On March 9, 2022, the Securities and Exchange Commission held an open meeting and proposed new cybersecurity disclosure rules for public companies by a 3-1 vote.
Continue Reading SEC Proposes Cybersecurity Rules for Public Companies
Privacy Policy
Apple and Google Announce Effective Dates of New Mobile App Privacy Requirements
Posted on
Posted in Information Security, Online Privacy
Beginning in 2022, Apple and Google will impose new privacy requirements on mobile apps available for download in the Apple App Store and Google Play Store.
Continue Reading Apple and Google Announce Effective Dates of New Mobile App Privacy Requirements
CCPA’s Metrics Reporting Deadline Approaching
Posted on
Posted in Information Security, U.S. State Law
July 1, 2021 marks the deadline for certain businesses to comply with the metrics reporting obligations under the California Consumer Privacy Act of 2018 regulations.
Continue Reading CCPA’s Metrics Reporting Deadline Approaching
Dating Apps Warned of Potential COPPA and FTC Act Violations Removed from App Stores
Posted on
Posted in Children’s Privacy, U.S. Federal Law
On May 6, 2019, the FTC announced that three dating apps were removed from the Apple App Store and Google Play Store following an FTC letter alleging that the apps potentially violated the Children’s Online Privacy Protection Act and the Federal Trade Commission Act. …
Continue Reading Dating Apps Warned of Potential COPPA and FTC Act Violations Removed from App Stores
ICO Issues GBP 400,000 Fine for Illegal Collection and Sharing of Personal Data
Posted on
On April 9, 2019, the UK Information Commissioner’s Office levied one of its most significant fines under the Data Protection Act 1998 against Bounty (UK) Limited. …
Continue Reading ICO Issues GBP 400,000 Fine for Illegal Collection and Sharing of Personal Data
Nigeria Issues New Data Protection Regulation
Posted on
Nigeria’s National Information Technology Development Agency recently issued the Nigeria Data Protection Regulation 2019. This blog entry provides key elements of the Regulation.
Continue Reading Nigeria Issues New Data Protection Regulation
SEC Fines Broker-Dealer $1 Million in First Enforcement Action Under Identity Theft Rule
Posted on
Posted in Enforcement, Identity Theft
On September 26, 2018, the SEC announced a settlement with Voya Financial Advisers, Inc., a registered investment advisor and broker-dealer, for violating Regulation S-ID, as well as Regulation S-P. Together, Regulations S-ID and S-P are designed to require covered entities to help protect customers from the risk of identity theft and to safeguard confidential customer information. The settlement represents the first SEC enforcement action brought under Regulation S-ID.
Continue Reading SEC Fines Broker-Dealer $1 Million in First Enforcement Action Under Identity Theft Rule
Apple to Require Privacy Policies for All New Apps and App Updates
Posted on
Posted in Online Privacy
On August 30, 2018, Apple announced a June update to its App Store Review Guidelines that will require each developer to provide its privacy policy as part of the app review process and include in such policy specific content requirements. Effective October 3, 2018, all new apps and app updates must include a link to the developer’s privacy policy before they can be submitted for distribution to users through the App Store or through TestFlight external testing. …
Continue Reading Apple to Require Privacy Policies for All New Apps and App Updates
FTC Asks Whether to Expand Enforcement Power Over Corporate Privacy Practices
Posted on
Posted in Information Security, U.S. Federal Law
On August 6, 2018, the Federal Trade Commission published a notice seeking public comment on whether the Commission should expand its enforcement power over corporate privacy and data security practices.
Continue Reading FTC Asks Whether to Expand Enforcement Power Over Corporate Privacy Practices
National Standard on Personal Information Security Goes into Effect in China
Posted on
Posted in Information Security, Online Privacy
On May 1, 2018, the Information Security Technology – Personal Information Security Specification went into effect in China. The Specification should be taken seriously as a best practice in personal data protection in China, and should be complied with where feasible.
Continue Reading National Standard on Personal Information Security Goes into Effect in China