Data Breach

Privacy World Week in Review

By Kristin Bryan on November 25, 2024

Posted in Artificial Intelligence, Automatic Renewals, China, Compliance, Data Breach, European Data Protection Board, Events, General Data Protection Regulation (GDPR), Litigation, Transfer Risk Assessment

In case you missed it, below are recent posts from Privacy World covering the latest developments on data privacy, security and innovation. Please reach out to the authors if you are interested in additional information.

Balancing the Scales: How to Use “Legitimate Interest” to Process Personal Data “Fairly”

Court Ruling in China on Personal Data…

Privacy World Week in Review

By Kristin Bryan on November 18, 2024

Posted in Artificial Intelligence, Automatic Renewals, Compliance, Data Breach, Events, Litigation

Join SPB’s Privacy Team for Two Strafford Webinars in December

Cancel Culture: New Requirements for Automatic Renewal and Other Negative…

When Data Breaches Cost Twice – AEPD’s Landmark Fine Shows That Being the Victim of a Cyberattack Doesn’t Excuse GDPR Failures

By Claire Murphy on November 13, 2024

Posted in Cybersecurity, Data Breach, Data Privacy, Ransomware, Spanish Data Protection Authority (AEPD), Telecommunications

In a cautionary decision for companies handling personal data, the Spanish Data Protection Authority (AEPD) issued a substantial fine to a telecommunications distributor following a significant data breach. In April 2021, the company at the center of the case had been targeted by a ransomware attack using Babuk malware, which encrypted files and interrupted operations. When the company refused to pay the ransom, cybercriminals published the personal data of around 13 million individuals on the dark web, exposing affected users to serious risks of fraud and identity theft.Continue Reading When Data Breaches Cost Twice – AEPD’s Landmark Fine Shows That Being the Victim of a Cyberattack Doesn’t Excuse GDPR Failures

Australian Privacy Regulator Commences Penalty Proceedings Against Medibank

By Connor McClymont on June 7, 2024

Posted in Australia, Cybersecurity, Data Breach

On 5 June 2024, the Australian Information Commissioner commenced civil penalty proceedings in the Australian Federal Court against Medibank Private Limited (an Australian health insurance provider) in relation to its notorious data breach in October 2022.

To bring you back up to speed on the Medibank data breach, on 25 October 2022, Medibank notified the…

Privacy World Week in Review

By Kristin Bryan on March 25, 2024

Posted in Artificial Intelligence, Artificial Intelligence Risk Management Framework (AI RMF), Asia, Asia Pacific, Biden, California, Compliance, Cybersecurity, Cybersecurity, Data Breach, Data Privacy, Data Privacy, Digital Assets, EU, EU, GDPR, GDPR, General, Japan, Japan, Litigation, Privacy, Privacy Litigation, Privacy Litigation, Singapore, Singapore, Spain, US, US, Whistleblower

Never Beyond the Law – the Spanish AEPD’s Position on the Processing of Whistleblower Data | Privacy World

Singapore to…

Privacy World Week in Review

By Kristin Bryan on March 18, 2024

Posted in Artificial Intelligence, Artificial Intelligence Risk Management Framework (AI RMF), California Privacy Rights Act, Compliance, Data Breach, Data Breach, GDPR, GDPR, General, General Data Protection Regulation (GDPR), Japan, Japan, Litigation, Privacy Litigation, Privacy Shield, US

Biden Budget Proposal Advances AI Priorities | Privacy World

US Regulators Lift the Curtain on Data Practices With Assessment, Reporting…

Privacy World Week in Review

By Kristin Bryan on March 11, 2024

Posted in Artificial Intelligence, Asia, Asia Pacific, Biometric information, California Age-Appropriate Design Code Act (“CAADCA”), California Age-Appropriate Design Code Act (AADC), California Attorney General, California Children’s Data Privacy Act, California Privacy Protection Agency, California Privacy Rights Act, California Privacy Rights Act (CPRA), CCPA, CCPA, CCRA, Children's Privacy, Compliance, Connecticut, Consumer Protection, Cybersecurity, Cybersecurity, Data Breach, Data Breach, Data Privacy, Data Privacy, FCC, Federal Communications Commission, GDPR, General, General Data Protection Regulation (GDPR), Litigation, Privacy, Privacy Litigation, Privacy Litigation, Singapore, Singapore, Technology, US, US

In Narrow Vote California Moves Next Generation Privacy Regs Forward | Privacy World

EDPB Versus Ireland? Does the Opinion on…

Privacy World Week in Review

By Kristin Bryan on March 4, 2024

Posted in Artificial Intelligence, California, California Children’s Data Privacy Act, CCPA, CCPA, Children's Privacy, Compliance, Connecticut, Consumer Protection, COPPA, Cybersecurity, Data Breach, Data Privacy, EU, FCC, Federal Trade Commission (FTC), Litigation, Robocall, Social Media, TCPA, Telemarketing, Universal Opt-Out Mechanisms

Government access to personal data in bank accounts: a compliance challenge for banks, and a threat to EU adequacy?

By David Naylor on January 17, 2024

Posted in Compliance, Data Breach, Data Privacy, UK

The UK Data Protection and Digital Information Bill (the Bill) received its second reading in the House of Lords on 19 December 2023. Although the Bill cleared that crucial milestone, the debate focused on the government’s last-minute introduction of sweeping powers enabling the Secretary of State to require banks and other financial service providers to monitor and to provide information from accounts into which benefits are paid. Although ostensibly intended to identify fraud, the Lords echoed the view expressed by campaigning group, Big Brother Watch, that it would be:

“wholly inappropriate for the UK Government to order private banks, building societies and other financial services to conduct mass, algorithmic, suspicionless surveillance and reporting of their account holders on behalf of the state”.Continue Reading Government access to personal data in bank accounts: a compliance challenge for banks, and a threat to EU adequacy?

FBI and DOJ Issue Guidance on SEC Incident Reporting Delay Requests

By Gicel Tomimbang, Julia Jacobson & Alan Friel on January 16, 2024

Posted in Compliance, Cybersecurity, Data Breach, Data Privacy

Most U.S. public companies are gearing up to prepare and file their annual reports (Forms 10-K) between February 29^th and April 1st. This year’s preparations will be busier because the Regulations on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure (Cyber Risk Regulations) issued by the Securities and Exchange Commission’s (SEC) are now in force. Continue Reading FBI and DOJ Issue Guidance on SEC Incident Reporting Delay Requests

Privacy World

Data Breach

Privacy World Week in Review

When Data Breaches Cost Twice – AEPD’s Landmark Fine Shows That Being the Victim of a Cyberattack Doesn’t Excuse GDPR Failures

Australian Privacy Regulator Commences Penalty Proceedings Against Medibank

Government access to personal data in bank accounts: a compliance challenge for banks, and a threat to EU adequacy?

FBI and DOJ Issue Guidance on SEC Incident Reporting Delay Requests

Address

Contacts

Search By Category