Celia Watson Seupel reports: Protecting Saugerties school district data from hackers could cost $70,000 annually — money that’s “not going to improve the quality of education,” Board of Education Trustee Krista Barringer said. […] Protecting school district data from hackers has become mandatory. A new regulation adopted by the state Board of Regents took effect Jan. 29,…
Category: Breach Laws
India’s Data Protection Bill Threatens Global Cybersecurity
Lukasz Olejnik, an independent cybersecurity and privacy researcher, writes that some provisions in the Indian Data Protection Act of 2019, “like having to store sensitive data in systems that are located within the subcontinent, may put constraints on certain business practices and are considered more controversial by some.” One feature of the bill that’s received less…
California Amends Breach Notification Law
Hunton Andrews Kurth writes: On October 11, 2019, California Governor Gavin Newsom signed into law AB 1130, which expands the types of personal information covered by California’s breach notification law to include, when compromised in combination with an individual’s name: (1) additional government identifiers, such as tax identification number, passport number, military identification number, or other…
LinkedIn Can’t Block Analytics Company From Scraping Profiles
Wendy Davis reports: LinkedIn can’t rely on a 33-year-old anti-hacking law to prevent prevent the analytics firm HiQ Labs from mining data, a federal appellate court ruled Monday. The ruling, issued by a three-judge panel of the 9th Circuit Court of Appeals, leaves in place an injunction that requires LinkedIn to allow publicly available data…
FTC Takes Tougher Data Security Stance After LabMD Fight
Sara Merken reports: The Federal Trade Commission is issuing specific data security requirements to companies as part of agency settlements, policing businesses more aggressively than before, attorneys and former staff said. Proposed settlements reached this year with LightYear Dealer Technologies LLC, ClixSense.com, Unixiz Inc, and D-Link Systems Inc. show what the FTC is expecting in…
Ireland, Poland Offer Guidance on Data Breach Response Under GDPR
Odia Kagan of Fox Rothschild writes: The Irish Data Protection Commission and Polish Data Protection Authority have issued guidance on data breach notification under GDPR in which they address the following questions, and more: When do you “become aware” of a data breach? What should a data breach notification include? How do you communicate a…