News Alerts and Breach Report for Week of May 15, 2023
Indiana Passes Data Privacy Law
On May 1, Indiana became the seventh state to pass a comprehensive data privacy law when Governor Eric Holcomb signed the Indiana Consumer Data Protection Act (ICDPA) into law. Per Baker Botts, the ICDPA closely resembles the Virginia Consumer Data Protection Act, and will go into effect January 1, 2026. ADCG will release an implementation guide in the coming months.
Brazil Releases Enforcement Criteria
Though Brazil’s General Data Protection Law (LGPD) went into effect in August 2020, the government hasn’t provided much in the way of guidance. JD Supra writes that, “The Brazilian Data Protection Authority has received a large number of violation complaints and data breach notices, finding the presence of inadequate safeguards in eight matters as of March 2023. Enforcement is expected to pick up now that there is clarity around sanctions. Warnings, partial or total bans on data processing activities in Brazil, and financial penalties are available. Fines can be up to two percent of an organization’s revenue with a cap of 50 million Brazilian reals (which is just below one million USD) for each breach under the law.”
FTC Proposes Ban on Certain Facebook Revenue Streams
Remember that $5 billion settlement that the Federal Trade Commission reached with Facebook in 2019 after the latter violated the Children’s Online Privacy Protection Act Rule (COPPA Rule)? It seems Meta, Facebook’s parent company, “has repeatedly violated its privacy promises,” according to Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. The company now stands accused of continuing to make protected data available to developers, even after the settlement took effect. SC Magazine writes that “As a result of those findings, the FTC is proposing a ban on Meta profiting from data it collects, including its virtual reality products, from all users under the age of 18. The FTC would also put guardrails on facial recognition technology and add more requirements to its user protections.”
Breach Report
* * * * * * *
To read our latest article, This New Cryptography Tool Could Ease Compliance Burdens, Part II, click here.
Jody Westby hosts our podcast, ADCG on Privacy & Cybersecurity, bringing together leaders in the privacy and cybersecurity arenas to discuss a wide range of issues ranging from the proposed federal and state regulations to best practices and standards for compliance. Episodes can be enjoyed on many platforms including Spotify and Apple Podcasts. Don’t forget to subscribe!
Our most recently released episodes:
91 | Managed Detection & Response; The Path Forward (with Guest Sam DeNormandie)
90 | AdTech Meets Privacy Laws (with Guest Susan Israel)
89 | Quantum Technologies: What is Possible, Where We Are Headed & Policy Issues to Consider
To browse our previously published articles and news alerts, please visit our website, and don’t forget to subscribe to receive free weekly Data and Cyber Governance news and Breach Reports directly to your email.