Sarah Schmidt reports: Companies can decide whether to tell their customers when they lose their personal information or hackers steal it, according to legislation tabled Tuesday by the Conservative government. The proposed amendments to Canada’s private sector privacy law will require banks, retailers and other companies to inform Canada’s privacy watchdog if they’ve experienced a…
Category: Breach Laws
FAQ on Alberta’s New Breach Notice Law
David Navetta writes: Earlier this month (May 1, 2010), Alberta became the first Canadian province to pass a broad breach notice law (“Bill 54”) as part of their comprehensive data privacy statute, the Personal Information Protection Act (“the Act”; technically, Alberta is the second province to pass a breach notice law in Canada, Ontario previously…
Russia Considers Improving its Data Protection Law
The Russian Federation is considering amending the country’s data protection law, according to BNA’s Privacy Law Watch. Businesses have long complained that the law contains restrictions on data processing that are extremely difficult to meet. For example, the law requires affirmative written consent for most types of data processing. In the online context, this provision…
Ie: ‘Reckless’ data breaches should be prosecuted
Steven Carroll reports: Data protection controllers should face sanctions for deliberate or reckless breaches of information protection law, a Government appointed review group has concluded. The obligations of controllers to report security breaches should be set out in a statutory code of practice, which would outline when disclosure of data breaches is mandatory, and failure…
Application of New Massachusetts Data Security Regulations to Out-of-State Businesses
Amy Crafts writes: Massachusetts’s new data security regulations, effective as of March 1, 2010, currently set forth the country’s most stringent requirements for protecting data. Extending beyond what is required by other states, Massachusetts specifies that, for example, covered entities must implement a written information security program and must encrypt personal information that will be…
German court orders wireless passwords for all
Kirsten Grieshaber of the Associated Press reports: Germany’s top criminal court ruled Wednesday that Internet users need to secure their private wireless connections by password to prevent unauthorized people from using their Web access to illegally download data. Internet users can be fined up to euro100 ($126) if a third party takes advantage of their…