General Business Privacy Science, Computers & Technology

Read need-to-know updates, commentary, and analysis on General Business issues written by leading professionals.
News & Analysis as of

New Cybersecurity Framework Revealed

The framework provides standards and best practices for identifying, assessing, and managing cybersecurity risk. Now that the Obama administration has unveiled the final version of its anticipated Cybersecurity Framework...more

FDIC Reissues Technology Outsourcing Resources, Urges Use Of Cyber Resources

On April 7, the FDIC reissued, as attachments to FIL-13-2014, three technology outsourcing resources. The documents, which the FDIC describes as containing “practical ideas for banks to consider when they engage in technology...more

Iowa Adds AG Data Breach Notice Requirement

On April 3, Iowa Governor Terry Branstad signed SF 2259, which amends the state’s data breach notice law to add a requirement that businesses that experience a data breach notify the state attorney general’s office within...more

FTC Still In Charge Of Privacy Enforcement: Ten Lessons From Wyndham

The Federal Trade Commission (FTC ) is the most active and aggressive federal government agency to investigate and enforce data privacy and security laws against businesses. Section 5 of the FTC Act empowers the agency to...more

SEC’s OCIE Announces Cybersecurity Examinations Of Broker-Dealers And Registered Investment Advisers

The SEC’s Office of Compliance Inspections and Examinations, or OCIE, previously announced that its 2014 Examination Priorities included a focus on technology, including cybersecurity preparedness. OCIE has issued a Risk...more

Iowa Breach Notification Law Now Requires AG Notification, Applies to Paper Records

Iowa recently joined an increasing number of states that require notification of state regulatory authorities following a breach, as well as a handful of states in which paper records can trigger notification obligations....more

Kentucky Becomes 47th State with a Data Breach Notification Law

On April 10, 2014, Kentucky became the 47th state to enact breach notification legislation. Under the new law, companies that conduct business in Kentucky and hold consumer data of Kentucky residents will now be required to...more

Cyber Insurance: A Last Line of Defense When Technology Fails

As cyber risks increase, specialized insurance policies can protect companies, but only if those policies are appropriately tailored and negotiated. Daily news headlines reveal the escalating, and costly, problem of...more

The Highest Court in the European Union Strikes Down the Data Retention Directive as Invalid

In a significant move, the Court of Justice of the European Union (CJEU) has ruled that the Data Retention Directive 2006/24/EC (Directive) is invalid. This decision is expected to have wide-reaching implications for privacy...more

Kentucky Becomes The 47th State To Enact A Data Breach Notification Law

Kentucky is now the 47th state with a data breach notification law, a development that should be of interest not only to Kentucky-based entities, but also to entities that do business in Kentucky and have personal information...more

DOJ And FTC Release Joint Antitrust Policy Statement Regarding Sharing Of Cybersecurity Information

On April 10, 2014, the U.S. Department of Justice (“DOJ”) and the Federal Trade Commission (“FTC”) issued an Antitrust Policy Statement on Sharing of Cybersecurity Information explaining that competitors can share legitimate...more

How Significant is the Wyndham Case to the US Cybersecurity Legal Landscape?

The security community has been abuzz this week with the US. District Court of New Jersey's April 7 ruling in Federal Trade Commission v. Wyndham Worldwide Corporation, et al. Wyndham had asserted in a motion to dismiss that...more

Heartbleed: What to do now

Hardly a day passes now without some new report of a security vulnerability with inevitable breaches that follow, but Monday’s news about the two-year old vulnerability in OpenSSL is (or should be) catching everyone’s...more

Privacy Tuesday – April 14, 2014: Heartbleed Headaches

Last week was certainly the “week of the Heartbleed.” Unless you have been on vacation on a remote island (and if so, good for you!), you have heard and read much about the latest mass bug to infect the Internet....more

With OpenSSL Compromised by Heartbleed, an Opportunity for Companies to Diversify Cyber Security Efforts

The recent discovery of the “Heartbleed” online bug has sent shockwaves through the internet, causing companies and individuals alike to question very basic assumptions about cyber security. The bug has allegedly existed for...more

Privacy in Latin America and the Caribbean

With the enactment or implementation of several new data privacy laws in the past couple of years, the privacy landscape in Latin America and the Caribbean continues to change dramatically. Twelve countries in the region now...more

Take Action to Stop the Bleeding: Follow These Steps

“Heartbleed” has been all over the news, and companies have been scrambling to respond. What sounds like a nasty medical condition is actually a recently discovered flaw in popular encryption software called OpenSSL. It has...more

Aggressive Liability Theory Does Not Eliminate Obstacles To Banks’ Claims In Target Data Breach Class Action

The latest salvo in the Target data breach litigation is a class action brought by credit card issuing banks advancing a creative and somewhat misleading construction of the Minnesota’s Plastic Card Security Act. The banks...more

DOJ & FTC Release Cybersecurity Threat Information Exchange Policy

The US DOJ Antitrust Division and the FTC yesterday released a joint policy statement on the sharing of information between private parties, including competitors, to counter cybersecurity threats. The agencies acknowledge...more

Balancing the data privacy debate: The benefits of big (and little) data

Comments to the White House's recent request for comments on "big data" and how it affects Americans were due April 4, but even before all the comments have been reviewed, we can be pretty sure that, as usual, most business...more

FTC, DOJ Issue Antitrust Policy Statement Encouraging Private Sharing of Cybersecurity Information

The Federal Trade Commission and the Department of Justice yesterday issued a joint policy statement on the sharing of cybersecurity information. Declaring that “properly designed cyber threat information sharing is not...more

Many Lessons for Companies to Learn After the Target Data Breach

The red bull’s-eye. Even shoppers that don’t frequent Target know the retailer’s ubiquitous logo. But what many holiday shoppers — both loyal Target customers and casual visitors to the trendy discount store — didn’t...more

New Draft Processor to Sub-processor Model Clauses (Art. 29 Working Party)

(LONDON) The Art. 29 Working Party, a key advisory body to the EU Commission, recently proposed draft model clauses to cover the transfer of personal data from EEA data processors to non-EEA sub-processors....more

Canada’s Digital Privacy Rethink: Fines, Enforceable Compliance Agreements And More!

On April 8, 2014, Canada’s government introduced Bill S-4, the Digital Privacy Act, in the Senate. Bill S-4 is the federal government’s latest attempt to reform the federal Personal Information Protection and Electronic...more

The SEC Cybersecurity Roundtable: Indicator of Things to Come?

Starting with the Securities and Exchange Commission's January 2014 announcement that cybersecurity is a priority in its National Examination Program, SEC Chair Mary Jo White and others at the SEC have continued to stress the...more

781 Results
|
View per page
Page: of 32

Follow General Business Updates on: