On December 28, 2018, the French Data Protection Agency, the Commission Nationale de l’informatique et des Libertés (CNIL) published several principles to help companies comply with the General Data Protection Regulation (GDPR) while transferring personal data to their commercial partners for electronic prospecting.
Particularly, the CNIL highlights how:
the data subject must give consent before the data is transmitted to third parties;
the data subject must be able to know who the Read more [...]
On January 15, 2019, the United States Court of Appeals for the Ninth Circuit held that websites and mobile applications (app) of places of public accommodation must be fully accessible to persons with disabilities.
By way of background, Plaintiff – a blind man – alleged that Defendant Domino’s Pizza, LLC, (Domino’s) failed to design, construct, maintain, and operate its website and app to be fully accessible to him, in violations of the Americans with Disabilities Act, Read more [...]
On 23 January 2019, the EU Commission adopted its adequacy decision on Japan, allowing personal data to flow freely between Europe and Japan.
The adequacy decision started to apply as of January 23. The same will happen on the Japanese side.
The adequacy decision includes:
a set of Supplementary Rules to strengthen the protection of sensitive data, the exercise of individual rights and the conditions under which EU data can be further transferred from Japan to another third country. Read more [...]
On March 28, 2018, Alabama was the last State, after South Dakota, to have adopted a data breach notification statute.
The Alabama Data Breach Notification Act of 2018 (S.B. 318) went into effect on June 1, 2018. According to the Alabama Statute, any “covered entity” and “third-party agent” must comply. Written notification must be made to all affected individuals unless it is determined that the breach of security “is not reasonably likely to cause substantial harm” to the individuals Read more [...]
On December 14, 2018, New York Attorney General Barbara D. Underwood announced settlements with Western Union Financial Services, Inc., Priceline.com, LLC, Equifax Consumer Services, LLC, Spark Networks, Inc., and Credit Sesame, Inc., “for having mobile apps that failed to keep sensitive user information secure when transmitted over the Internet.”
No fraud had happened with those apps but they all suffered from a well-known security vulnerability that could have allowed third parties to access Read more [...]
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.AcceptRead More