On April 9, 2019, the UK Information Commissioner’s Office levied one of its most significant fines under the Data Protection Act 1998 against Bounty (UK) Limited.
Continue Reading
Privacy Policy
Nigeria Issues New Data Protection Regulation
Posted on
Nigeria’s National Information Technology Development Agency recently issued the Nigeria Data Protection Regulation 2019. This blog entry provides key elements of the Regulation.…
Continue Reading
SEC Fines Broker-Dealer $1 Million in First Enforcement Action Under Identity Theft Rule
Posted on
Posted in Enforcement, Identity Theft
On September 26, 2018, the SEC announced a settlement with Voya Financial Advisers, Inc., a registered investment advisor and broker-dealer, for violating Regulation S-ID, as well as Regulation S-P. Together, Regulations S-ID and S-P are designed to require covered entities to help protect customers from the risk of identity theft and to safeguard confidential customer information. The settlement represents the first SEC enforcement action brought under Regulation S-ID.…
Continue Reading
Apple to Require Privacy Policies for All New Apps and App Updates
Posted on
Posted in Online Privacy
On August 30, 2018, Apple announced a June update to its App Store Review Guidelines that will require each developer to provide its privacy policy as part of the app review process and include in such policy specific content requirements. Effective October 3, 2018, all new apps and app updates must include a link to the developer’s privacy policy before they can be submitted for distribution to users through the App Store or through TestFlight external testing. …
Continue Reading
FTC Asks Whether to Expand Enforcement Power Over Corporate Privacy Practices
Posted on
Posted in Information Security, U.S. Federal Law
On August 6, 2018, the Federal Trade Commission published a notice seeking public comment on whether the Commission should expand its enforcement power over corporate privacy and data security practices.…
Continue Reading
National Standard on Personal Information Security Goes into Effect in China
Posted on
Posted in Information Security, Online Privacy
On May 1, 2018, the Information Security Technology – Personal Information Security Specification went into effect in China. The Specification should be taken seriously as a best practice in personal data protection in China, and should be complied with where feasible.…
Continue Reading
FTC Recommends Steps to Improve Mobile Device Security Update Practices
Posted on
Posted in Information Security
On February 28, 2018, the Federal Trade Commission issued a report, titled Mobile Security Updates: Understanding the Issues, that analyzes the process by which mobile devices sold in the U.S. receive security updates and provides recommendations for improvement.…
Continue Reading
China Releases National Standard on Personal Information Security
Posted on
On January 25, 2018, the Standardization Administration of China published the full text of the Information Security Technology – Personal Information Security Specification.…
Continue Reading
Nevada Enacts Website Privacy Notice Law
Posted on
Posted in Online Privacy, U.S. State Law
Recently, Nevada enacted an online privacy policy law which will require operators of websites and online services to post a notice on their website regarding their privacy practices. Nevada is the third state to enact legislation requiring website operators to post a public privacy notice, following California (enacted in 2004) and Delaware (enacted in 2016). …
Continue Reading
FCC Adopts Broadband Consumer Privacy Rules
Posted on
On October 27, 2016, the Federal Communications Commission announced the adoption of rules that require broadband Internet Service Providers to take steps to protect consumer privacy. …
Continue Reading