Archives: Information Security

Subscribe to Information Security RSS Feed

FTC Launches Data Security Initiative

On June 30, 2015, the Federal Trade Commission announced its new "Start With Security" initiative, which will provide businesses with information on data security and how to protect consumer information.… Continue Reading

PCI Security Standards Council Releases Enhanced Validation Requirements for Designated Entities as PCI DSS Version 3.0 Set to Retire

The PCI Security Standards Council recently published a set of enhanced validation procedures designed to provide greater assurance that certain entities are maintaining compliance with the PCI Data Security Standard effectively and on a continuing basis. In addition, on July 1, 2015, PCI Data Security Standard Version 3.0 is being retired and the controls previously designated by Version 3.0 as best practices will become mandatory.… Continue Reading

Florida Passes Drone Surveillance Bill Requiring Individual Consent

On April 28, 2015, the Florida House of Representatives passed a bill (SB 766) that prohibits businesses and government agencies from using drones to conduct surveillance by capturing images of private real property or individuals on such property without valid written consent under circumstances where a reasonable expectation of privacy exists.… Continue Reading

Data Security Act Introduced in New York State Assembly

On April 8, 2015, a New York Assemblyman introduced the Data Security Act in the New York State Assembly that would require New York businesses to implement and maintain information security safeguards. The Data Security Act also expands the scope of New York’s breach notification law.… Continue Reading

Privacy Group Requests D.C. Circuit Review Regarding Lack of Privacy Rules in the FAA’s Proposed Drone Regulations

On March 31, 2015, the Electronic Privacy Information Center (“EPIC”) filed a petition (the “Petition”) with the U.S. Court of Appeals for the District of Columbia Circuit accusing the Department of Transportation’s Federal Aviation Administration (“FAA”) of unlawfully failing to include privacy rules in the FAA’s proposed framework of regulations for unmanned aircraft systems (“UAS”), … Continue Reading

FTC Reaches Settlement in First Enforcement Action Against a Retail Tracking Company

On April 23, 2015, the Federal Trade Commission announced that Nomi Technologies has agreed to settle charges stemming from allegations that the company misled consumers with respect to their ability to opt out of the company's mobile device tracking service at retail locations. The settlement marks the FTC's first Section 5 enforcement action against a company that provides tracking services at retailers.… Continue Reading

FCC Joins Asia Pacific Privacy Forum

On April 15, 2015, the Federal Communications Commission announced that it has joined the Asia Pacific Privacy Authorities, the principal forum for privacy authorities in the Asia-Pacific Region.… Continue Reading

Two Wyoming Bills Amending the State’s Breach Notification Statute Are Headed to the Governor

On February 23, 2015, the Wyoming Senate approved a bill that adds data elements to the definition of "personal identifying information" in the state's data breach notification statute. The Wyoming Senate also agreed with amendments proposed by the Wyoming House of Representatives to another bill that adds content requirements to the notice that breached entities must send affected Wyoming residents. … Continue Reading

FTC Releases Report on Internet of Things

On January 27, 2015, the Federal Trade Commission announced the release of a report on the Internet of Things that describes the current state of the Internet of Things, analyzes the benefits and risks of its development, applies privacy principles to the Internet of Things and discusses whether legislation is needed to address this burgeoning area.… Continue Reading
LexBlog