fbpx

Download free GDPR compliance checklist!

Tag Archives for " US "

Proposed Amendment to the North Carolina Identity Theft Protection Act

In April 2019, with the introduction of House Bill 904, a bi-partisan effort was made to strengthen cyber security in North Carolina.

H.B. 904 seeks to make North Carolina’s Identity Theft Protection Act one of the strongest in the nation by broadening the definition of what constitutes a data breach, what proactive steps companies and employers must take to prevent a breach of their customers or employees’ personal information, and the penalties available to victims of data breaches, among other provisions.

Source: Proposed Amendment to the North Carolina Identity Theft Protection Act | Spilman Thomas & Battle, PLLC – JDSupra

No grace period after Schrems II Privacy Shield ruling, warn EU data watchdogs

European data watchdogs have issued updated guidance in the wake of last week’s landmark ruling striking down a flagship transatlantic data transfer mechanism called Privacy Shield.

In an FAQ on the Schrems II judgement, the European Data Protection Board (EDPB) warns there will be no regulatory grace period.

Source: No grace period after Schrems II Privacy Shield ruling, warn EU data watchdogs | TechCrunch

The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation

On Tuesday, July 21, 2020, the New York Department of Financial Services (NYDFS) brought its first enforcement action under its Cybersecurity Regulation against a large title insurer for failing to protect sensitive personal information.

The NYDFS is seeking civil monetary penalties, an order requiring the Company to remedy the alleged violations, and any other relief deemed just and appropriate.

Source: The NYDFS Brings First Enforcement Action under the Cybersecurity Regulation

What Privacy Shield organizations should do in the wake of ‘Schrems II’

The Court of Justice of the European Union issued its decision in “Schrems II” Thursday, a landmark decision that invalidates the EU-U.S. Privacy Shield arrangement.

Fortunately, the CJEU did not invalidate the European Commission’s standard contractual clauses for transfers to data processors. However, the rationale behind the court’s ruling on Privacy Shield (which focused on concerns about U.S. law and practice on government surveillance) would suggest that companies will need to evaluate their use of SCCs.

So, what now?

Full article: What Privacy Shield organizations should do in the wake of ‘Schrems II’

Congress wants Apple and Google to clamp down on foreign apps

Congress is calling on Apple and Google to clamp down on apps that weren’t born in the USA.

Trump’s administration is currently mulling a complete ban of any Chinese software but, while that debate is ongoing, Congress wants the two largest mobile platform holders to begin clamping down on foreign apps in less radical ways.

Source: Congress wants Apple and Google to clamp down on foreign apps

Legal clouds gather over US cloud services, after CJEU ruling

In the wake of landmark ruling by Europe’s top court Europe’s lead data protection regulator has fired its own warning shot at the region’s data protection authorities (DPAs), essentially telling them to get on and do the job of intervening to stop people’s data flowing to third countries where it’s at risk.

In its ruling CJEU stroked down a flagship transatlantic data transfer framework called Privacy Shield, and cranking up the legal uncertainty around processing EU citizens’ data in the U.S. in the process. Now, any sense of legal certainty U.S. cloud services were deriving from the existence of the EU-U.S. Privacy Shield — with its flawed claim of data protection adequacy — has vanished.

Source: Legal clouds gather over US cloud services, after CJEU ruling | TechCrunch

CJEU Invalidates EU-U.S. Privacy Shield but SCC Remain Valid

On July 16, 2020, the Court of Justice of the European Union (the “CJEU”) issued its landmark judgment in the Schrems II case (case C-311/18).

In its judgment, the CJEU concluded that the Standard Contractual Clauses (the “SCCs”) issued by the European Commission for the transfer of personal data to data processors established outside of the EU are valid. Unexpectedly, the Court invalidated the EU-U.S. Privacy Shield framework.

Source: Schrems II: CJEU Invalidates EU-U.S. Privacy Shield but SCC Remain Valid

The FBI Is Secretly Using A $2 Billion Travel Company As A Global Surveillance Tool

An unprecedented order on a huge travel company reveals how the FBI tracks suspects around the world.

As the biggest of three companies that store the vast majority of the world’s travel information—from airline seats to hotel bookings — Sabre has been called on to hand over that travellers’ data and, on at least one occasion, do “real-time” tracking of a suspect. And, say former employees, the same powerful trove of information could be used to help monitor the spread of the Covid-19 pandemic.

Source: The FBI Is Secretly Using A $2 Billion Travel Company As A Global Surveillance Tool

Amazon, Google, Microsoft sued over photos in facial recognition database

Amazon, Google parent Alphabet and Microsoft used people’s photos to train their facial recognition technologies without obtaining the subjects’ permission, in violation of an Illinois biometric privacy statute, a trio of federal lawsuits filed Tuesday allege.

The photos in question were part of IBM’s Diversity in Faces database, which is designed to advance the study of fairness and accuracy in facial recognition by looking at more than just skin tone, age and gender. The data includes 1 million images of human faces, annotated with tags such as face symmetry, nose length and forehead height.

Source: Amazon, Google, Microsoft sued over photos in facial recognition database – CNET

A New Map Shows the Inescapable Creep of Surveillance

The Atlas of Surveillance shows which tech law enforcement agencies across the country have acquired. It’s a sobering look at the present-day panopticon.

A collaboration between the Electronic Frontier Foundation and the University of Nevada, Reno, Reynolds School of Journalism, the Atlas of Surveillance offers an omnibus look not only at what technologies law enforcement agencies deploy, but where they do it.

Source: A New Map Shows the Inescapable Creep of Surveillance | WIRED

1 2 3 60
>