Companies Prepare For Waves of Data Breach Lawsuits
Data breaches are inevitable. And no amount of security protocols can provide absolute assurance that consumer information is protected. With increasing threats of identity theft, who should be responsible for the majority of data breach risk, the consumer or the business? California lawmakers argue that the majority of that burden…
The Evolving Price of User Data to Businesses
Thanks to groundbreaking legislation like the CCPA and CPRA, opt-out requests and other privacy rights are starting to put a price tag on user data. Many businesses are aware of the consumer’s rights, but they do not know their own. Exercising these rights is a form of negotiation, and how…
The Real Value of Trust in The SaaS Industry
Cloud computing and SaaS are innovations that were bound to happen. Just like the internet and the steam engine. Yet, most Thanksgiving conversations about SaaS Vendors are met with vacant expressions. Despite its lack of sex appeal, corporate spending on cloud computing services has grown from 1 billion in 2009…
Five US states that define data breach to include access
With the increasing incidences of consumer data breaches, entreaties for stronger data privacy protections and regulations have grown stronger. As per the US federal government’s reluctance to salvage the situation, many of the 50 US state governments appear to have taken the bull by its horn. These states’ have, through…
Relation of intermediary liability to data breaches
How is intermediary liability related to data breaches? Intermediary liability refers to the legal culpability of internet intermediaries in respect of the illegitimate, illegal, or harmful activities carried out by their users. For such culpability to arise, such user(s) must have performed such illegitimate activity(ies) through the intermediary’s offered service….
Building a good data protection program for your Business (Part 2)
Taking On-site security measure: Soon after the risks to data are collated, the next line of action would be to take appropriate physical data protection and damage measures. That can be achieved by making use of commercial record centers to store confidential hard copy documents and files. Such facilities keep…
Building a good data protection program for your Business (Part 1)
As governments around the world each race to put together updated data protection and privacy regulation frameworks that secures the interests of their citizens, one thing is for sure – businesses have no choice but to comply. However, many businesses out there have developed cold feet, perhaps because the word…
Operationalizing data protection for business (Part 2)
Defining privacy policies and procedures: Amongst other things, most of today’s data privacy and protection laws and statutes require many businesses to update or create more privacy policies, in addition to the implementation of several privacy procedures. Data-centric businesses may thus have to, in operationalizing best data protection practices, create…
Operationalizing data protection for business (Part 1)
In today’s world, amongst humans, data shares a good-like characteristic: omnipresence. And as people become more conscious about how their data is dealt with, the need for concrete data protection and privacy frameworks that regulate corporate operations continue to grow. Nowadays, there is an irresistible need for operationalizing data protection…
What is considered personal Identifiable Information under privacy laws?
Under privacy laws, personal Identifiable Information (PII) refers to information capable of being solely used, or combined with others, to identify, locate, or contact an individual. The United States’ National Institute of Standards and Technology (NIST)’s Guide to Protecting the Confidentiality of Personally Identifiable Information defines PII as “information such…