCPA

HL Chronicle of Data Protection

SEPTEMBER 14, 2018

Although the CCPA does not explicitly refer to “controllers” and “processors,” which are the terms used by Europe’s General Data Protection Regulation (GDPR) to distinguish between the decision-making power for personal data processed by different types of entities, the act does define the term “service providers.” Collection.

Privacy

Privacy Sales GDPR Personal data

California Consumer Privacy Act: The Challenge Ahead – The CCPA’s Anti-Discrimination Clause

HL Chronicle of Data Protection

DECEMBER 12, 2018

Those rights include requests to access personal information, to delete information, and to opt out of the sale of personal information. Businesses may charge consumers different prices or offer different levels of service if the difference is “reasonably related to the value provided to the consumer by the consumer’s data.”

Privacy

Privacy Sales Compliance Data collection

Consumer privacy reaches the U.S. with the California Consumer Privacy Act

Thales Cloud Protection & Licensing

AUGUST 30, 2018

California’s foray into privacy came as a result of two private citizens concerned about big businesses using consumers’ personal data for profit and the potential data breaches of consumer private data resulting in political or malicious exploitation. Right to say NO to the sale of your information.

Privacy

Privacy GDPR Sales Data breaches

EDPB Clarifies Territorial Scope of the GDPR

Data Protection Report

DECEMBER 6, 2018

On November 23, 2018, the European Data Collection Board (“EDPB”) issued highly anticipated draft Guidelines (the “Guidelines”) on the territorial scope of the GDPR. The Guidelines provide some clarity around the scope and applicability of the GDPR to data Controllers and Processors both inside and outside the EU.

GDPR

GDPR Personal data Data collection Sales

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

Rather, to be covered by the VCDPA, an entity must either “(i) during a calendar year, control or process personal data of at least 100,000 consumers or (ii) control or process personal data of at least 25,000 consumers and derive over 50 percent of gross revenue from the sale of personal data.”.

Personal data

Personal data GDPR Sales Privacy

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight Data scraping site taken offline after billions of Discord users’ messages offered for sale A data scraping website called Spy.pet has been taken offline after harvesting more than 4 billion messages made by almost 630 million Discord users and offering them for sale.

Data Privacy

Data Privacy Privacy Manufacturing Security

U.S. Government Takes Aim at TikTok and WeChat Citing Privacy and Security Concerns

Hunton Privacy

AUGUST 12, 2020

In both executive orders, the President cited the need to take “aggressive action” to address the national security risks to the United States posed by the “vast” amounts of personal data collected by these applications that are – or could conceivably end up – in the possession of the applications’ Chinese owners.

Government

Government Privacy Security Data collection

Celebrating Data Privacy Day: A look at protecting your private data in a COVID-19 era

Collibra

JANUARY 28, 2022

Some data privacy laws —like the U.S. Health Insurance Portability and Accountability Act and the EU General Data Protection Regulation both outline sections that list exceptions to sharing personal data that could be applicable in the time of a pandemic. .

Data Privacy

Data Privacy Privacy Insurance Data collection

Two FTC complaints that over-retention of personal data violates Section 5

New York Legislature Considers New York Child Data Privacy and Protection Act

Trending Sources

Florida Comprehensive State Privacy Law Sent to Governor for Signature

Connecticut Makes Five: The Constitution State Enacts Broad Data Privacy Law Effective July 2023

UK Tribunal Rules on Direct Marketing ICO Case Against Experian

Phishers migrate to Telegram

Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again

EU Council Presidency Releases Revised Draft of ePrivacy Regulation

CHINA: Important new risks and practical guidance on China data protection, data security, e-commerce and online platform compliance

Freshly scraped LinkedIn data of 88,000 US business owners shared online

Data privacy examples

Another fine for over-retention of data

5 Topics CCPA-Compliant Privacy Awareness Training Needs to Cover

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Privacy in an open-data world: Why government agencies need to be proactive

In California, Data Privacy Foresight is 2020: Data Privacy Trends

How to Take Your Business to The Next Level with Data Intelligence

Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world

Top 5 Application Security Tools & Software for 2023

California Enacts Broad Privacy Laws Modeled on GDPR

Online market for counterfeit goods in Russia has reached $1,5 billion

Senate Commerce Committee Broadens Data Broker Investigation

California Enacts Broad Privacy Protections Modeled on GDPR

Payment data of thousands of customers of UK and US online stores could have been compromised

GDPR is upon us: are you ready for what comes next?

EU Commission Issues Recommendation on RFID, Privacy and Data Protection

A Guide to CCPA Compliance and How the California Consumer Privacy Act Compares to GDPR

First multi-million Euro GDPR fine: Google LLC fined €50 million under GDPR for transparency and consent infringements in relation to use of personal data for personalised ads

EDPB Issues Long-Awaited Guidance on Territorial Scope of the GDPR

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Gaining control of personal information ahead of CPRA

EU: New EDPB Guidelines on the territorial scope of the GDPR

California Consumer Privacy Act: The Challenge Ahead — Key Terms in the CCPA

California Consumer Privacy Act: The Challenge Ahead – The CCPA’s Anti-Discrimination Clause

Consumer privacy reaches the U.S. with the California Consumer Privacy Act

EDPB Clarifies Territorial Scope of the GDPR

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

U.S. Government Takes Aim at TikTok and WeChat Citing Privacy and Security Concerns

Celebrating Data Privacy Day: A look at protecting your private data in a COVID-19 era

Stay Connected