With the Internet of Things in Full Force, Will Congress Act?

(Mar 24, 2015) Several witnesses appeared before the House Energy and Commerce subcommittee on Tuesday to testify about the rapidly growing Internet-of-Things (IoT) ecosystem. With approximately 25 billion connected devices in existence, and counting, the economic benefits and job opportunities in IoT appears to be eclipsing any significant Congressional motivation to regulate this landscape. In fact, the hearing followed an IoT showcase hosted by the subcommittee to demonstrate many of the technological inno... Read More

ITALY—Garante Launches Draft Code Consultation

(Mar 24, 2015) On February 19, the Italian Data Protection Authority, the Garante, published the notice of the launch of a public consultation on the draft of the "code of conduct and professional practice applying to the processing of personal data carried out for commercial information purposes.” The aim of this consultation is to acquire contributions and proposals by all stakeholders on the draft code, including trade associations representing the relevant industries. The above observations shall be subm... Read More

Oregon AG Seeks Tougher State Breach Law

(Mar 24, 2015) Oregon Attorney General Ellen Rosenblum wants her state’s data breach notification law strengthened. She says that since the law was written in 2007, there’s been a dramatic increase in the retention of biometric information, which “presents a particularly serious kind of breach.” Back then, you only needed your fingerprint scanned for jobs such as working at the Pentagon. Now, we use the same scans to unlock our phones. Divonne Smoyer, CIPP/US, and Christine Czuprynski talk to Rosenblum about her efforts. Read More

FINRA, SEC Provide Broker-Dealers with Motivation, Tools To Get the Job Done

(Mar 24, 2015) Both the U.S. Securities and Exchange Commission (SEC) and Financial Industry Regulatory Authority (FINRA) have recently issued guidance to broker-dealers on cybersecurity, providing valuable resources. "The two reports should provide the tools and information needed by those broker-dealers who have put off focusing on cybersecurity to strengthen their data protection capabilities," Daniel Nathan writes. Read More

State AG Announces New Privacy and Data Security Department

(Mar 19, 2015) Connecticut Attorney General (AG) George Jepsen recently announced the creation of a new department within the AG’s office, Westfair Communications reports. The Privacy and Data Security Department will work on investigations and litigation related to privacy and data security. It follows Jepsen’s 2011 appointment of a privacy task force aimed at focusing the AG office’s response to Internet privacy concerns and data breaches. “When I took office in January 2011, it became immediately clear that... Read More

When a Tech-Savvy Customer Finds a Privacy Flaw

(Mar 19, 2015) As businesses continue to thrive on technological advancements, finding and quickly patching security and privacy flaws in that technology may be the difference between a headline in The Wall Street Journal and a happy customer base. It’s true that building systems can be a difficult ordeal and that finding every vulnerability from the outset is next to impossible. That’s why some companies actually hire White Hat hackers or sponsor hackathons to scour their systems and point out any vulnerabil... Read More

Does Your Company Need a DPO?

(Mar 17, 2015) With a population of 47 million people, the third-largest economy in all of Latin America and an increasingly relevant privacy regime, Colombia is a country newly on the radar of many global companies. One interesting provision in the country’s law: You must have a data protection officer, or data protection team, in place if you want to control or process PII of the country’s citizens. Joseph Mazzella, CIPP/US, examines the relevant law and gives you instruction for compliance in this post for ... Read More

Colombia: Is a Data Protection Officer Required for Compliance?

(Mar 17, 2015) With 47 million people and the third-largest economy in Latin America behind Brazil and Mexico, Colombia is increasingly a place where multinational firms are doing business. Further, Colombia is looking to fit into the global marketplace by establishing itself as a jurisdiction where data protection and privacy are taken seriously. Over the past few years, Colombia has passed and implemented various privacy laws and regulations, including Law 1581 in 2012, Decree 1377 in 2013, Resolution 20752... Read More

No Food, No Drink, No Water: EU Ministers Agree on One-Stop Shop, Plan June Lock-In

(Mar 17, 2015) EU ministers dramatically agreed to hold a marathon meeting of the Justice and Home Affairs Council in June in order to finalize their version of the EU General Data Protection Regulation, having earlier reached agreement on the regulatory one-stop shop and the principles underpinning the regulation. Agreement in June would then allow trilogue discussions between the Council of the EU, the European Parliament and the European Commission to commence in the summer with a view to agreeing on the w... Read More

Regulators Discuss Collaboration; FTC, Dutch DPA Sign Pact

(Mar 12, 2015) The regulators on stage at the IAPP Global Privacy Summit for “The Enforcers” session were clear on one thing: There must be more collaboration amongst those charged with keeping consumers safe from harm. What exactly that collaboration will look like, however, remains to be seen. European Data Protection Supervisor Giovanni Buttarelli focused heavily on some of the pledges made in his five-year plan. Angelique Carson, CIPP/US, reports in this exclusive for The Privacy Advisor. In related news, ... Read More