General Privacy & Data Security News & Developments

A U.S. online privacy bill is not likely to come before Congress this year, three sources told Reuters.

Lawmakers disagree over issues like whether the bill should preempt state rules. While the sources, who are involved in the negotiations, still think it is possible at least one discussion draft of the bill could land before

Ecuador is considering a GDPR – like privacy law.

“A massive data breach in Ecuador has sparked a new push to pass data protection legislation that would mirror the European Union’s privacy regime. The National Assembly is debating a bill that allows citizens to access, correct, eliminate and oppose the use of their personal data

Consent is not needed for the transfer of personal data from Canada to other countries, says the Canadian Office of the Privacy Commissioner.

Following a consultation on transfers of personal information for processing, the Office of the Privacy Commissioner of Canada (OPC) has concluded that its guidelines for processing personal data across borders will remain

“Contrary to traditional notions, collecting and keeping too much data is actually counterproductive for businesses in this new realm where consumers are becoming more privacy conscious. Furthermore, processing sensitive data without fully recognizing the obligations attached to it can also lead to negative consequences.”

Design considerations for building privacy-protecting analytics services:
  • Know when not to

“Learning from recent breaches and the need for a greater understanding of privacy in the enterprise, it’s time for companies to take a new, proactive approach to data management. Making data privacy decisions in a silo is no longer enough. Organizations must now implement robust data privacy practices that also involve their board members on

“Web feature developers are being warned to step up attention to privacy and security as they design contributions.

Writing in a blog post about “evolving threats” to Internet users’ privacy and security, the W3C standards body’s technical architecture group (TAG) and Privacy Interest Group (PING) set out a series of revisions to the W3C’s Security

“The chief executive officers (CEOs) of 51 tech companies have signed and sent an open letter to Congressional leaders today, asking for a federal law on user data privacy to supersede the rising number of privacy laws that are cropping up at the state level.”

“The 51 CEOs would like one law that governs all

The FTC is stepping up privacy enforcement – reports Bloomberg Law‘s Sara Merken.

“The Federal Trade Commission is issuing specific data security requirements to companies as part of agency settlements, policing businesses more aggressively than before, attorneys and former staff said.”

“Mandates in related consent orders, such as directing senior officers to provide

Ireland’s privacy regulator is weighing potential probes into how some online companies handle children’s data.

The Irish privacy office is “scoping” children’s privacy enforcement actions

“There will absolutely have to be changes and will be changes in terms of how” online companies handle children’s data… It’s a “big area of importance” for the commission –