Tag:GDPR

1
Insufficiency meets Punishment: Polish DPA issues largest fine for Insufficient Security and Organisational Measures
2
Sorry Sir, Our Data Breach Response Plan is Out of Stock
3
Eureka! California Just Adopted a Strong Consumer Privacy Law
4
Data breach penalties could cost U.K. companies £122B in 2018
5
European Union – General Data Protection Regulation (GDPR)

Insufficiency meets Punishment: Polish DPA issues largest fine for Insufficient Security and Organisational Measures

Oct 29 2019
Browse archives for October 29, 2019
Posted in

Breaches, Litigation of Data Breaches, Managing Threats & Attacks, Privacy, Data Protection & Information Management

Tagged with , , , , , , , , , ,
Share

By Cameron Abbott and Max Evans

Further to the Facebook and Tesco scandals, and the apparent statistic increase of enforcement fines issued, the Polish Data Protection Authority has issued a landmark fine of €645,000 against online retail company morele.net for insufficient security and organisational measures violating data confidentiality and integrity principles prescribed in the EU’s General Data Protection Regulation.

Read More

Sorry Sir, Our Data Breach Response Plan is Out of Stock

Aug 12 2019
Browse archives for August 12, 2019
Posted in

Breaches, Managing Threats & Attacks

Tagged with , , , , , , , , , , , , ,
Share

By Cameron Abbott, Michelle Aggromito and Max Evans

We are living in an era of online shopping, where consumers are more willing to hand over personal information for goods and services, and are less suspicious of whom they are divulging their personal information to. As a result, online businesses are in possession of a vast amount of their customers’ personal information. The recent hack of Sneaker Platform Stock-X reminds us yet again of the importance of businesses maintaining comprehensive and up to date security processes, and in particular, the necessity of having an adequate data breach response plan in place.

Stock-X, a platform for the re-sale of sneakers and apparel, was recently hacked, exposing over six million users’ personal data, including their real name, username, password, shoe size and trading currency. According to a Report by TechCrunch, Stock-X’s initial response was to reset customer passwords, stating that it was due to system updates. A spokesperson for Stock-X later disclosed to TechCruch that Stock-X was alerted to “suspicious activity”. TechCrunch reports; however, an unnamed data breach seller had contacted it claiming more than 6.8 million records were stolen from Stock-X in May, and that the records had been put up for sale and sold on the dark web for $300.

Read More

Eureka! California Just Adopted a Strong Consumer Privacy Law

Jul 16 2018
Browse archives for July 16, 2018
Posted in

Government Regulation, Legislation & Enforcement, Privacy, Data Protection & Information Management

Tagged with , ,
Share

By Susan P Altman

While the rest of us were still recovering from the May 25 effective date of the EU’s General Data Protection Regulation (GDPR), California, the most populous and largest economy of any of the United States, confidently adopted a broad consumer privacy law. The California Consumer Privacy Act of 2018 (CCPA) was enacted June 28 and becomes operative on January 1, 2020. Unlike existing industry-specific U.S. privacy laws, the CCPA has a broad overall scope, more like the GDPR. It ensures California residents the right to know what information about them is being collected and sold or disclosed, to reject the sale of their personal information, to access the information, and to receive equal service and price, even if they exercise their privacy rights.

Read More

Data breach penalties could cost U.K. companies £122B in 2018

Oct 18 2016
Browse archives for October 18, 2016
Posted in

Breaches, Government Regulation, Legislation & Enforcement, Legal & Regulatory Risk, Managing Threats & Attacks, Privacy, Data Protection & Information Management

Tagged with , , , , , , , , ,
Share

By Cameron Abbott and Rebecca Murray

U.K. businesses could face up to £122 billion in penalties for data breaches when EU legislation comes into effect in 2018, according the Payment Card Industry Security Standards Council (PCI SSC). The EU’s General Data Protection Regulation (GDPR) will introduce fines for groups of companies of to €20 million or 4% of annual worldwide turnover, significantly higher than the current maximum of £500,000. This means that if data breaches remain at 2015 levels, the fines paid to the European regulator could see a near 90-fold increase, from £1.4 billion in 2015 to £122 billion, the PCI SSC calculated. For large U.K. organisations, this could see regulatory fines for data breaches soar to £70 billion, more than a 130-fold increase, rising to an average of £11 million per organisation. Regulatory fines for SMEs could see a 57-fold increase, rising to £52 billion, averaging £13,000 per SME. Read more at ComputerWeekly.com by clicking here.

 

European Union – General Data Protection Regulation (GDPR)

Jan 01 2015
Browse archives for January 01, 2015
Posted in

Government Regulation, Legislation & Enforcement

Tagged with , , ,
Share

by Jim Bulling and Julia Baldi

The European Union has indicated an intention to finalise the General Data Protection Regulation (GDPR) before the end of 2015. This has the potential to effect Australian companies operating or storing data in Europe.

See the EU press release here.

Copyright © 2024, K&L Gates LLP. All Rights Reserved.