On March 21, 2020, the data security provisions of New York’s Stop Hacks and Improve Electronic Data Security Act went into effect. The SHIELD Act requires any person or business owning or licensing computerized data that includes the private information of a resident of New York to implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of the private information.
Continue Reading
Information Security
ICO Fines International Airline Cathay Pacific GBP 500,000 (Maximum Available) for Failing to Secure Customers’ Personal Data
Posted on
On March 4, 2020, the UK Information Commissioner’s Office fined the international airline Cathay Pacific Airways Limited GBP 500,000 for failing to protect the security of its customers’ personal data. The fine was issued under the Data Protection Act 1998 and represents the maximum fine available under the DPA.…
Continue Reading
Provisions on the Governance of Network Information Content Ecology Goes Into Effect in China
Posted on
On March 1, 2020, the Provisions on the Governance of Network Information Content Ecology took effect. The Provisions govern China’s network information content ecology—including content producers, platforms, users, industry organizations and Departments of Cyberspace Administration. …
Continue Reading
The California Consumer Privacy Act Surfaces in Recent Data Breach Class Action Complaint
Posted on
At least one class action lawsuit has been filed that expressly references the CCPA. …
Continue Reading
SEC Publishes Cybersecurity and Resiliency Observations
Posted on
The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations recently announced the publication of a report entitled “Cybersecurity and Resiliency Observations” that summarizes the observations gleaned from OCIE’s cybersecurity examinations of broker-dealers, investment advisers, clearing agencies, national securities exchanges and other SEC registrants.…
Continue Reading
Year of the CCPA
Posted on
2019 was the “Year of the CCPA” as companies around the world worked tirelessly to comply with the California Consumer Privacy Act of 2018. …
Continue Reading
FTC Points to Three Key Changes in Its Effort to Strengthen Data Security Orders
Posted on
Posted in Information Security
In a January 6, 2020 blog post, the Director of the Federal Trade Commission’s Bureau of Consumer Protection reflected on how the FTC has taken action over the past year to strengthen its orders in data security cases.…
Continue Reading
Senate Democrats Unveil Privacy and Data Protection Framework
Posted on
Posted in Information Security, U.S. Federal Law
On November 18, 2019, the ranking members from four Senate Committees¬ (Senator Maria Cantwell (WA) from Commerce, Senator Dianne Feinstein (CA) from Judiciary, Senator Sherrod Brown (OH), and Senator Patty Murray (WA) from Health, Education, Labor and Pensions) released a set of “core principles” for federal privacy legislation. …
Continue Reading
HHS Imposes 1.6 Million Dollar Civil Penalty on Texas State Agency for Health Data Breach
Posted on
On November 7, 2019, the Office for Civil Rights of the U.S. Department of Health and Human Services announced a $1.6 million civil penalty imposed against the Texas Health and Human Services Commission for violations of HIPAA Privacy and Security Rules.…
Continue Reading
China Issues Updated Draft Amendments to Information Security Technology Specification
Posted on
Posted in Information Security, International
On October 22, 2019, the drafting group of China’s National Information Security Standardization Technology Committee released a third draft amendment to the Information Security Technology – Personal Information Security Specification.…
Continue Reading