Data Breach

Key Takeaways From Verizon’s 2021 Data Breach Report

If you haven’t combed through all 119 pages of Verizon’s 2021 Data Breach Investigations Report, that’s understandable. However the report contains valuable insight for compliance professionals, so ADCG pulled out the relevant takeaways–like the fact that banks are the most commonly discussed target in hacker forums and marketplaces, and that financially motivated cybercrime is on…
Read More
Pennsylvania Data Privacy

How to Comply With Pennsylvania’s Impending Data Privacy Act

Pennsylvania legislators last month introduced the Consumer Data Privacy Act (CDPA)– which resembles California’s Consumer Privacy Act (CCPA). And this month, a breach of the Pennsylvania Department of Health led to the Pennsylvania Senate unanimously approving a proposal to strengthen the state’s breach notification law, suggesting that Pennsylvania legislators are motivated to implement stronger data…
Read More
North Carolina Consumer Data Privacy

A Guide to North Carolina’s Proposed Data Privacy Law

Following the lead of other states, the North Carolina General Assembly has introduced a broad consumer privacy bill–the Consumer Privacy Act (CPA) of North Carolina. Here’s what to expect from the bill if it is passed into law. Applicability  The law applies to your business if it conducts business in North Carolina, or produces products…
Read More

FTC Can No Longer Seek Restitution for Consumers

On April 22, the U.S. Supreme Court unanimously ruled that the Federal Trade Commission (FTC) could no longer seek consumer restitution through Section 13(b) of the FTC Act— a provision the FTC has been using for nearly 40 years to impose monetary penalties against companies engaging in deceptive practices. Understanding the impact of this decision…
Read More
Deleted Data Gdpr

Why Deleting Data Doesn’t Meet GDPR’s Data Destruction Guidelines

When it comes to data, there’s a fine line between deletion and destruction. Under many of the major privacy laws, organizations are obligated to “delete” or “erase” data, while consumers are granted the right to be forgotten. The problem? Deleted data isn’t really gone.  According to ZDNet, 59 percent of used or refurbished hard drives…
Read More
Cfpb And Fintech

Why Fintech Companies Want to be Regulated by the CFPB

It’s unusual to see an industry making a formal request to be regulated, but that’s exactly what fintech data aggregators are asking of the Consumer Financial Protection Bureau (CFPB).  Companies like Plaid and Robinhood have reasoned that more oversight by the CFPB comes with access to more consumer data–which in turn would allow fintech companies…
Read More

How to Follow CPRA’s Rules for ‘Dark Patterns’

When it was passed into law last year, one of the most groundbreaking precedents the California Privacy Rights Act (CPRA) established was its regulation of “dark patterns”— insidious user-interface design choices intended to subconsciously influence user behavior. Even if you’ve never heard the term before, you’ve likely experienced it in some form–think ads disguised as…
Read More
Back To Top