David Navetta writes: Earlier this month (May 1, 2010), Alberta became the first Canadian province to pass a broad breach notice law (“Bill 54”) as part of their comprehensive data privacy statute, the Personal Information Protection Act (“the Act”; technically, Alberta is the second province to pass a breach notice law in Canada, Ontario previously…
Category: Breach Laws
Russia Considers Improving its Data Protection Law
The Russian Federation is considering amending the country’s data protection law, according to BNA’s Privacy Law Watch. Businesses have long complained that the law contains restrictions on data processing that are extremely difficult to meet. For example, the law requires affirmative written consent for most types of data processing. In the online context, this provision…
Ie: ‘Reckless’ data breaches should be prosecuted
Steven Carroll reports: Data protection controllers should face sanctions for deliberate or reckless breaches of information protection law, a Government appointed review group has concluded. The obligations of controllers to report security breaches should be set out in a statutory code of practice, which would outline when disclosure of data breaches is mandatory, and failure…
Application of New Massachusetts Data Security Regulations to Out-of-State Businesses
Amy Crafts writes: Massachusetts’s new data security regulations, effective as of March 1, 2010, currently set forth the country’s most stringent requirements for protecting data. Extending beyond what is required by other states, Massachusetts specifies that, for example, covered entities must implement a written information security program and must encrypt personal information that will be…
German court orders wireless passwords for all
Kirsten Grieshaber of the Associated Press reports: Germany’s top criminal court ruled Wednesday that Internet users need to secure their private wireless connections by password to prevent unauthorized people from using their Web access to illegally download data. Internet users can be fined up to euro100 ($126) if a third party takes advantage of their…
Mexico Passes Sweeping New Law on Data Protection
Jeremy Mittman writes: On April 27, 2010, a sweeping new law on data protection was passed by the Mexican Senate, clearing the way for the President to sign the landmark legislation, which provides for penalties up to an astounding $1.5 million for violations under the law. The new Federal Law for the Protection of Personal…