Virtually every country has enacted some sort of data privacy laws to regulate how information is collected, how data subjects are informed, and what control a data subject has over his information once it is transferred. Failure to follow applicable data privacy may lead to fines, lawsuits, and even prohibition of a site’s use in …
Continue reading “Data privacy laws: What you need to know in 2021”
““Version 2.0” of the CCPA — the California Privacy Rights Act (CPRA) of 2020 aka Proposition 24 […] would be a great win in strengthening privacy rights in California. Here are the top 12 privacy enhancements found in the CPRA: #1 Creates a New Privacy Right — The Right to Limit the Use of Sensitive …
Continue reading “The Top 12 Ways the CPRA Significantly Increases Privacy Rights”
You are at the end of long day; just about to turn in for the night. You just do one last check of your inbox for any signs of a reported security incident. Suddenly you are aghast, the new email count in your inbox registers over 9,000 new emails! You quickly scan to fathom what …
The way it works is simple for consumers: they visit the national “Do Not Sell My Personal Data” registry website, put in their email address, and get a verification email in their inbox (note other personal identifiers could be added). For data brokers who sell personal data, they must register with the agency in charge …
Continue reading “Proposal for a National “Do Not Sell My Personal Data” Registry”
“Walmart Inc. is accused in a proposed class action of violating California’s privacy law by failing to protect customer data from an alleged hack. Customers face “significant injuries and damages,” such as having their data on the dark web, as a result of a breach the complaint says occurred, according to the suit filed in …
Continue reading “Walmart Faces Data-Breach Suit Under California Privacy Law”
“Across industries, teams with expertise in real-world spaces are rushing into digital ones where they’re novices and pumping huge amounts of user data into new systems. These changes carry the risk that reams of personal data will be mismanaged and vulnerable to exposure. This situation raises two major challenges for many businesses: First, they need …
Continue reading “Have Your Privacy Policies Kept Up with Your Digital Transformation?”
California law sets out minimum requirements for wireless access point security by imposing obligations on manufacturers to ensure consumers are aware of the risks and informed as to how to protect themselves. Who is regulated by the law (Territorial Scope)? What is regulated by the law (Material Scope)? Obligations imposed Enforcement California Wireless Network Security …
Continue reading “California Wireless Network Security requirements”
TITLE 1.81.26 of the California Civil Code on Security of Connected Devices (“California IoT law”) is codified in Cal. Civ. Code Sec. 798.91.04, 798.91.05 and 798.91.06. It requires manufacturers of connected devices “to equip the device with a reasonable security feature or features that are appropriate to the nature and function of the device, appropriate …
Constantine Karbaliotis, a Canadian Privacy Lawyer has created the mother of all data access requests that a company may receive under GDPR or CCPA. These are the edge cases… but they are the requests that en masse could bring your IT department to its knees if unprepared. The Nightmare Letter: A Subject Access Request under …
Continue reading “Data Subject Access Requests (DSARs) under GDPR & CCPA”