A German Court has ordered pain and suffering damages as a result of a data breach, the first decision of its kind in Europe.
According to the judgment, Scalable Capital has to pay the plaintiff, represented by consumer organization EuGD Europäische Gesellschaft für Datenschutz mbH, € 2,500 in damages for non-material damage because he was
In Connecticut, if you adopt and maintain and comply with written cybersecurity program that contains administrative, technical and physical safeguards for the protection of personal or restricted information and that conforms to an industry recognized cybersecurity framework then you will not be subject to punitive damages in court against any cause of action founded in
The Office of the Privacy Commissioner for Bermuda has issued a helpful guide on the various types of harm that could be caused by a data breach.
The office also referred to the Future of Privacy Forum research on potential harms.
Read more here:
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint security advisory aimed at reminding businesses to be on guard over the Labor Day and other holiday weekends against cyberattacks.
History has shown threat actors often ramp up ransomware and other attacks over holidays when businesses let down their guard.
Nate
“The Illinois General Assembly has evaluated numerous proposals similar to the CCPA. Illinoisans want to know that their personal information is protected, and they have a right to know who is collecting their data, for what purpose, and within reason, a right to request that data to be deleted if it is not needed. I
“If the cedar trees have caught on fire,” says an old Hebrew adage, “what shall the shrubs on the wall say?”
Denmark data protection authority Datatilsynet suffered a data breach when its own documents, which should have been shredded, were disposed of in the normal wastepaper bin. The agency notified itself of the breach per
On November 1st of last year, businesses became subject to new mandatory breach reporting regulations under Canada’s federal private sector privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA).
Since November 1st, 2018, the Canadian government received 680 breach reports. That is six times the volume received during the same period one year
The Irish Data Protection Commission has issued guidance on data breach notification under GDPR.
Key takeaways:
A personal data breach is a security incident that negatively impacts the confidentiality, integrity, or availability of personal data, with the consequence that the controller is unable to ensure compliance with the principles for processing personal data as outlined
California has amended its data breach notification law to include biometric and other identifiers.
The bill (AB 1130), signed by Gov. Gavin Newsom on October 11, revises the definition of personal information for purposes of data breach notification requirements to add specified unique biometric data and tax identification numbers, passport numbers, military identification numbers, and
“Learning from recent breaches and the need for a greater understanding of privacy in the enterprise, it’s time for companies to take a new, proactive approach to data management. Making data privacy decisions in a silo is no longer enough. Organizations must now implement robust data privacy practices that also involve their board members on