New York State Proposes Biometric Privacy Law

New York State legislators have proposed a private right to action with Assembly Bill 27–a proposed amendment to New York’s General Business Law (GBL). This amendment–also called the Biometric Privacy Act (BPA) –would allow consumers to sue companies for improperly collecting or using certain biometric data. Here’s our analysis:  What Qualifies As Biometric Data?  BPA takes…
Read More

2020 News in Review

Week Ending December 28  ICO Warns SolarWinds Victims to Report Breaches  The United Kingdom’s Information Commissioner’s Office (ICO) has issued a warning to organizations compromised by the SolarWinds breach. The breach, which was carried out by Russian hackers, affected more than 18000 organizations worldwide. ICO requires UK data controllers subject to NIS regulations to report…
Read More

What We Can Learn From the SolarWinds Breach

SolarWinds, a network management software company, found itself the direct victim of an insidious malware breach last week that had been in the works for months. The hack involved the installation of malware onto an updated version of their software, which was downloaded by over 18,000 customers, including approximately 421 Fortune 500 companies–and large swaths…
Read More

Operationalizing data privacy: Bridging “the vision gap”

Note: This article was originally published at https://www.logic2020.com/insight/operationalizing-data-privacy and is authored by Jill Reber, CEO/General Manager – Data Privacy of our Affiliate Member Logic 20/20 It’s been four years since the passing of GDPR made data privacy a key issue in global business conversations. Initially, many U.S. businesses were focused on getting their arms around…
Read More
CANADA PROPOSED NEW DATA PRIVACY LEGISLATION

Canada Proposes New Data Privacy Legislation

It’s been a busy year for privacy legislation. California voted to expand the scope of personal information, the EU put limits on data transfers to the United States, and Brazil unveiled a law that, among other things, calls for companies to hire a Data Protection Officer.  Since 2000, data privacy in Canada’s private sector has…
Read More
Privacy Shield

A New Framework for a Post-Privacy Shield Era

Since the Schrems 2.0 case ended the EU-US Privacy Shield agreement, the companies that relied on the framework to transfer data between Europe and the U.S. have been left wondering what to do next. Can companies still rely on Standard Contractual Clauses (SCCs) for data transfers? If not, what alternatives do they have? The European…
Read More
Michigan Data Privacy Laws

Michigan’s Data Privacy Ballot Measure Passes

Though much of the attention has gone to California’s recent data privacy ballot measure, Michigan also presented significant legislation to its voters this past November 3. And voters answered with a resounding yes. The approval of Proposal (Prop) 2–an amendment to Michigan’s state constitution–requires law enforcement to obtain a warrant before seizing any electronic data.…
Read More
COMPLIANCE FRAMEWORK

Why Your Organization Needs a Compliance Framework

With every new piece of data privacy legislation, more and more companies are scrambling to prioritize their customers’ privacy.  That means making sure the entire organization is on the same page when it comes to cybersecurity. One way to do that is by implementing a compliance framework–a standardized set of best practices that help an organization…
Read More
AI And Privacy

A Guide: How to Utilize Artificial Intelligence for Data Privacy and Cybersecurity Compliance

Technology is undeniably useful. It can make us more productive, and connect far-flung workforces. But every time a business or organization adopts a new piece of technology, its “attack surface” expands–and it exposes itself to more risk.  The pandemic hasn’t helped. As organizations transition to a remote environment, they’ve begun to operate via home networks…
Read More
Back To Top