On February 28, 2018, the Belgian Privacy Commission issued a recommendation on the position it takes with regard to data protection impact assessments (or “DPIAs”) as foreseen in the GDPR. A DPIA under the GDPR is similar in scope and impact to its … [Read more] about Belgian Privacy Commission Issues DPIA “Black” and “White List” Recommendation
The Securities and Exchange Commission’s $35 million settlement with Altaba Inc., the successor in interest to Yahoo! Inc., is the first civil penalty of its kind for a data breach and underscores the agency’s increasing focus on public companies’ … [Read more] about SEC Announces Its First Enforcement Action Over Cyber-related Disclosures
The United States Court of Appeals for the Seventh Circuit recently affirmed the dismissal of a putative class action brought by financial institutions against Schnuck Markets, Inc., following a data breach impacting Schnuck beginning late 2012. The … [Read more] about Seventh Circuit Affirms Dismissal of Schnuck Markets Data Breach Lawsuit
On April 18, 2018, the Canadian government published final regulations which include mandatory privacy breach notification, reporting and record-keeping obligations under Canada's federal data protection law called the Personal Information Protection … [Read more] about Canada Publishes Final Regulations on Mandatory Reporting of Privacy Breaches
On April 16, 2018, the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the United Kingdom’s National Cyber Security Centre issued a joint Technical Alert (TA), alerting the worldwide cyber exploitation of network … [Read more] about DHS and FBI Issue a Joint Technical Alert with UK Warning Russian State-Sponsored Cyber Attacks