Wait, that’s covered? Insurability of Fines and Penalties Flowing From a Cybersecurity Breach
FCPA Compliance and Ethics Report-Episode 31-the FCPA Year in Review, Corporate Enforcement Actions
FCPA Compliance and Ethics Report-Episode 30-Interview with the FCPA Professor-Part 2
Condo complaints not in writing?
Health Data on Leased Photocopier Costs Company $1.2m—What Others Can Learn
The California Consumer Privacy Protection Agency (CPPA) Board issued a stipulated final order against Todd Snyder, Inc., a clothing retailer based in New York, requiring the company to pay a $345,178 fine and update its...more
The Federal Communications Commission is enhancing its Robocall Mitigation Database (RMD) compliance obligations and increasing base forfeiture amounts for RMD violations. The FCC’s new rules follow a recent Enforcement...more
Iowa is next up in our series of articles providing in-depth summaries of state consumer privacy laws taking effect across the nation. On March 28, 2023, Iowa Governor Kim Reynolds (R) signed into law Senate File 262...more
Dutch data privacy officials recently imposed a staggering penalty on Uber – €290 million ($324 million) – for allegedly breaching the European Union’s comprehensive data privacy and security law. This groundbreaking fine is...more
On July 24, the Massachusetts Legislature passed legislation that will impact many Massachusetts employers in terms of their “pay transparency practices” for current employees and future applicants....more
New Hampshire’s New Law is on the Books - 2023 was a record-breaking year, with legislators in Delaware, Indiana, Iowa, Montana, Oregon, Tennessee and Texas passing comprehensive data privacy laws, joining California,...more
Avast Limited, a United Kingdom-based company that marketed its browser extensions and antivirus software to protect consumer privacy did just the opposite—storing consumer browsing data indefinitely and selling it...more
Could Artificial Intelligence (AI) increase the likelihood of an IRS audit in your future? How does the IRS use AI to identify US taxpayers who attempt to hide assets, under-report income or otherwise cheat the IRS? In...more
The Volunteer State became the eighth state to enact a comprehensive data privacy law after Gov. Bill Lee (R) signed the Tennessee Information Protection Act (“TIPA”) into law yesterday, May 11. Tennessee joins a growing...more
On January 19, the Irish Data Protection Commission (DPC) announced the conclusion of an inquiry into the data processing practices of a U.S.-based messaging service’s Ireland operations and fined the messaging service €5.5...more
The Federal Trade Commission (FTC) and Department of Justice (DOJ) recently ordered Twitter to pay $150 million for violating a 2011 FTC order that prohibited the company from misrepresenting its privacy and data security...more
When it comes to making sure financial data is safe and meets compliance regulations, understanding the different regulatory bodies and how they affect your organization is a vital first step. Two of the most common...more
Companies have always had requirements to retain records in accordance with laws and regulations—and to dispose of them once those obligations were no longer in force. But by and large, most haven’t done so in any consistent,...more
On September 2, 2021, EU regulators fined Facebook-owned chat service, WhatsApp, £225 million (around $266 million) for failing to fully disclose its user data collection and sharing practices. This is the second largest fine...more
CEP Magazine (December 2020) - The Hamburg Data Protection Authority issued their largest fine ever under the General Data Protection Regulation (GDPR) for employee-related offenses. A fine of more than €35 million was...more
Report on Supply Chain Compliance 3, no. 16 (August 20, 2020) - After Twitter disclosed in October 2019 that it had used sensitive information for marketing purposes, investigations by the Federal Trade Commission (FTC)...more
Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more
Under Russian Data Protection Law, when collecting personal data, data operators (controllers) must ensure that recording, systematization, accumulation, storage, updating and extraction of personal data relating to Russian...more
On 21 November 2019 a bill imposing multi-million Ruble (RUB) fines for infringing Russian data localization and information security laws passed the last hearing at the State Duma. This likely means that the bill will become...more
The Data Protection Supervisory Authority for the state of Berlin (Die Berliner Beauftragte für Datenschutz und Informationsfreiheit, “Supervisory Authority”) recently issued a fine for GDPR violations against Germany’s...more
The Spanish supervisory authority agencia española protección datos (“Supervisory Authority”) has issued a fine against an airline based on their use of a cookie banner, which the Supervisory Authority considered not to be...more
Big Picture Takeaways: Facebook faces many detailed requirements for internal and external governance and oversight with extensive reporting requirements...more
On June 13, 2019, a new draft bill imposing multi-million Ruble (RUB) fines for infringing Russian data localization and information security laws—multiplying the maximum penalty under current law by a magnitude of 240—was...more
In this episode of OnRisk, Lucas Tanglen and Jeff Meagher discuss the cyber insurance implications of the European Union’s new privacy regulation—the General Data Protection Regulation or GDPR. The GDPR, which took effect on...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the European Data Protection Board's published opinions on data protection impact assessments, an Ohio court's ruling that bitcoin is covered insured...more