Showing Posts In "Data Protection and Privacy" Category





Senate Commerce Republications Introduce Comprehensive Privacy Bill

In September, four senators introduced the Setting an American Framework to Ensure Data Access, Transparency, and Accountability (SAFE DATA) Act, which marks an official introduction of an update of Senator Roger Wicker’s draft United States Consumer Data Privacy Act of 2019. There are a few notable changes and additions, including the inclusion of language from […]


California Creates a New State-Level Financial Protection Bureau

Assembly Bill 1864 was passed by California legislature in late August that creates a Department of Financial Protection and Innovation and bolsters legal protections for consumers. Intended to be a state-level version of the Consumer Financial Protection Bureau (CFPB), the Department has investigative authority and can demand documents, reports, and information from the entities it […]


Employers Likely to Receive One-Year Reprieve from Full California Consumer Privacy Act

California’s governor may soon sign into law a one-year delay of the California Consumer Privacy Act’s (CCPA) full application to human resources data. Under the current CCPA, employers must provide HR individuals with a “Notice at Collection” when or before collecting their individually identifiable information, and HR Individuals are granted the right to recover up […]


Use of OFAC Data in Spotlight: Consumer Reporting Agency Sued Again for False Positive Terrorist Watch List Data in Consumer Reports

Recent litigation regarding compliance of the Fair Credit Reporting Act’s (FCRA) mandate that reasonable procedures must be used to ensure the “maximum possible accuracy” of information included in credit reports suggests that complacent inclusion of terrorist watch list data in consumer reports violates the Act. TransUnion, LLC (TransUnion) was forced to defend its practices for […]


And So Goes the Swiss-US Privacy Shield

The recent Schrems II judgement has prompted the Swiss data protection authority to invalidate the Privacy Shield mechanism for transferring personal data to the United States. Although Switzerland is not part of the EEA, it has adopted data protection legislation largely reflecting the EEA’s General Data Protection Regulation (GDPR). The Schrems II case highlighted two […]


Working from Home? Here are 12 Steps to Reduce Data Privacy and Security Risk

Risks, including pandemic-related phishing emails, increased pressure on network architecture, and user oversight, all are on the rise with the increase in businesses instituting widespread remote work policies and procedures. In order to mitigate the data privacy and security risks associated with remote work, 12 measures can be taken by employers when responding to COVID-19. […]


Data Privacy Act Sponsors Seek to Bring GDPR Requirements to Wisconsin

Modeled after the European General Data Protection Regulation (GDPR), the Wisconsin Data Privacy Act includes three bills that work together to regulate what data a company may collect on an individual, when the company may collect it, how the company may use it, to whom the company may give it, and how long the company […]


Addressing Cross-Border Transfers from the EU Following the Schrems II Ruling

Organizations need to determine how to properly transfer personal data outside of the European Economic Area (EEA) to non-adequate jurisdictions following invalidation of the EU-U.S. Privacy Shield framework. Following the Schrems II case, which led to the shut down of the framework, no noteworthy developments have taken place, but with Max Schrems and his privacy […]


How to Use CCPA Compliance to Strengthen Your Business

Although most companies view the California Consumer Privacy Act (CCPA) and the European Union’s General Data Protection Regulation (GDPR) as an inconvenience, employers should view CCPA compliance as a tool for strengthening risk management. Those who are beginning to roll out data privacy controls over third-party venues should also consider reviewing and implementing controls in […]


Your Company’s Privacy Policy – the Last Step, not the First

Most companies base their privacy policies on existing laws, such as the California Online Privacy Protection Act, the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA) and even Google Analytics, a third party that requires privacy disclosure. While this is a great starting place, companies should analyze their […]




SUBSCRIBE TO OUR NEWSLETTERS

the global background screener
the background buzz