Interesting podcast on the Capital One breach. I’ve been attempting to interest my clients in tools that monitor for their data being spread around, via their supply chain and/or unsecured […]
This is a useful summary for we Europeans as well. In my role as a DPO I tend to use the DPIA as my starting point for each engagement. DSARs […]
Full disclosure: I have been involved in a number of blockchain-based startups in the past couple of years so I’ve seen first-hand the chilling effect of the regulatory interest in […]
TL;DR – don’t sell software with known security vulnerabilities…: […] The case, United States of America v. Cisco Systems, involved allegations from a former-subcontractor whistleblower that Cisco Systems knowingly sold video […]
Definitely one to watch. UK employers may need to take stronger measures and insure themselves against actions taken by employees…: […] The Supreme Court of the UK is deliberating over […]
Given that California (and many others) have adopted GDPR-like measures, this could be an interesting read. On a specific point, negligence underpins just about all legal actions so you should […]
Employing people in California now has one more risk, they might sue you if there’s a data breach…: “Consumers” can bring suit under the CCPA if they can prove the […]
Doing business with residents of NY State? Time to update your breach notification procedures…: […] The SHIELD Act updates the breach notification requirements so that they apply to all individuals […]
Thought the ICO market was dead? The ‘Initial Coin Offering’ has performed a ‘pivot’ (great Silicon Valley word) and is now the ‘Security Token Offering’. With a regulatory regime in […]
Commentary seems to be “It’s not enough“, though this is just the US settlement. European fines add to the total, but they were imposed before the GDPR-era fines were introduced… […]