Cynthia O’Donoghue and Daniel Kadar write: France’s data protection authority, the Commission Nationale De L’informatique et Des Libertés (CNIL), released a new mandatory online notification procedure for French electronic communications service providers (Providers) to rapidly report data breaches to CNIL in compliance with new EC Regulation (No.611/2013) (the Regulation). Any data breach must be reported to CNIL via a…
Category: Breach Laws
Manitoba’s Private Sector Privacy Law – Similar To Alberta’s Law, But Important Differences Exist
Michael G. Fekete of Osler, Hoskin & Harcourt LLP writes: On September 13, 2013, Manitoba joined Quebec, British Columbia and Alberta by enacting provincial private sector privacy legislation. Once it comes into force, Manitoba’s Personal Information Protection and Identity Theft Prevention Act (PIPITPA) will govern the collection, use and disclosure of personal information, including that…
Opening The Flood Gates? California Voters May Create Presumption Of Harm In Privacy Breach Cases
Julian D. Perlman of BakerHostetler writes: California has moved one step closer towards amending its Constitution to create a presumption of harm whenever personal data is shared without a consumer’s express opt-in, a change that would clear a significant hurdle to many privacy breach lawsuits. On Thursday, California Secretary of State Debra Bowen approved steps…
International Data Breach Laws Are All Over The Map
Ben DiPietro reports: Laws on sharing and disclosure of data and personal information differ widely among countries, greatly complicating the compliance challenges of companies operating internationally. Read more on Wall Street Journal. As DiPietro reports, different laws also differentially impact – and may impede – forensic analysis of breaches.
This hacker might seem shady, but throwing him in jail is bad for everyone
Timothy B. Lee writes: On Friday, the U.S. government filed its brief in the appeal of Andrew “Weev” Auernheimer, who was convicted of federal hacking charges for downloading hundreds of thousands of customer e-mail addresses from AT&T’s Web site. The government says the conviction was proper, but many security researchers and civil liberties advocates argue that the…
Mandatory Data Breach Notice Bill Stalls As Canadian Parliament Session Closed
Peter Menyasz reports: The Canadian government’s Sept. 13 decision to end the Parliament’s legislative session has at least temporarily blocked passage of proposed amendments (Bill C-12) to Canada’s framework federal privacy law that would have introduced a limited mandatory data breach notification requirement. A new parliamentary session is scheduled to start Oct. 16, and the…