As EU data protection watchers know, the draft General Data Protection Regulation (which has been around long enough to be universally referred to by its acronym, GDPR) exists in three major versions, with a fourth version recently released by the office of the European Data Protection Supervisor (EDPS). The EDPS is the EU’s own internal… Continue Reading
Tag Archives: Data Protection
Brokerage firm victim of elaborate extortion scheme – but also gets hit with a fine
Posted in Data Compliance & SecurityBrokerage firm DA Davidson has agreed to pay a fine of $375,000 for failing to protect confidential client data from Latvian hackers who breached the company in 2007 in an online extortion scheme and the three have pleaded guilty in Montana. The hackers used a SQL injection attack to obtain access to the company’s database… Continue Reading
Top 3 questions relating to compliance with 201 CMR 17.00
Posted in Data Compliance & SecurityAt the beginning of the “countdown” to the March 1st effective date of 201 CMR 17.00, we offered some posts with “misapprehensions” and compliance suggestions (see 16 Days to March 1….. and Countdown to compliance with 201 CMR 17.00…..11 days). Here are some questions that have been reoccurring over the last few weeks: 1) What… Continue Reading
House scheduled to act today on several privacy bills
Posted in Data Compliance & SecurityThe House is scheduled to vote on HR 1319, The Informed P2P User Act, and HR 2221, The Data Accountability and Trust Act, tomorrow under suspension of the rules. We will monitor the debate and keep you updated on its passage.
When the “Safe Harbor” is Not So Safe
Posted in Data Compliance & SecurityIf your company transfers personal data cross-border and you participate in the Safe Harbor program, it’s time to check the status of your certification. For the second time in a month, the Federal Trade Commission has announced enforcement actions against companies under Safe Harbor, the international privacy framework that provides a means for U.S. companies… Continue Reading
FTC to Hold Data Privacy Roundtables
Posted in Data Compliance & SecurityHere’s an important notice from the Federal Trade Commission – The FTC will host a series of day-long public roundtable discussions to explore the privacy challenges posed by the vast array of 21st century technology and business practices that collect and use consumer data. Such practices include social networking, cloud computing, online behavioral advertising, mobile… Continue Reading
From Privacy Academy – The Seven Step Program
Posted in Data Compliance & SecuritySounds like common sense, but it is food for thought — and will be required under new Massachusetts data security regulations: The seven easy ways to protect PC based information from theft The proliferation of Personal Storage Devices (thumb drives, iPods, USB external hard disks, etc.) and simple remote access has created unprecedented levels of… Continue Reading