The U.K.'s privacy watchdog is probing banking giant Barclays over its use of employee monitoring tools after the bank in February reportedly shifted from anonymized tracking to giving managers the ability to view data for individual employees.
Will the COVID-19 pandemic lead to a spike in the number of reported data breaches? Not necessarily, says cybersecurity expert Brian Honan. But he says that the rush to adopt cloud-based services and expanded remote services might change the types of breaches being reported.
"Where do I start?" It's the most common question posed by data protection professionals tasked with leading a new data privacy management effort. Whether it's developing a data inventory, drafting a breach notification plan, or selecting controls to implement, a good place to start is with the NIST Privacy...
The latest edition of the ISMG Security Report analyzes the hacking of Dave, a mobile banking app. Plus: Sizing up the impact of GDPR after two years of enforcement and an assessment of IIoT vulnerabilities.
Now that it's been two years since enforcement of the European Union's General Data Protection Regulation began, three attorneys - Kelsey Finch, Jonathan Armstrong and David Dumont - reflect on the lessons learned so far and the compliance gaps that still need to be addressed.
With so many employees working from home during the COVID-19 pandemic, vendors of time-tracking and productivity-monitoring software report surging interest in their wares. Regardless of whether organizations deploy light-touch or more Big Brother types of approaches, beware potential privacy repercussions.
The EU's General Data Protection Regulation was meant to finally bring in line organizations that didn't treat Europeans' personal data with respect. But two years after the regulation went into full effect, why have both the U.K. and Ireland each issued only one final GDPR fine to date?
This whitepaper report looks in detail as to why achieving compliance across a wealth of new international data privacy laws and regulations is such a growing challenge. It will cover:
How data breaches are driving regulatory change
Data protection and the COVID-19 pandemic, an escalating external threat...
Within weeks of the California Consumer Privacy Act of 2018 going into effect, the first CCPA lawsuit was filed in U.S. District Court in Northern California, based on a personal data breach of a retailer and its cloud service provider. Since then, many lawsuits have been filed, addressing multiple aspects of...
Britain's privacy watchdog reports it received 19% fewer data breach notifications in the first quarter than in the same period last year. While the decline may be attributed to more organizations better understanding when to report breaches, other countries have seen an increase in breach reports.
As the COVID-19 pandemic continues, Britain's privacy watchdog has signaled that although privacy rights and transparency - as enshrined under GDPR - remain paramount, it will take a more "flexible" regulatory approach. But this is no data breach "get out of jail" card, legal experts warn.
The California Consumer Privacy Act (CCPA), which went into effect on January 1, 2020, gives consumers the right to access, delete, or opt out their personal data.
Companies that are subject to CCPA and other U.S. State level privacy regulations should be actively prepared and should begin documenting the steps...
Supermarket giant Morrisons is not liable for a data breach caused by a rogue employee, Britain's Supreme Court has ruled, bringing to a close the long-running case - the first in the country to have been filed by data breach victims.
"The CCPA is just the U.S. version of the GDPR."
"If I'm compliant with the GDPR, I'm also compliant with the CCPA."
"Personal data under GDPR is the same as personal information under CCPA."
All of this common wisdom about the GDPR and CCPA is arguably false. In fact, there are numerous differences, some...