Privacy: Several States Consider New Laws

Data Breach Today

After California Takes Bold Action, Other States Ponder Privacy Protection Measures Several U.S. states are considering new legislation to shore up consumer data privacy laws in the wake of California passing strict privacy requirements last year.

Create an Airtight Privacy Program: Manage Privacy and Retention Together


Privacy is more of a priority than ever. The key to a successful privacy program is to manage your information throughout its lifecycle with strong governance rooted in policy. Manage privacy and retention together.

Consumer Privacy: Reasons for Optimism As Well As Concern

Data Breach Today

ACLU's Jon Callas Briefs RSA Conference on Evolution of Privacy Discussion At the start of RSA Conference 2019, Jon Callas of the ACLU discusses how attitudes toward privacy continue to evolve and why the general tenor of the conversation is not as bad as some headlines suggest

Ireland's Privacy Watchdog Probes Facebook Data Breaches

Data Breach Today

Million Users' Private Photos Exposed, Triggering GDPR Investigation Ireland's privacy watchdog is probing data breaches at Facebook that exposed users' private data.

Privacy and Security: Finding the Balance

Data Breach Today

In the past, the relationship between cybersecurity and privacy has been uneasy and even ill-defined. But today, in the post-GDPR era, the relationship is clear, and so is the legal and compliance path forward, says David Ruiz of Malwarebytes

Congress Scrutinizes Facebook Health Data Privacy Complaint

Data Breach Today

Committee Demands Answers About Consumers' Complaint Filed With FTC A Congressional committee is demanding Facebook provide answers concerning a complaint filed with the FTC alleging misleading privacy practices involving personal health information.

UK Parliament Seizes Internal Facebook Privacy Documents

Data Breach Today

court documents to reveal internal Facebook discussions about data security and privacy controls, as Parliament probes Facebook and other social media firms, as well as Russian interference and fake news

Judging Facebook's Privacy Shift

Schneier on Security

Facebook is making a new and stronger commitment to privacy. There is ample reason to question Zuckerberg's pronouncement: The company has made -- and broken -- many privacy promises over the years. Better -- and more usable -- privacy options. How Facebook manages for privacy.

The Gap Between Mobile Apps and Privacy

Data Breach Today

That's why we're faced with a yawning gap between user expectations and true privacy. Why Are Users Surprised by Data Slurping? Why are we surprised about the amount and sensitivity of data that mobile apps collect? The online industry has never been forthright about it. And it's why Facebook, Google, Apple and others many questions to answer

Report: Facebook Faces Multibillion Dollar US Privacy Fine

Data Breach Today

FTC and Social Network Are Negotiating Record Penalty, Washington Post Reports The Federal Trade Commission is reportedly negotiating a settlement with Facebook that includes a multibillion dollar fine for its privacy failures.

Opioid Crisis Raises Tough Privacy Issues

Data Breach Today

The Ultimate Online Privacy Guide

IG Guru

Written by Douglas Crawford Introduction Edward Snowden’s NSA spying revelations highlighted just how much we have sacrificed to the gods of technology and convenience something we used to take for granted, and once considered a basic human right – our privacy.

Does the Colorado Data Privacy Law Affect You?


When a strengthened Colorado data privacy law took effect on September 1, 2018, the state joined others (including California and Massachusetts) in becoming more proactive on data protection by passing laws aimed at safeguarding consumer data. The Colorado Data Privacy Law in a Nutshell.

The Privacy Penalty for Voting in America

Data Breach Today

States Shouldn't Serve Up on a Platter Voters' Email Addresses and Phone Numbers Voting in the United States carries a huge privacy cost: states give away or sell voters' personal information to anyone who wants it. In this era of content micro-targeting, rampant misinformation and identity theft schemes, this trade in voters' personal data is both dangerous and irresponsible

The Latest Privacy, Security Legislative Developments

Data Breach Today

Meanwhile, the Center for Democracy & Technology has drafted a model for a broad national privacy bill

Facebook Breach: Attackers Exploited Privacy Feature

Data Breach Today

Attackers Hacked Three Separate Bugs to Breach 50 Million Accounts Facebook says that whoever hacked 50 million user accounts, putting the privacy of those users' personal data at risk, did so by abusing its "View As" privacy feature. Facebook says the attack successfully targeted three separate bugs in its video-uploading functionality

GDPR: The Global Impact on Privacy

Data Breach Today

Richard Henderson of Infosec Global Sizes Up the EU Law's Influence So Far Richard Henderson of Infosec Global discusses the impact of the European Union's General Data Protection Regulation and how the law is influencing privacy frameworks globally

GDPR 171

Facebook Slammed With Maximum UK Privacy Fine

Data Breach Today

Failings Leading to Cambridge Analytica Scandal Earn Sharp Rebuke From Regulator Facebook has been slammed with the maximum possible fine under U.K.



“Alphabet, Apple Prodded On Privacy,” The Wall Street Journal , July 10, 2018 A3. Security Privacy Information Ownership Governance Policy Definition Duty of Care Controls Third parties Internal controls Access Duty Corporation TechnologyCongress asks how Google and Apple use “your” information, such as what you say and write and where you are. Which is more interesting, the questions or the answers?

