Good! Ryan Johnston reports: Following weeks of outcry from cybersecurity companies and independent researchers, Republican Georgia Gov. Nathan Deal vetoed the state’s proposed “hack back” bill on Tuesday. The bill, SB 315, sought to create the misdemeanor crime of “unauthorized” computer or computer network access, criminalizing the act of “intentionally” logging into a computer or website hosted in Georgia without the user first…
Category: Legislation
New EU fines will apply to ‘old’ data breaches
Oooh. Pay attention, EU. Peter Teffer reports: Companies operating in the EU that are currently hiding serious data breaches similar to those that rocked Facebook last month better disclose those before 25 May, or be prepared to pay serious fines. On that date, the EU’s new general data protection regulation (GDPR) will come into force….
NYS Data breaches exposed personal information of 9.2M New Yorkers in 2017
WHEC reports: New York Attorney General Eric Schneiderman was in Rochester Thursday to release a new report on data breaches impacting New Yorkers. The attorney general released “Information Exposed: 2017 Data Breaches in New York State,” documenting the record number of data breach notices filed with his office in 2017. In 2017, companies and other entities reported 1,583…
Alabama Senates Passes Data Breach Notification Act
Maya Atrakchi and Joseph Lazzarotti of Jackson Lewis write: There are only two states in the U.S. that have yet to enact data breach notification laws, but that may change in 2018. Several weeks ago, the South Dakota state legislature announced that a data breach notification bill (Senate Bill No. 62) was pending. Now, Alabama…
Oregon, New York, Alabama, and Rhode Island Join List of States Considering Data Breach Legislation Post-Equifax
David M. Stauss and Gregory Szewczyk of Ballard Spahr LLP write: In the absence of federal action, state legislators continue to propose bills that would increase data privacy and security protections for consumers. Any entity that does business in these states or maintains confidential information of their residents should monitor the legislation to determine whether and how…
FR: CNIL issues new data security guidelines
On January 23, 2018, the French data protection authority (the CNIL) published new guidelines on the security of personal data (updating its previous security guide published in 2010 available in English) , providing practical recommendations in the form of “Do’s and Dont’s” to help businesses implement appropriate measures to protect personal data in compliance with…