Tag archives: Privacy
Notice of employer electronic monitoring
Posted in Privacy lawNT Analyzer: Does your app track users that opted-out of tracking?
Posted in NT Analyzer Blog Series
A transparency-focused privacy software company confirms that some apps are continuing to transmit data despite some users having opted-out of “tracking.” The study tested 10 popular apps and discovered that some continue to track even though those users have “ask[ed] app not to track” when presented with the ATT pop-up. Read Steve Roosa and Daniel … Continue reading
Apple iOS 15’s new privacy features that industries should know
Apple recently released the latest version of its iPhone operating system, iOS 15. While iOS 15 currently has only a 15% adoption rate, the new operating system brings a slew of new features that are privacy-specific and can impact businesses. Read more on the NT Analyzer blog.… Continue reading
What dogs can teach companies about privacy and security
Posted in Cybersecurity
You may not believe that dogs have much to do with privacy and security, but on September 20, 2021, New Jersey’s highest state court ruled that dog owners’ names and addresses were public and therefore not exempt from disclosure by a city dog licensing authority, but other information (such as dog breed and name) raised … Continue reading
US SEC announces three actions charging firms for cybersecurity deficiencies
Posted in Cybersecurity, EnforcementGoogle/Android announces privacy requirements
Posted in NT Analyzer Blog Series
Google announced that it will follow industry standards with respect to privacy obligations.… Continue reading
Navigating Virginia’s new privacy law
Posted in NT Analyzer Blog Series
Virginia recently enacted its own data protection/privacy law and like its European and Californian predecessors, the technical piece is key. Like the GDPR and CCPA, the Consumer Data Protection Act (“CDPA”), which goes into effect on January 1, 2023, broadly defines “personal data” as “any information that is linked or reasonably linkable to an identified … Continue reading
Virginia’s new Consumer Data Protection Act
Posted in Compliance and risk managementUS banking regulators propose a rule for 36-hour notice of breach
Posted in Data breach
On December 18, 2020, the US Department of the Treasury (Office of the Comptroller of the Currency), Federal Reserve and Federal Deposit Insurance Corporation (FDIC) jointly announced a 53-page proposed rule that would require banks to notify their regulators within 36 hours of a “computer-security incident” that rises to the level of a “notification incident.” … Continue reading
NT Analyzer Webinar: Solving Apple’s new app privacy requirement
Please join us for an NT Analyzer Webinar, Solving Apple’s new app privacy requirement. Head of NRF Digital Analytics and Technology Assessment Platform for the US Steven Roosa and Associate Dan Rosenzweig as they walk through the upcoming Apple requirements, and showcase the NT Analyzer Apple dashboard solution.… Continue reading
California Massachusetts and Michigan – 2020 ballot initiatives on privacy
Posted in CCPA
The US elections on November 3, 2020 included three states with privacy-related ballot initiatives: California, Massachusetts, and Michigan. Voters supported all three initiatives.… Continue reading
Germany’s Federal Supreme Court provisionally confirms Facebook’s use of personal data is alleged abuse of dominant market position
Posted in CybersecurityInterim proprietary injunction granted over bitcoin cyber extortion payment
Posted in Cybercrime
An interim proprietary injunction has been granted by the English High Court over a bitcoin ransom payment paid to a third-party wallet.… Continue reading
Turkish Data Protection Board announces extension of VERBİS registration deadline – once again
Posted in Regulatory responseMic Drop: California AG releases long-awaited CCPA Rulemaking
Posted in CCPA, Compliance and risk management
On October 10, 2019, with just weeks to go until the law goes into effect, the California Attorney General released the long-awaited draft regulations for the California Consumer Privacy Act (CCPA). The proposed rules shed light on how the California AG is interpreting and will be enforcing key sections of the CCPA. In the press … Continue reading
ICO joins other data protection authorities in issuing statement on Facebook’s cryptocurrency Libra project
Posted in Compliance and risk management
On 18 June 2019, Facebook announced plans to launch a new blockchain enabled cryptocurrency called Libra.… Continue reading
Turkey’s data protection legislation on data controller registry to impact data controllers outside of Turkey
Posted in Regulatory response
Obligations Turkey’s data protection legislation (TDPL) requires data controllers to notify the Turkish DPA of their processing activities. Unless exempt from the requirement, all data controllers (individuals and legal entities) who process personal data in Turkey must be registered with the Turkish DPA’s Register of Data Controllers Information System (VERBİS), prior to processing any personal … Continue reading
One-Month Countdown to Pass CCPA Amendments Begins
Posted in CCPA, Compliance and risk management, Enforcement
On August 12, the California legislature returns after its summer recess. Starting with the Senate Appropriations Committee Hearing today, the legislature will now have approximately a month to continue the markups and send California Consumer Privacy Act (CCPA) amendments to the Governor’s desk for signature before the September 13 deadline. As previously reported, any amendment … Continue reading
Cyber law firm of the year nomination
Posted in General
We are pleased to report that Norton Rose Fulbright has been shortlisted for cyber law firm of the year at the 2019 Insurance Insider Cyber Rankings Awards.… Continue reading
FTC to levy unprecedented $US5bn fine against Facebook
Posted in Data breach, Regulatory responseThe Wall Street Journal reported that Federal Trade Commission and Facebook reached a settlement to resolve Facebook’s privacy issues.… Continue reading
New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR
Posted in Data breach, Enforcement
Following the now famous €50m fine imposed on Google LLC in January 2019,[1] the French Data Protection Authority (the CNIL) published a decision taken on 28 May 2019[2] imposing a fine of €400,000 on SERGIC, a company specialised in real estate development, purchase, sale, rental and property management.… Continue reading
NT Analyzer Blog Series: Why So Many Cookie Policies Are Broken, Part I – HTML5 LocalStorage
Cookies Are One Piece of a Larger Puzzle There has been an odd preoccupation with cookies for some time now—to the exclusion of other forms of browser tracking, some of which are much more flexible and more robust in their data collection capabilities than cookies. Despite this fact, these other, non-cookie tracking technologies are often … Continue reading
ICO’s draft Age Appropriate Design Code could seriously impact processing of under 18’s personal data
Posted in Regulatory responseOn 15 April 2019, the ICO opened a public consultation on a draft code of practice titled Age Appropriate Design (the “Code”). The Code will remain open for public consultation until 31 May 2019. The consultation document is described as a “code of practice for online services likely to be accessed by children.” However, its … Continue reading
