Personal Information

India Releases Fourth Draft of Data Protection Bill

Posted on November 22, 2022

Kochhar & Co. reports that, on November 18, 2022, the Government of India released the long-awaited fourth draft of India’s proposed privacy law, now renamed the Digital Personal Data Protection Bill. …
Continue Reading India Releases Fourth Draft of Data Protection Bill

FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule

Posted on November 18, 2022

Posted in Financial Privacy, Information Security, U.S. Federal Law

On November 15, 2022, the Federal Trade Commission announced a six-month extension for companies to comply with certain updated requirements of the Gramm-Leach-Bliley Act’s Safeguards Rule, a set of data security provisions covered financial institutions must implement to protect their customers’ personal information.
Continue Reading FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule

Pennsylvania Amends Breach Notification Law

Posted on November 14, 2022

Posted in Health Privacy, Information Security, Online Privacy, Security Breach, U.S. State Law

On November 3, 2022, Pennsylvania Governor Tom Wolf singed Senate Bill 636 into law, amending Pennsylvania’s breach notification law.
Continue Reading Pennsylvania Amends Breach Notification Law

CPPA Releases New Modified Proposed CPRA Regulations

Posted on November 7, 2022

Posted in Enforcement, Online Privacy, U.S. State Law

On November 3, 2022, the California Privacy Protection Agency released new modified proposed California Privacy Rights Act regulations, which make updates to the draft CPRA regulations released on October 17, 2022. …
Continue Reading CPPA Releases New Modified Proposed CPRA Regulations

FTC Takes Action Against Chegg for Alleged Security Failures that Exposed Data of Employees and 40 Million Consumers

Posted on November 2, 2022

Posted in Cybersecurity, Information Security, Security Breach

On October 31, 2022, the Federal Trade Commission announced a proposed settlement with education technology provider Chegg in connection with the company’s alleged poor cybersecurity practices. …
Continue Reading FTC Takes Action Against Chegg for Alleged Security Failures that Exposed Data of Employees and 40 Million Consumers

FTC Takes Action Against Drizly and its CEO for Alleged Security Failures that Exposed Data of 2.5 Million Consumers

Posted on October 27, 2022

Posted in Cybersecurity, Enforcement, Information Security, Online Privacy, Security Breach

On October 24, 2022, the Federal Trade Commission announced a proposed consent order with Drizly, an online alcohol ordering and delivery service, and the company’s CEO, for the company’s alleged failure to maintain appropriate security safeguards that led to a data breach that affected 2.5 million consumers’ personal information. …
Continue Reading FTC Takes Action Against Drizly and its CEO for Alleged Security Failures that Exposed Data of 2.5 Million Consumers

Basic Security Requirements for Smartphone Pre-installed Apps in China

Posted on October 26, 2022

Posted in Information Security, International

TC260 of China recently issued the Information Security Technology-Basic Security Requirements for Pre-installed App of Smartphones for public comments ending December 6, 2022.
Continue Reading Basic Security Requirements for Smartphone Pre-installed Apps in China

New York Attorney General Fines E-Commerce Parent Company for Failing to Properly Handle a Data Breach

Posted on October 19, 2022

Posted in Cybersecurity, Information Security, Security Breach

On October 12, 2022, New York Attorney General Letitia James announced that her office had secured a $1.9 million penalty from e-commerce retailer Zoetop, owner of SHEIN and ROMWE, following an improperly handled data breach.
Continue Reading New York Attorney General Fines E-Commerce Parent Company for Failing to Properly Handle a Data Breach

CPPA Releases Modified Proposed CPRA Regulations

Posted on October 18, 2022

Posted in Online Privacy, U.S. State Law

On October 17, 2022, the California Privacy Protection Agency released modified proposed regulations for compliance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 along with an explanation of the modifications as materials for upcoming CPPA Board Meetings. …
Continue Reading CPPA Releases Modified Proposed CPRA Regulations

FTC Extends Deadline for Comments on Commercial Surveillance and Data Security Advanced Notice of Proposed Rulemaking

Posted on October 18, 2022

Posted in Information Security, Online Privacy, U.S. Federal Law

On October 14, 2022, the Federal Trade Commission announced it is extending the deadline by one month to submit comments on its Advanced Notice of Proposed Rulemaking on commercial surveillance and lax data security practices.
Continue Reading FTC Extends Deadline for Comments on Commercial Surveillance and Data Security Advanced Notice of Proposed Rulemaking

Menu

Privacy & Information Security Law Blog