Free tools and resources for Data Protection Officers!

Tag Archives for " US "

US Draft Bill Imposes Steep Penalties and Expands FTC’s Authority to Regulate Privacy

On November 1, 2018, Senator Ron Wyden (D-Ore.) released a draft bill, the Consumer Data Protection Act , that seeks to “empower consumers to control their personal information.” The draft bill imposes heavy penalties on organizations and their executives, and would require senior executives of companies with more than one billion dollars per year of revenue or data on more than 50 million consumers to file annual data reports with the Federal Trade Commission.

Full article: Draft Bill Imposes Steep Penalties, Expands FTC’s Authority to Regulate Privacy

EU-U.S. Privacy Shield Framework Joint Annual Review 2.0

The Federal Trade Commission (FTC) announced several enforcement actions in late 2017, on the eve of the first annual joint EU-U.S. review of the Privacy Shield Framework. Now the second annual review of the EU-U.S. Privacy Shield Framework is underway, and the FTC has announced several new enforcement actions, which are meant to highlight the importance of the framework and reaffirm the U.S.’s commitment to strong privacy enforcement.

Full article: EU-U.S. Privacy Shield Framework Joint Annual Review 2.0

US Firms Have Begun Addressing GDPR Shortcomings

A survey of 145 US corporate directors of public company boards conducted by BDO USA during August 2018 has revealed that eight out of ten companies have taken steps to ensure they are complying with necessary data protection legislation. This included implemented such measures as completing a gap assessment and updating the company privacy policy.

The survey was conducted as part of the BDO  2018 Cyber Governance Survey which you can read here.

Source: Study by BDO USA Suggest US Firms Have Begun Addressing GDPR Shortcomings – Compliance Junction

Why Privacy Regulations Don’t Always Do What They’re Meant To

Sweeping privacy regulations, in short, are likely coming to the United States. That should be welcome news, given the sad, arguably nonexistent state of our modern right to privacy. But there are serious dangers in any new move to regulate data. Such regulations could backfire — for example, by entrenching already dominant technology companies or by failing to help consumers actually control the data we generate (presumably the major goal of any new legislation).

Full article: Why Privacy Regulations Don’t Always Do What They’re Meant To

Apple expected to say GDPR a model for US privacy regulation

According to a report from Reuters, Apple CEO Tim Cook will praise the European General Data Protection Regulation (GDPR) as a privacy model that the U.S. should emulate. This is according to an early look at prepared remarks that Cook will deliver at a conference of international data protection regulators being held Brussels, Belgium. Apple’s Tim Cook will also call for comprehensive federal privacy rules in the U.S. But Cook’s favorable view of GDPR could put Apple at odds with other tech company peers, which want less restrictive rules.

Source: Report: Apple expected to say GDPR a model for US privacy regulation – Marketing Land

EU and US begin second annual review of Privacy Shield

EU and US officials have begun the second annual review of the Privacy Shield, an important framework that facilitates the free flow of personal data across the Atlantic for businesses.

The review will focus on the commercial aspects, notably on questions related to the oversight and enforcement of the Shield, and developments concerning the collection of personal data by US authorities for purposes of law enforcement or national security. The European Commission will publish its conclusions in a report end of November.

Source: Privacy Shield: EU and US begin second annual review

Consumers say they want much more control over their personal data

Janrain, which polled more than 1,000 U.S. consumers. The survey found that  two-thirds of US adults want government to pass laws that provide them with “greater privacy, security and control of their personal data.”

46 percent of consumers were willing to forgive a company that was a “victim of a data security breach,” if that company immediately notified them. Another 42 percent would “possibly” be willing to forgive.

However the bulk of the results show that consumers are clearly ambivalent about the companies they interact with, especially online, and the majority want much more control over their data.

Source: Consumers say they want much more control over their personal data – MarTech Today

Apple gives U.S. users tool to see what data it has collected

Apple on Wednesday rolled out an online tool to users in the United States and several other countries to download, change or delete all the data that the iPhone maker has collected on them. It also gives users a simpler way to make changes to the data, suspend their Apple account or even permanently delete it. Previously such tool was available to users in the European Union and was built in response to the region’s General Data Protection Regulation, or GDPR.

Source: Apple gives U.S. users tool to see what data it has collected | Reuters

Key Developments in Internet of Things Law

California Signs the First IoT Security Bill into Law, and the FTC Submits Comments to the Consumer Product Safety Commission Regarding the IoT California’s New IoT Law On September 28, 2018, California Governor Jerry Brown signed into law a cybersecurity bill governing Internet of Things (IoT) devices, the first law of its kind in the nation.

Source: Key Developments in Internet of Things Law

Google Plus Will Be Shut Down After User Information Was Exposed

Google did not notify authorities of the vulnerabilities in Google Plus, which exposed the data of up to 500,000 users. Google said it had found no evidence that outside developers were aware of the security flaw and no indication that any user profiles were touched. The flaw was fixed in an update made in March. There is no federal law requiring companies to disclose a security vulnerability. Companies must wade through a patchwork of state laws with different standards.

Source: Google Plus Will Be Shut Down After User Information Was Exposed – The New York Times

>