Lydia Beyoud reports: The CFPB is ready to shape the next phase of open banking in the U.S. as it develops standards for how vast amounts of consumer financial data is shared among banks, fintech apps, and data transfer companies. Financial data sharing has been largely left in private-sector hands, but the Consumer Financial Protection…
Category: Federal
U.S. Supreme Court to Weigh Anti-Hacking Law’s Limits on Access
Andrea Vittorio reports: The U.S. Supreme Court is set to hear oral argument Nov. 30 over the scope of an anti-hacking law in a case that has implications for cybersecurity research, and other situations where computer access is in question. The case, Van Buren v. United States, involves whether people who misuse their authorized access can be…
Bipartisan Internet of Things Security Bill Passes Congress
From EPIC.org: Both branches of Congress have now passed a bill governing the security of the Internet of Things. The “Internet of Things Cybersecurity Improvement Act of 2019” sets baseline cybersecurity standards for IoT devices purchased by the federal government. The bipartisan measure is sponsored by Rep. Will Hurd (R-Texas) and Rep. Robin Kelly (D-Ill.) in the House and…
Trudeau Privacy Law to Level Stiff Fines for Digital Breaches
Kait Bolongaro reports: Prime Minister Justin Trudeau’s government unveiled a remake of Canadian privacy laws to strengthen user rights in the digital world. Under legislation introduced Tuesday in Ottawa, companies that commit the most serious offenses would be hit with fines worth as much as 5% of revenue or C$25 million ($19 million), whichever is…
PH: NPC to allow data breach victims to apply for cease-and-desist orders
Jenina P. Ibañez reports: Victims of personal data breaches may request cease-and-desist orders from the National Privacy Commission (NPC) if the breach violates their privacy rights and causes “irreparable injury.” The NPC, in circular no. 20-02 signed on Oct. 6, said that it may issue such orders in the event of violations or threats to…
Germany: No GDPR damages after data breach
Seen at DLA Piper: One of the many open questions of data protection law in Europe is how compensation for “non-material damage” will be calculated. In contrast to personal injury claims where lawyers have (hundreds of) years of case law to call upon to help calculate compensation, there is comparatively little case law considering how…