The California Consumer Privacy Act (CCPA) becomes effective on January 1, 2020, making California the first state in U.S. to roll out GDPR-like regulation, how should the business prepare and how will it impact consumers? Read More
Connected devices will soon be subject to new IoT security laws, with California taking the lead and requiring devices to have “reasonable security features” and U.K. draft law requires devices to have cyber security features labeled on package. Read More
New cyber security directive from DHS has cut mandatory time for U.S. federal government agencies to patch vulnerabilities considered critical from 30 to 15 days, failure to do so may result in administrative penalties. Read More
New DETOUR Act may pass in U.S. to fight against “dark patterns” which makes it illegal for tech companies to design, modify or manipulate user interface to obtain consent or user data. Read More
Democrats pushed through a new bill to reinstate the Net Neutrality rules to prevent large broadband Internet providers from blocking or slowing Internet access, or prioritizing their own content over the content of smaller rivals. Read More
Recent study shows that 72% of U.S. small businesses support improvements to privacy regulations yet 52% also believe that there will be a negative impact to their business. And only 15% believe that policy makers will pass regulations that do not adversely affect small businesses. Read More
What kind of future can be achieved by focusing on the nexus of information security and data privacy? Better compliance, stronger alignment and greater accountability, just to name a few benefits. Read More
Singapore has recently introduced a discussion paper on data portability to will not only improve options and outcomes for consumers, but will also improve transparency in data collection. Will the ease of proliferation of this personal data among more companies lead to a simple statistical increased likelihood of data and identity theft? Read More
A new Thailand cybersecurity law went into effect last week, and is controversial more for what it doesn't specify than what it does. As it is worded, it appears to give the Thai government very broad powers to monitor internet use, censor content and even seize property without court orders. Read More
The Ohio law represented a novel approach to data protection by providing safe harbor if the entity’s cyber security program conforms to industry recognized cybersecurity frameworks or federal regulations cited in the Act. Read More