Mergers & Acquisitions: Privacy and Security Considerations

Data Breach Today

How do data privacy and security matters affect organizations that are contemplating a merger or acquisition? Attorney Iliana Peters offers insights into cybersecurity, data breach and compliance issues that can potentially doom a deal

Facebook’s Privacy Constitution

Adam Shostack

Bruce Schneier and I wrote an article on Facebook’s privacy changes: “ A New Privacy Constitution for Facebook.” ” Doing it Differently privacy

Facebook's New Privacy Hires

Schneier on Security

The Wired headline sums it up nicely -- " Facebook Hires Up Three of Its Biggest Privacy Critics ": In December, Facebook hired Nathan White away from the digital rights nonprofit Access Now, and put him in the role of privacy policy manager. employment facebook privacy

Government Shutdown: Impact on Health Data Security, Privacy

Data Breach Today

HIPAA Enforcement Agency Open, But Regulatory Activity Slows Down Some regulatory activity related to health data privacy and security is on hold as a result of the partial government shutdown.

The 2019 Health Data Privacy Regulatory Outlook

Data Breach Today

Privacy attorney David Holtzman pinpoints three key issues to watch Attorney David Holtzman Highlights Three Issues to Track What are the top regulatory trends to look for in the healthcare sector in 2019?

Trends 123

Facebook Gets Its First Real Privacy Penalty - From Apple

Data Breach Today

Apple's Privacy Warning to Facebook: We Can Break You Apple's conflict with Facebook this week resulted in the most effective and quickest punishment the social network has ever received over a privacy issue. But should a multi-billion dollar tech company like Apple be picking up the slack for the digital privacy enforcement failures of governments

Privacy for Tigers

Schneier on Security

Privacy matters for tigers, for snow leopards, for elephants and rhinos ­ and even for tortoises and sharks. datacollection naturalsecurity privacyRoss Anderson has some new work : As mobile phone masts went up across the world's jungles, savannas and mountains, so did poaching.

White Paper: 4 Ways to Avoid Privacy Whack-a-Mole with Privacy Awareness Training


If you’re trying to keep your company up to date with changing privacy requirements, you may feel like you’re playing a never-ending game of whack-a-mole. As you work to whack one privacy regulation back into its hole, up pops another. Avoiding Privacy Whack-a-Mole.

Privacy Is Paramount in a Digital Workplace


IT contributes technological solutions for data protection, from firewalls to virus protection, while IG professionals contribute their knowledge of the stored data and its location — which is vital for compliance with these new privacy laws.

Update: NIST Preparing Privacy Framework

Data Breach Today

Building on the success of the NIST Cybersecurity Framework, the National Institute of Standards and Technology is in the early stages of developing a privacy framework. The effort will kick off with a workshop Tuesday in Austin, Texas, explains Naomi Lefkovitz, who is leading the project

NIST Announces Privacy Framework Effort

Privacy and Cybersecurity Law

Department of Commerce’s National Institute of Standards and Technology (NIST) announced the start of a collaborative project to develop a voluntary privacy framework to help organizations manage privacy related risk. On September 4, 2018, the U.S.

Automotive Privacy

Adam Shostack

[Update: clarified a sentence about whose privacy is touched, and where.]. When we did a privacy threat model at the Seattle Privacy Coalition, we found these issues. personal security privacy surveillance

California's New Privacy Law: It's Almost GDPR in the US

Data Breach Today

But Tech Giants are Taking Aim at the Law, Which Can Be Amended Until 2020 California's legislature has quickly introduced and passed new privacy legislation, making the state's laws the strongest in the U.S.

GDPR 215

Privacy Regulations Needed for Next-Gen Cars


Government Hacks IoT Privacy Vulnerabilities connected cars data privacy law Data Regulations federal privacy lawWith wide deployment expected in the next decade, the driverless automobile landscape looks fraught – from road safety to data protection.

Equifax Hit With Maximum UK Privacy Fine After Mega-Breach

Data Breach Today

Multiple Failures' Cited as Watchdog Levies Maximum Possible Pre-GDPR Fine Credit bureau Equifax has been hit with the maximum possible fine under U.K.

What's Ahead for Health Data Privacy, Security in 2019?

Data Breach Today

Consultant Rebecca Herold Offers Predictions for the Coming Year This was an eventful year for healthcare cybersecurity and privacy incidents and developments. Here are eight predictions from privacy and security expert Rebecca Herold But what's ahead for 2019?

OCR Considering HIPAA Privacy Rule, Enforcement Changes

Data Breach Today

But Agency Will Seek Public Input First Federal regulators are considering potential changes to HIPAA privacy rule and enforcement regulations, but aim to first engage the healthcare sector and public for input, says the nation's top HIPAA enforcer.

Puzzling Health Dept. Privacy Incident Exposes HIV Data

Data Breach Today

Thousands of Individuals' Data Was Allegedly Accessible to All Agency Workers An incident involving an unsecured database containing information about thousands of HIV/AIDS patients in Tennessee is shining a spotlight on privacy risks involving sensitive health data

Yet Another Twist in Messy Aetna Privacy Breach Case

Data Breach Today

Health Insurer Sues Organizations That Represented HIV Patients in Earlier Privacy Dispute A messy legal case involving a 2017 privacy breach that has already cost Aetna about $20 million in settlements has taken yet another twist.

How DNA Databases Violate Everyone's Privacy

Schneier on Security

academicpapers databases dna privacyIf you're an American of European descent, there's a 60% you can be uniquely identified by public information in DNA databases. This is not information that you have made public; this is information your relatives have made public.

Why California's New Privacy Law is a 'Whole New Ballgame'

Data Breach Today

While California already had some of the strictest and most varied privacy laws in the country, the new California Consumer Privacy Act of 2018 "is a whole new ballgame," says privacy attorney Kirk Nahra, who explains why