Financial Services, Government, Personal data and Sales

CFPB’s Proposed Data Rules

Schneier on Security

JANUARY 31, 2024

In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. This would change the economics of consumer finance and the illicit data economy that exists today.

Financial Services

Financial Services Privacy Personal data Marketing

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

The Last Watchdog

FEBRUARY 25, 2019

I recently discussed this with Chris Curcio, vice-president of channel sales at Optimal IdM, a Tampa, Fla.-based based supplier of identity access management (IAM) systems, which recently announced a partnership with Omada, a Copenhagen-based provider of identity governance administration (IGA) solutions. It’s not for lack of trying.

Access

Access Government Authentication Data breaches

Catches of the Month: Phishing Scams for October 2023

IT Governance

OCTOBER 13, 2023

EvilProxy phishing campaign targets Microsoft 365 accounts via indeed.com A phishing campaign identified by Menlo Security has been targeting senior executives in various industries – most notably banking and financial services, property management and real estate, and manufacturing – since July. Can you spot a phishing scam?

Phishing

Phishing Financial Services Manufacturing Personal data

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

The proposed definition of “listed identifier” is Full or truncated government identification or account number (such as a Social Security Number, driver’s license or state identification number, passport number, or Alien Registration Number) [Note that this definition apparently includes truncated Social Security Numbers.]

Access

Access Military Compliance Personal data

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

On 25 November 2020, the European Commission ( EC ) published its proposed Data Governance Regulation (the DGR ), which will create a new legal framework to encourage the development of a European single market for data. What are the objectives of the Data Governance Regulation?

Government

Government Personal data Marketing Artificial Intelligence

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Compromised information includes patients’ personal data, health and medical records, financial data, internal emails and software source code.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

IT Governance

JULY 31, 2019

Croatian government targeted by mysterious hackers (unknown). Chinese job recruiting site hacked, with CVs for sale on dark web (160,000). Department of Health Services email hacked exposing patient data (14,591). LaPorte, Indiana, government pays $132 after its systems crippled by ransomware (unknown).

Data breaches

Data breaches Ransomware Personal data Government

Keeping Customer Data Safe: AI's Privacy Paradox

Thales Cloud Protection & Licensing

MARCH 14, 2024

Putting Personal Data at Risk The results were not all positive, however. The Thales study highlighted how nearly six out of ten (57%) of global consumers were anxious that brands using generative AI would be putting their personal data at risk.

Privacy

Privacy Data Privacy Analytics Risk

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight Data scraping site taken offline after billions of Discord users’ messages offered for sale A data scraping website called Spy.pet has been taken offline after harvesting more than 4 billion messages made by almost 630 million Discord users and offering them for sale.

Data Privacy

Data Privacy Privacy Manufacturing Security

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

Glosbe dictionary exposes almost 7 million records The multilingual online dictionary Glosbe left a MongoDB instance unsecured last year, exposing nearly 7 million users’ information, including personal data, encrypted passwords and social media identifiers. Data breached: 6,935,412 individuals’ data. Data breached: 6.9

Data Privacy

Data Privacy Privacy Security Data breaches

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Instead the PIPL is a robust data privacy framework designed to safeguard individuals’ personal data against abuse, but at the same time to reflect cultural and business attitudes to data in China, as well as new technologies (including advances in AI, biometrics and data analytics), and to enable flows of personal data.

Data Privacy

Data Privacy Privacy Compliance Analytics

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. Some consider that cookies in the context of adtech could be considered a “sale”, therefore triggering the rules under the CCPA.

Privacy

Privacy GDPR Data breaches Risk

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

In the UK, the Information Commissioner’s Office (ICO) has been very outspoken on the ad tech industry’s use of special category personal data and onwards data sharing without explicit consent. Some consider that cookies in the context of adtech could be considered a “sale”, therefore triggering the rules under the CCPA.

Privacy

Privacy GDPR Data breaches Risk

California Consumer Privacy Act: The Challenge Ahead — Introduction to Hogan Lovells’ Blog Series

HL Chronicle of Data Protection

SEPTEMBER 12, 2018

Effective immediately, the CCPA preempts local laws regulating the collection and sale of consumer personal information by businesses. provide additional CCPA analyses and reports. Immediate preemptive effect. Removal of Attorney General review/approval of private actions.

Privacy

Privacy Compliance GDPR Data breaches

Information Management Today

CFPB’s Proposed Data Rules

MY TAKE: Identity ‘access’ and ‘governance’ tech converge to meet data protection challenges

Webinars

Trending Sources

Catches of the Month: Phishing Scams for October 2023

Webinars

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

List of data breaches and cyber attacks in July 2019 – 2.2 billion records leaked

Keeping Customer Data Safe: AI's Privacy Paradox

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

The Privacy Officers’ New Year’s Resolutions

The Privacy Officers’ New Year’s Resolutions

California Consumer Privacy Act: The Challenge Ahead — Introduction to Hogan Lovells’ Blog Series

Stay Connected