Attorney Elizabeth Harding clears up confusion about certain provisions of the EU's General Data Protection Regulation, including the issue of when organizations need to obtain a European consumer's consent to process their data.
Less than four months after GDPR enforcement began, Europe has arguably entered the modern data breach notification era. Reports of data breaches continue to increase, and breached organizations now face the specter of class-action lawsuits over material as well as non-material damages.
The latest edition of the ISMG Security Report features an analysis of a new Government Accountability Office report on the causes of last year's massive Equifax breach. Also: An update on the role of tokenization in protecting payments.
A web browser startup, Brave, has filed complaints in Europe alleging Google and other behavioral advertising companies are violating Europe's GDPR. Brave's complaints could set up one of the biggest battles so far over how personal data gets used - or abused - for targeted advertising.
Should Europe's "right to be forgotten" apply worldwide? That's the focus of a case before the EU's highest court, which has pitted proponents - including Austria and France - against Google, Microsoft and the European Commission, who argue that the EU law provision should only apply in Europe.
We've spent countless hours and dollars getting ready for the arrival of the EU'S GDPR. In the months since, what's actually changed? How have companies reacted? What should we expect going forward in the EU, and in North America? Has it been all bark and no bite? This session will outline how companies dealt with...
The EU's General Data Protection Regulation, which has tough breach notification requirements, is spurring global interest in technologies to help prevent insider breaches, says Tony Pepper of Egress Software Technologies.
Three months after the EU's General Data Protection Regulation went into full effect, the U.K.'s data privacy watchdog says that the number of data protection complaints it has received from individuals has nearly doubled.
To comply with the EU's General Data Protection Regulations, organizations should implement several best practices, including the anonymization of data, says Sandeep Arora, former CEO at AXA Business Services, India, and co-founder of CyberImmersions Solutions.
On May 25, 2018, per the General Data Protection Regulation (GDPR), organizations with business ties to the European Union needed to comply to GDPR standards. The cost of non-compliance are stiff fines. The GDPR contains nearly 100 separate and nuanced articles that can be difficult to understand even if you are a...
Facebook is making substantial investments to improve its data security and privacy practices. But the long-term cost of those investments and impact on the bottom line has spooked investors, leading to a $120 billion loss in market value on Thursday, the largest one-day loss of value for a U.S. traded company.
Under the EU's General Data Protection Regulation, within 72 hours of an organization learning about the data breach, it must report the breach to relevant authorities or face fines. The U.K.'s data privacy watchdog says it's already seen the volume of self-reported breaches quadruple.
A Spanish consumer rights organization says telecommunications company Telefónica has fixed an elementary security error in its Movistar website that potentially exposed billing invoices for millions of customers. Telefónica says it hasn't detected fraudulent use of the data.
The latest edition of the ISMG Security Report features a discussion of California's groundbreaking new privacy law as well as an update on the potential impact of the hacker group responsible for the Ticketmaster breach.