Privacy act draft proposes a maximum penalty of the greater of $50 million, three times the value of any benefit obtained through the misuse of information stolen in data breaches, or 30% of the company's annual domestic turnover.
Data Protection
Certain types of personal data are very valuable to criminals, and can be very damaging to an individual or business if it falls into the wrong hands. As the world becomes more digital and more connected, more of this sort of data is generated and passed between various sources on a regular basis.
Government regulations and supervisory authorities aren’t just about keeping irresponsible parties in line. They also provide vital security guidance to every type of organization that handles sensitive personal, business or government information.
Data protection regulations also ensure that the end user has a transparent view of and a say in the processing of personal data. These safeguards play a significant role in everything from the preservation of civil rights to ensuring that democratic institutions function properly.
Some types of personal data are clear candidates for regulation: medical records, banking information, national ID numbers and so on. But some of these regulations also cover items that might seem relatively innocuous at first glance: home addresses, email addresses, website profile information and so on. For example, the European Union General Data Protection Regulation (GDPR) has stipulations about anything that is unique to an individual to include phone numbers and social media accounts. People have varying levels of privacy preference with these items, but they are often protected by regulation because they can be used for targeted scams and attempts at identity theft.
Given that regulations often take the size and customer count of businesses into consideration in terms of penalties and the scope of protection of personal data, compliance is particularly important for enterprise-scale organizations. You do not necessarily have to have an active business presence in a country or region; simply storing data on or moving it through servers there may subject you to their data protection rules.
Some of the biggest names in Big Tech may be considering pulling out of Hong Kong. The reason is a recently-implemented "doxxing" privacy law developed in the wake of the 2019 pro-democracy protests.
A federal privacy law that meets five key requirements can bring U.S. more in line with global privacy principles and relieve burdens on business from differing standards.
It appears that for some, including the biggest names in tech, the possibility of pulling out of Europe over the new Schrems data transfer requirements is not entirely off the table.
Every business that collects data will have the Insights, Prediction, Action dilemma it confronts. And for that we need a regulatory framework to set boundaries. Am I allowed to dream on? Let’s not wait for regulations. An industry sponsored consortium putting consumer rights and privacy front and center.
The 21st of June 2017 saw UK’s Queen Elizabeth give what is generally known as ‘The Queen’s Speech’ in which Her Majesty gave some insights into just how seriously the UK government is taking issues of online privacy and data protection.
The investigation is scrutinizing major cloud services that are widely used by EU agencies, such as Amazon AWS and Microsoft Azure, to determine if they are GDPR-compliant.
The Ohio law represented a novel approach to data protection by providing safe harbor if the entity’s cyber security program conforms to industry recognized cybersecurity frameworks or federal regulations cited in the Act.
The Trump administration's "AI Action Plan" will likely shape every aspect of AI development going forward, and OpenAI has submitted its own set of proposals to the White House, one that unsurprisingly calls for light AI regulations.
Though the CCPA is still relatively new, the state has already passed a substantial revision in the form of the California Privacy Rights Act (CPRA). Its terms will begin going active at the beginning of 2023.










