Oh no...This form doesn't exist. Head back to the manage forms page and select a different form.

News Alerts and Breach Report for Week of July 18, 2022

Government Agencies at Odds Over Location Data Privacy According to records obtained by the American Civil Liberties Union (ACLU), the Department of Homeland Security has for several years purchased data from the mobile advertising industry, including location information from phones…

Read More
NIST

NIST Publishes Draft Security Criteria for Consumer Software

Consumer software providers will soon have the option to label their software as compliant with National Institute of Standards and Technology (NIST) standards for software security. On November 1, 2021, NIST published its initial draft of this standard in a white paper titled “DRAFT Baseline Criteria for Consumer Software Cybersecurity Labeling” (the White Paper). The…
Read More
Disposition

Developing a Defensible Disposition Process

Starting in January of 2023, businesses subject to California Privacy Rights Act (CPRA) may be required to publish the retention periods for all categories of personal and sensitive information they collect, manage, store, share, or sell. CPRA Section 1798.100. Given the complexity of the upcoming CPRA requirements, we are publishing a series of articles on…
Read More
PDPL

Updates to Saudi Arabia’s Data Protection Law

Whilst European and North American businesses are well accustomed to dealing with complex data protection legislation, businesses in the MENA region have by and large not had to consider the same in their local markets. From a Saudi standpoint, the recently published Personal Data Protection Law (published on 24 September 2021 and effective as of…
Read More
Cybersecurity

New York DFS Issues New Cybersecurity Guidance

Under New York’s Cybersecurity Regulation, issued in 2017, any entity (a “Covered Entity”) regulated by the New York State Department of Financial Services (DFS) must maintain a risk-based cybersecurity program that protects its information systems and nonpublic data. For years, DFS has allowed Covered Entities to adopt the cybersecurity program of an affiliate. This has…
Read More
Data Protection

Opinion: How the U.S. Government’s Efforts Can Improve Data Privacy and Protection in 2021

This year, cybersecurity incidents, such as data breaches, have led to the proliferation of identity theft and fraud, facilitated by a lack of digital identity verification credentials. Additionally, data privacy legislation has gained momentum at the state level and become a key area of concern for lawmakers and citizens alike. Meanwhile, artificial intelligence and blockchain…
Read More
Rights

Lessons Learned from Implementing Privacy Rights Request Processes

Over the last three years, several data privacy regulations have been adopted around the world which include requirements related to the collection, processing, and use of personal information. The list includes the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA) and the Lei Geral de Proteção de Dados Pessoais (LGPD) for Brazil,…
Read More
Back To Top