The extra-territorial scope of GDPR, and many other regions introducing new data protection and privacy requirements such as The California Consumer Privacy Act (CCPA), means it is essential that privacy decision makers understand the need to have a common approach to dealing with regulations - instead of addressing...
One year after Europe's tough new GDPR privacy law went into full effect, authorities in Britain have seen the number of annual data breach notifications more than quadruple. Meanwhile, the number of data protection complaints filed by Europeans has doubled.
Under the EU's General Data Protection Regulation, within 72 hours of an organization learning about the data breach, it must report the breach to relevant authorities or face fines. The U.K.'s data privacy watchdog says it's already seen the volume of self-reported breaches quadruple.
Britain's privacy watchdog says it plans to fine hotel giant Marriott $125 million under GDPR for security failures tied to a 2014 breach of the guest reservation database for Starwood, which Marriott acquired in 2016. Undiscovered until 2018, the breach exposed 339 million customer records.
The latest edition of the ISMG Security Report features an analysis of why Google was one of the first companies to be hit with a major GDPR fine, plus a global update on GDPR compliance trends and an in-depth report on shifts in malware.
A lot has been said and written about the GDPR from a multitude of perspectives: analysis of its many articles, projections
into the potential impact of the regulation and more than a fair share of dire predictions and claims about how an
organization's GDPR compliance efforts could simply be resolved by investing...
Unlike the European Union's General Data Protection Regulation, the California Consumer Protection Act is very prescriptive in nature, says Subhajit Deb of Dr Reddy's Laboratories, a global pharmaceutical company. In a video interview, he offers compliance insights.
Will Marriott be the first organization that lost control of Europeans' personal data to feel the full force of the EU's General Protection Regulation? With GDPR in full effect since May, organizations with data security practices face the potential of massive fines.
Less than four months after GDPR enforcement began, Europe has arguably entered the modern data breach notification era. Reports of data breaches continue to increase, and breached organizations now face the specter of class-action lawsuits over material as well as non-material damages.
A web browser startup, Brave, has filed complaints in Europe alleging Google and other behavioral advertising companies are violating Europe's GDPR. Brave's complaints could set up one of the biggest battles so far over how personal data gets used - or abused - for targeted advertising.