The first months of 2022 began slowly for privacy, but by the end of the first quarter we had our marching orders for the rest of the year. In the U.S., we saw an explosion of state privacy bills being put forward (again), the Senate utilized a seldom used maneuver to push President Biden’s Federal Trade Commission nominee through to confirmation, and Utah b

span class="entry-content post-content">To say that data governance and data compliance are rapidly becoming areas of immense strategic importance for businesses would be an understatement. Governments worldwide already have data protection laws in place or are busy drafting these laws. Moreover, users have become increasingly aware and educated about their

span class="entry-content post-content">In this episode, Jarell Oshodi, Deputy Chief Privacy Officer for the Centers for Disease Control and Prevention, discusses the role of privacy in the cybersecurity field. As an attorney, she brings a unique perspective to the conversation on how we can work better with our privacy officers.Spotify: https://open.spotify

Like many organizations, K-12 schools adapted to COVID-19 by accelerating their digital transformation journeys. And like everyone else who followed this path, they invited unwanted attention from digital criminals in the process.In December 2020, for instance, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a joint alert with the F

The US Senate has passed legislation designed to improve the cybersecurity of the Federal Government.The legislation, which consists of three bills, was unanimously passed by the Senate on Tuesday evening, and would – amongst other things – require organisations working in critical industry sectors to alert the US Government about hacks and ranso

In a previous article, I examined Australia’s proposed Security Legislation Amendment (Critical Infrastructure) Bill 2020. This information security overhaul imposes strict reporting requirements for enterprises as well as affords the Australian government unprecedented and far-reaching powers that enables them to intervene in the operation of an organisztio

With two new U.S. State privacy laws, new Standard Contractual Clauses out of the EU, more GDPR-style laws passed around the globe, and record data protection fines, 2021 provided plenty of fodder for an end-of-year review.U.S. Domestic: A SummaryDespite a growing consensus on the need for comprehensive privacy in the United States, lawmakers once again fail

It looks likely that the UK will join a growing number of nations promoting cybersecurity’s importance for businesses including the introduction of new laws. Amongst the proposals being considered are adding new powers to the UK Cyber Security Council that could significantly change the reporting requirements associated with security incidents. From what has

Data is among the most valuable assets that need to be safeguarded at all costs. But in the digitally-driven business world, cybercrimes are prevalent, making data protection and data privacy a main focal point. The increasing use of technology and the growing exposure to evolving cyber threats have dramatically changed the data security and privacy landscap

The Australian government is looking to pass the Security Legislation Amendment (Critical Infrastructure) Bill 2020, an overhaul which is aimed to help Australian businesses fend off cyberattacks. The Bill expands the business sectors that were previously defined as critical infrastructure by adding, amongst others, Food and Grocery, Finance and Banking, Uni

Because it encompasses the lazy days of summer, Q3 is often a slower roll in the world of privacy — and July and August did not disappoint. Those of us following the privacy space got a much-needed break. However, as August wrapped up, Washington resumed its busy state of affairs, Europe returned to business as usual, and it quickly became clear that th

Organisations who find their networks hit by a ransomware attack may soon have to disclose within 48 hours any payments to their extortionists.That’s the intention of the Ransom Disclosure Act, a new bill proposed by US Senator Elizabeth Warren and Representative Deborah Ross.Ransomware victims are not currently required to report attacks or ransom pay

Cybercrime is one of the most significant threats facing companies today. With the average cost of a data breach reaching an all-time high of $4.24 million, the business case for cybersecurity has never been stronger. Still, some businesses seem to misunderstand the urgency of meeting current cybersecurity standards.It may help to consider the legal conseque

For a while, privacy in Q2 was looking like it would follow the season’s idiomatic rule: in like a lion, out like a lamb. But it came roaring back in June with a new U.S. state law, EU adequacy decisions, a new EU data transfer mechanism, and more. As we look back over the second quarter of 2021, several important developments are worth noting.U.S. State Pri

A bipartisan Senate bill would require some businesses to report data breaches to law enforcement within 24 hours or face financial penalties and the loss of government contracts.The legislation from Senate Intelligence Chair and Democratic Senator Mark Warner with Republican Senators Marco Rubio and Susan Collins is just one of several new cybersecurity bil