An internet bill of rights seems necessary now that the internet is inextricably intertwined with everyone's life, but the shepherds of this technology cannot be counted on to adequately self-regulate.
CCPA pioneered a strong mandate for data privacy and security in the US, and now SB-327 is focusing on securing IoT devices. However, an opportunity was missed to ditch passwords altogether and advocate for a stronger method of authentication.
The prospects for a federal privacy bill actually being signed into law in the United States in 2019 just took another big step forward with a proposal from Intel.
The GDPR has influenced the future of corporate compliance at a global level. As we see the CCPA, the USCDPA, and bills in other jurisdictions like India and Brazil being passed, it is evident that all companies soon will be required to comply with some consumer data privacy measure.
Since June 1, eight U.S. states have either amended or enacted tougher new data breach notification laws requiring notification anywhere between 30 to 60 days. While still a far cry from the 72 hours required under the European GDPR, tougher notification laws will no doubt be adopted around the world.
Privacy has now become a bit of a loaded word and the public is on guard when it comes to their personal data. What is the impact marketing consent rates? And how will the increase of data fundamentalism change attitudes?
The FTC is a shadow regulator on cyber, and it is impacting what businesses must do about cybersecurity. Most troublingly, it is doing so without clear standards and in apparent self-denial. This may have wide-ranging ramifications for the future of self-driving cars.
Recent PwC survey results indicate that half of respondents were not confident that their organizations would meet the 2020 deadline for CCPA compliance. What are the lessons learnt from the GDPR compliance exercise that can help companies approach CCPA and other upcoming requlations?