Topic: Data breach

Subscribe to Data breach RSS feed

Dutch Data Protection Authority publishes consultation version of guidelines on breach notice law

Data Protection Report - Norton Rose FulbrightOn the heels of the enactment of the Dutch breach notice law, the Dutch Data Protection Authority (CBP) published a consultation document with draft guidelines on the breach notice obligation of data controllers in the Netherlands. Under the law, data controllers are required to provide notice of data breaches to the CBP and, under certain circumstances, to … Continue reading

The Security, Privacy and Legal Implications of the Internet of Things (“IoT”) Part one – The Context and Use of IoT

Data Protection Report - Norton Rose FulbrightDisrupted, yet again. The world is fast preparing for the invasion of objects connected to the Internet, otherwise known as the Internet of Things (“IoT”). IoT is here, and it will revolutionize how both individuals and corporations interact with the world.  In this multi-part series we will explore this quickly evolving revolution and the privacy … Continue reading

The “EMV Liability Shift” Is Coming (What Merchants Need to Know)

Data Protection Report - Norton Rose FulbrightCurrently, almost half of the world’s credit card fraud happens in the U.S where magnetic stripe technology is the standard. Outside the U.S., an estimated 40% of the world’s cards and 70% of the terminals already use the EMV technology. These countries are reporting significantly lower counterfeit fraud levels with EMV cards than with the … Continue reading

NLRB asserts employers must bargain with unions on breach response

Data Protection Report - Norton Rose FulbrightThe U.S. National Labor Relations Board (NLRB) recently filed complaints against the United States Postal Service (USPS), alleging that the USPS violated the National Labor Relations Act (NLRA) by failing to collectively bargain with its employees’ union regarding the postal service’s response to a 2014 data breach that reportedly affected over 800,000 current and former … Continue reading

Anthem breach poses significant cybersecurity risks for Anthem’s customers; may trigger legal obligations

Data Protection Report - Norton Rose FulbrightOrganizations whose employees are insured by Anthem or whose self-insured health plans are administered by Anthem should consider steps to mitigate the cybersecurity and legal risk arising from the breach recently reported by Anthem. The hackers who perpetrated the Anthem breach are likely to use the personal information they took for further cyberattacks against affected … Continue reading

National breach law proposal — focus of Congressional hearing

Data Protection Report - Norton Rose FulbrightPicking up on President Obama’s challenge to enact a national breach law, U.S. Sen. Jerry Moran (R-Kan.) will hold a hearing, headlined “Getting it Right on Data Breach and Notification Legislation in the 114th Congress,” convene the Subcommittee on Consumer Protection, Product Safety, Insurance, and Data Security on Thursday, February 5, 2015, at 10:00 a.m. … Continue reading

Cybersecurity incident notification bill introduced in the Netherlands

Data Protection Report - Norton Rose FulbrightOn January 22, 2015, the Netherlands proposed legislation introducing breach notification requirements for critical infrastructure industries, including utilities (electricity, gas and drinking water), telecom, financial services, government (surface-water management bodies) and transport (main ports Rotterdam and Schiphol airport). The proposed law would require notification in the event of a breach of security or loss of … Continue reading

Just what the doctor ordered: President outlines national breach law proposal

Data Protection Report - Norton Rose FulbrightLeading up to the President’s State of the Union, the White House previewed several potentially sweeping cybersecurity initiatives—including a proposed federal law that would create a single national breach notification standard, entitled the Personal Data Notification & Protection Act (the “Act”). The President argued that the proposed law will benefit consumers and alleviate the confusion … Continue reading

Cybersecurity to be named a top priority for the US in the state of the union address

Data Protection Report - Norton Rose FulbrightMedia outlets previewing the President’s upcoming State of the Union Address (to be delivered on Tuesday, January 20 at 9 pm ET) have reported that the President will name cybersecurity as one of the top issues that businesses and the government must tackle in 2015. The President has characterized cyberattacks and cyber warfare as a “direct threat” to … Continue reading

Sharing Cyber Threat Information: A Legal Perspective (ISSA Journal Article)

Data Protection Report - Norton Rose FulbrightThe ISSA Journal recently included an article, Sharing Cyber Threat Information: A Legal Perspective, authored by Utsav Mathur and I (David Navetta) concerning potential legal risks associated with intra-industry sharing of cyber-threat information. The article summarizes recent efforts by the US government to encourage more information sharing concerning cyber threats and data-security incidents within industries. Recent Department of Justice and Federal Trade Commission … Continue reading

National Retail Federation urges Congress to pass a law on consumer data protection

Data Protection Report - Norton Rose FulbrightJust two days after the 2014 midterm elections, a coalition of 44 retail and merchant organizations delivered a letter to U.S. Senate and House leaders, urging the passage of “a single federal law applying to all breached entities.”  Those national and state organizations include the National Retail Federation, the world’s largest retail trade association. Their … Continue reading
LexBlog