Tag Archives for " US "

Consumers say they want much more control over their personal data

Janrain, which polled more than 1,000 U.S. consumers. The survey found that  two-thirds of US adults want government to pass laws that provide them with “greater privacy, security and control of their personal data.”

46 percent of consumers were willing to forgive a company that was a “victim of a data security breach,” if that company immediately notified them. Another 42 percent would “possibly” be willing to forgive.

However the bulk of the results show that consumers are clearly ambivalent about the companies they interact with, especially online, and the majority want much more control over their data.

Source: Consumers say they want much more control over their personal data – MarTech Today

Apple gives U.S. users tool to see what data it has collected

Apple on Wednesday rolled out an online tool to users in the United States and several other countries to download, change or delete all the data that the iPhone maker has collected on them. It also gives users a simpler way to make changes to the data, suspend their Apple account or even permanently delete it. Previously such tool was available to users in the European Union and was built in response to the region’s General Data Protection Regulation, or GDPR.

Source: Apple gives U.S. users tool to see what data it has collected | Reuters

Key Developments in Internet of Things Law

California Signs the First IoT Security Bill into Law, and the FTC Submits Comments to the Consumer Product Safety Commission Regarding the IoT California’s New IoT Law On September 28, 2018, California Governor Jerry Brown signed into law a cybersecurity bill governing Internet of Things (IoT) devices, the first law of its kind in the nation.

Source: Key Developments in Internet of Things Law

Google Plus Will Be Shut Down After User Information Was Exposed

Google did not notify authorities of the vulnerabilities in Google Plus, which exposed the data of up to 500,000 users. Google said it had found no evidence that outside developers were aware of the security flaw and no indication that any user profiles were touched. The flaw was fixed in an update made in March. There is no federal law requiring companies to disclose a security vulnerability. Companies must wade through a patchwork of state laws with different standards.

Source: Google Plus Will Be Shut Down After User Information Was Exposed – The New York Times

FTC’s Privacy Shield Enforcement Actions Show Broader Enforcement Lens

On September 27, the Federal Trade Commission (FTC) announced proposed settlement agreements with four companies it alleges violated Section 5 of the FTC Act by misrepresenting their certification status and compliance with the EU-U.S. Privacy Shield. This latest set of enforcement actions brings the FTC’s Privacy Shield related enforcement to settlements with eight defendants since the framework was adopted in July 2016.

Source: FTC’s Privacy Shield Enforcement Actions Show Broader Enforcement Lens

China reportedly infiltrated Apple and other US companies using ‘spy’ chips on servers

U.S-based server motherboard specialist Supermicro was compromised in China where government-affiliated groups are alleged to have infiltrated its supply chain to attach tiny chips, some merely the size of a pencil tip, to motherboards which ended up in servers deployed in the U.S. The goal was to gain an entry point within company systems to potentially grab IP or confidential information. While the micro-servers themselves were limited in terms of direct capabilities, they represented a “stealth doorway” that could allow China-based operatives to remotely alter how a device functioned to potentially access information.

Source: China reportedly infiltrated Apple and other US companies using ‘spy’ chips on servers | TechCrunch

Tech giants call for national data regulations that subvert California’s GDPR-style laws

US Tech giants have said they would back a nation data regulation provided that it came into force before California’s much tougher privacy legislation, in what’s being seen as an attempt to avoid GDPR-style data protection laws.

The representatives discussed three key points for a potential privacy legislation: a state law that pre-empts the California legislation; a promotion of privacy on their terms; and a block to the creation of a US version of the GDPR.

Source: Tech giants call for national data regulations that subvert California’s GDPR-style laws

Justice Department Sues to Stop California Net Neutrality Law

U.S. Justice Department on Sunday sued California to stop the state’s new law that would guarantee full and equal access to the internet, a principle known as net neutrality, in the latest legal fight between the state and the Trump administration. The law is one of the strongest efforts in the nation to restore internet access rules since they were rolled back by the Federal Communications Commission last year.

Source: Justice Department Sues to Stop California Net Neutrality Law – The New York Times

California introduces new data security requirements for manufacturers of connected devices

Effective January 1, 2020, according to a new Cal. Civ. Code § 1798.91.04(a), manufacturers of connected devices offered for sale or sold in California must equip such devices with reasonable security features to protect the device and any information contained in them from unauthorized access, destruction, use, modification, or disclosure.

Unlike the GDPR and other data privacy laws, which impose obligations on data controllers and processors, the Californian law applies to organizations irrespective of whether they control or process personal data through the device.

Source: California – New data security requirements for manufacturers of connected devices

European Parliament voted to suspend Privacy Shield: Now what?

On July 5, the European Parliament recommended by way of a non-binding resolution from its Committee on Civil Liberties, Justice and Home Affairs (LIBE Committee) that the Commission suspend the EU/U.S. Privacy Shield Sept. 1 unless and until all defined corrective actions are taken by the U.S. Department of Commerce.

The following will likely happen: On Oct. 18 (not Sept. 1, as originally announced) the Commission will present its findings to U.S. Secretary of Commerce Wilbur Ross, in Brussels. The Privacy Shield will likely not be suspended. Except for one specific requirement: Failure by the U.S. administration to appoint a permanent privacy ombudsman by Oct. 18, 2018 may result in serious consequences for the Privacy Shield.

Read more: European Parliament voted to suspend Privacy Shield: Now what?

1 2 3 31
>