In This Issue:
- EU Issues Guidelines on ‘Right to be Forgotten’
- FFIEC Observations on Bank Cybersecurity Provides Important Guidelines for Every Industry
- Remarks by Comptroller Curry Highlight OCC Views on Cybersecurity
- Retailers Petition for Federal Data Breach Law
- Automakers Establish Consumer Privacy Protection Principles
- NIST Releases Draft Guide for Sharing Cyber-Threat Information
- SEC Adopts Regulation Systems Compliance and Integrity
- FTC Responds to Wyndham’s Appeal Challenging Its Security Review Authority
- Excerpt from EU Issue s Gui delines on ‘Right to be Forgotten’:
In a landmark May 2014 decision, Europe’s top court, the Court of Justice of the European Union, established a “right to be forgotten.” In Google Spain SL and Google Inc. v. Agencia Española de Protección de Datos (AEPD) and Mario Costeja González (C-131/12), the court held that, upon the request of a European citizen, search engines have an obligation to “de-list” search results that link to information about the requesting individual if the information is inaccurate, outdated or irrelevant. While search engines can deny the request where there is an overriding public interest in the information, the clear message from the court was that an individual’s privacy rights would trump in most cases. Google has reported that since it put procedures in place to comply with the court’s ruling, it has received approximately 175,000 de-listing requests and agreed to de-list approximately 60 percent of the time...
Please see full newsletter below for more information.