Electronic Data Security

2019 presents businesses with new cybersecurity and privacy challenges: rapid advances in technology, sophisticated new cyberattacks and stricter privacy regulations here and around the world, just to name a few. Businesses that fail to plan risk significant financial and reputational damage.

Those at the front of the fight, but out of the headlines will:

  • Afford

Keep your passwords close…and complex, and encrypted and unique, and ever-changing.

In the wake of recent data breaches involving passwords, the French data protection authority, the CNIL, has published guidelines for adequate passwords.

Some highlights include:

  • If you use a password as your sole method of authentication, it needs to be at least 12 characters

According to Rochelle Osei-Tutu, an International Trade Specialist at the U.S. Department of Commerce, over 4,000 companies have already registered for EU-US Privacy Shield and 2,600 for the Swiss-US Shield. Of them, 1,300 cover cross-border flows of HR data. Eighty percent of registered companies are small and medium-sized businesses, but many Fortune 500 companies are

Acting Federal Trade Commission (FTC) Chairman Maureen K. Ohlhausen made it clear that she expects the FTC’s enforcement role in protecting privacy and security to encompass automated and connected vehicles. In her opening remarks at a June 28, 2017 workshop hosted by the FTC and National Highway Traffic Safety Administration (NHTSA), she said the FTC

The French data protection authority (CNIL) is placing Facebook’s EU-U.S. data transfer practices under new scrutiny over its use of the defunct Safe Harbor framework.

The agency issued a two-part order Feb. 8 requiring the social media company to stop using Safe Harbor to transfer data to the United States. Safe Harbor was nullified in

Businesses that relied previously on the EU’s Safe Harbor exception to transfer data from Israel to the United States have had that authorization revoked by the Israeli Law, Information and Technology Authority (ILITA).

It’s part of the ongoing ripple effect caused by the invalidation of Safe Harbor.

Now that Safe Harbor is off the table,

On July 20, 2015, in Remijas v. Neiman Marcus Group, LLC, No. 14-3122 (7th Cir. 2015), the Seventh Circuit held that the United States District Court for the Northern District of Illinois wrongfully dismissed a class action suit brought against Neiman Marcus after hackers stole their customers’ data and debit card information.  The District

Online retailers will need to take proactive measures in 2015 to prevent customers’ personal data from being compromised, according to Symantec’s 2015 Internet Security Threat Report.

The report from the U.S. internet security firm breaks down the threats and vulnerabilities of the past year, and offers a preview of the cyber threats that the coming

The Security and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) recently released an initial summary of its findings from its 2014 OCIE Cybersecurity Initiative.  The OCIE examined 57 registered broker-dealers and 49 registered investment advisers to better understand how broker-dealers and advisers address the legal, regulatory, and compliance issues associated with cybersecurity.

Officials from both the Federal Trade Commission (FTC) and European Union (EU) recently called for enhancements to the Obama administration’s proposed Consumer Privacy Bill of Rights.

The White House’s proposed Consumer Privacy Bill of Rights seeks to provide “a baseline of clear protections for consumers and greater certainty for companies.”  The guiding principles of