In December, 2020, the FTC announced a proposed settlement with Texas-based Ascension Data & Analytics after a security breach involving one of its vendors resulted in the exposure of, and unauthorized access to, consumers’ mortgage applications. One year later, the settlement received final approval, as the FTC announced on December 22: The Federal Trade Commission…
Category: Legislation
Review of U.S. State Law Developments in 2021
Madeline Salinas and Libbie Canter of Covington and Burling write: As we look ahead at 2022, we here provide a quick wrap-up of key developments for U.S. state privacy laws in the past year: California Privacy Protection Agency is appointed and commences rulemaking. In June, the new California Privacy Protection Agency (CPPA) held its inaugural public meeting,…
Indian authorities set to tighten data breach laws in 2022
Stephen Pritchard reports: Authorities in India are set to clamp down on data breaches and tighten rules for holding sensitive data, according to local media reports. Organizations will be forced to disclose data breaches within 72 hours, bringing India in line with territories such as the EU, which mandates breach disclosures under its General Data Protection Regulation…
HIPAA Enforcement by State Attorneys General
HIPAAJournal has a nice piece on HIPAA enforcement action over the years by state attorneys general. You can access it here.
Huge fines and a ban on default passwords in new UK law
Jane Wakefield reports: The government has introduced new legislation to protect smart devices in people’s homes from being hacked. Recent research from consumer watchdog Which? suggested homes filled with smart devices could be exposed to more than 12,000 attacks in a single week. Default passwords for internet-connected devices will be banned, and firms which do…
Overview of Legislations on Cybersecurity, Personal Data Protection and Computer Misuse
The Cyber Security Agency of Singapore (CSA) had collaborated with the PDPC and Singapore Police Force (SPF) to develop a handbook covering an overview of the Cybersecurity Act, Computer Misuse Act and Personal Data Protection Act. The handbook explains the three different legislations and how they work in tandem, illustrated through examples of data breaches….