News Alerts and Breach Report for Week of May 30, 2022

Quebec Updates Data Privacy Law Starting in September 2022, Quebec’s Act respecting the protection of personal information in the private sector (Act) will take effect. Recent updates have been passed to the Act regarding biometric privacy. A summary of the…

Read More

Why Organizations Need to Start Implementing Data Minimization

When the European Union (EU) enacted the General Data Protection Regulation (GDPR) on May 2, 2018, the world was introduced to the concept of data minimization. According to Article 5 of the GDPR, data minimization means “personal data shall be…

Read More
PIPL

China’s Personal Information Protection Law: Key Takeaways

On August 20, 2021, China’s first comprehensive Personal Information Protection Law (“PIPL”) was passed into law. The Cybersecurity Law, the Data Security Law, and the PIPL of China are the three pillars of China’s data protection framework, which govern cybersecurity, data security, and personal information protection respectively. The Cybersecurity Law largely governs cybersecurity requirements for Critical Information Infrastructure operators…
Read More
UK

UK Proposes Reforms to Data Protection Laws

On 10 September 2021, the UK Government’s Department for Digital, Culture, Media, and Sport (DCMS) published its long-awaited proposals for reform of the country’s data protection laws. The consultation paper includes a detailed and comprehensive set of suggested amendments to the UK GDPR, Data Protection Act 2018, and Privacy and Electronic Communications Regulations (PECR), with…
Read More
Cookies

French Regulator Cracks Down on Cookies

In June, the CNIL–France’s regulatory body for data privacy and protection–issued notices of noncompliance to approximately 40 companies that had failed to align with the CNIL’s guidelines on cookies, which were adopted October 1, 2020. In a followup report issued this week, September 14, the CNIL reported that 80 percent of noncompliant companies have since…
Read More
Privacy Law

Colorado Privacy Act: Another Piece to the Data Privacy Puzzle

Introduction Privacy laws have entered the compliance world by storm and are quickly changing data privacy practices. The most recent state, Colorado, passed the Colorado Privacy Act (CPA) into law on July 7, 2021. This new act follows California’s Consumer Privacy Act (CCPA) but calls out several additional rights, actions, and policies. The CPA pulls…
Read More
Cybersecurity

The 3 Biggest Mistakes the Board can Make around Cybersecurity

Although the topic of cybersecurity is now definitely on the board’s agenda in most organizations, it is rarely a fixed item. More often than not, it makes appearances at the request of the Audit & Risk Committee or after a question from a non-executive director, or – worse – in response to a security incident…
Read More
Back To Top