Articles

11 new state privacy and security laws explained: Is…

lead centered=”no”
States from Maine to California have recently enacted privacy, data security, cybersecurity, and data breach notification laws. We break down what each of these laws entails.
/lead

While at the federal level security and privacy legislation are lost in a morass of partisan politics and corporate lobbying delays, states have been moving ahead to push through an impressive number of important bills that help fill in the gaps. A search of the Legiscan database reveals that hundreds of bills that address privacy, cybersecurity and data breaches are pending across the 50 states, territories and the District of Columbia.

The most comprehensive piece of state-level legislation across these often-intertwined categories that has been enacted over the past two years is the sweeping California Consumer Privacy Act (CCPA), enacted and signed into law on June 28, 2018. Inspired by the EU’s groundbreaking General Privacy Data Protection Regulation (GDPR), the legislation aims to give the state’s consumers greater control over how businesses collect and use their personal data.

This article appeared in CSO Online. To read the rest of the article please visit here.

Articles

Equifax’s data breach disaster: Will it change executive attitudes…

lead centered=”no”
Equifax’s 2017 breach will cost it billions in fines, customer restitution and mandated and voluntary security improvements. All organizations that profit from consumer data should take notice.
/lead

Equifax announced on Monday that it has agreed to a record-breaking settlement related to its massive 2017 data breach, which exposed the personal and financial records of more than 148 million people. The settlement requires the beleaguered credit ratings agency to spend at least $1.38 billion to resolve consumer claims against it. It creates a non-reversionary fund of $380.5 million to pay benefits to the class of consumers harmed by the breach, including cash compensation, credit monitoring, and help with identity restoration.

The settlement also requires Equifax to spend another $125 million for cash compensation and potentially much more if the number of class members who sign up for credit monitoring exceeds 7 million. The company will further pay $175 million in fines to settle state attorneys’ general investigations and $100 million to resolve probes by the Consumer Financial Protection Bureau and the Federal Trade Commission (FTC).

Finally, Equifax must also spend $1 billion over the next five years to improve its data security. That’s on top of the $1.25 billion in security and tech investments Equifax said it has made since the breach occurred.

This article appeared in CSO Online. To read the rest of the article please visit here.