Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
Las compañías que hacen negocios en México deben revisar las políticas y prácticas pertinentes para asegurarse de que se alinean al marco integral de privacidad de datos del país. Específicamente, querrá evaluar sus avisos de...more
Companies doing business in Mexico should review relevant policies and practices to ensure they align with the country’s comprehensive data privacy framework. Specifically, you’ll want to assess your privacy notices, data...more
Introduction - The legal regime in India relating to data protection and privacy has undergone a significant re-haul and revamp. The Digital Data Protection Act, 2023 (“DPDPA”) received the President’s assent and was...more
Introduction - The Brazilian General Data Protection Law (“LGPD”), enacted in 2018 and enforced since 2020, serves as the cornerstone of the country's data protection framework. Its primary objective is to ensure the...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
Since the introduction of the Data Protection Act (the “DPA”) in 2019, there has been a steady increase in the number of data protection breaches that have been reported to the Office of the Ombudsman. It is expected that...more
The British Virgin Islands ("BVI") Data Protection Act, 2021 ("DPA") came into force on 9 July 2021. It was introduced so the BVI would have a data protection framework which is broadly similar to EU and UK standards. To...more
On 14 March 2022 the Data Protection Commission of Ireland (DPC) handed down a decision in respect of 22 personal data breach notifications made by the Bank of Ireland Group Plc (BOI) between November 2018 and June 2019. The...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
China had a lot of legislative movement in the area of data privacy this year. On June 10, 2021, the Data Security Law (DSL) was passed and it became effective on Sept. 1, 2021. This is a broader law applying to data...more
China's draft Personal Information Protection Law (PIPL) has just gone through the second reading and is now near final form and expected to be finalized very soon. Once promulgated, it will be the first comprehensive law on...more
Data Transfer from the European Union to the United States is a knotty process. The difficulties were compounded this summer when Europe’s highest court held the “Privacy Shield” program enabling U.S-E.U. data transfers...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
Global organizations need a clear, legal means to share data across borders, whether to conduct day-to-day business, comply with government regulations, perform under a contract, respond to lawsuits, or simply communicate and...more
This guide has been compiled to give an overview of the rudimentary legal aspects that should be considered by anyone thinking of establishing a business in the UK. It is aimed at businesses that may already be established in...more
Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more
In May of 2018, the European Union enacted the General Data Protection Rules, or GDPR, a legal framework that outlines not only how companies may collect and process personal information of EU residents, but how that data is...more
BB&K's Christina Morgan Talks About Data Privacy in Riverside Lawyer Magazine - Due to rising concerns about privacy in the digital world, in April 2016, the European Union adopted the General Data Protection Regulation...more
The General Data Protection Regulation 2016/679 (GDPR) provides means to enforce provisions related to personal data processing by you as a data controller or data processor. It introduces collective actions everywhere in...more
The Office of the Privacy Commissioner of Canada (OPC)'s report, Personal Information Protection and Electronic Documents Act (PIPEDA) Report of Findings #2019-001, issued April 9, 2019, into the Equifax hack, created...more
Why does this topic matter to organisations? Whereas the remedies and sanctions available to DPAs under the Directive were comparatively low (generally subject to a maximum of less than €1 million per infringement, with...more
Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" has not changed. Any entity that was a processor under the Directive likely continues to be a processor under the GDPR. However,...more
Why does this topic matter to organisations? Each time an organisation processes personal data, it will do so as either a controller or a processor. These roles bear different responsibilities. Therefore, it is critically...more
Why does this topic matter to organisations? The defined terms set out in this Chapter are of critical importance to understanding how EU data protection law applies to an organisation. For example, the question of whether...more