FTC files complaint against Global Tel Link for neglecting cybersecurity and delaying breach notification The U.S. Federal Trade Commission (FTC) announced that it has filed a complaint against prison communications provider Global Tel Link for ineffective cybersecurity measures and failing to notify consumers after a data breach. Global Tel Link, which provide telephonic and [...]
On 10 November, Singapore's Personal Data Protection Commission (PDPC) published details of financial penalties it had imposed on two companies, Tokyo Century Leasing and Ascentis, both of which were fined for their alleged failure to apply reasonable security arrangements to safeguard personal data. Tokyo Century Leasing was fined SGD 82,000 (approx. GBP 48,540) after [...]
The Reserve Bank of India (RBI) has introduced comprehensive master directions for information technology governance, risk management, and assurance practices in banks and Non-Banking Financial Companies (NBFCs). The Information Technology Governance, Risk, Controls and Assurance Practice Directions ("Directions"), effective from April 1, 2024, will enforce procedures around data migration, remote access to companies' application [...]
The expansion of the internet and the rapid rise of digitisation means retailers have access to customers in more markets than ever. But operating in multiple countries and collecting large volumes of data means understanding data protection laws worldwide is essential. Online retailers must ensure they can comply with new and evolving regulations as [...]
French Data Protection Authority (CNIL) fines GROUPE CANAL+ €600,000 On October 12, 2023, the French Data Protection Authority (known as “the CNIL”) imposed a fine of €600,000 on French media company GROUPE CANAL+ for violating various data protection and privacy obligations. The fine resulted from multiple complaints received by CNIL about difficulties individuals faced [...]
The California governor has signed Bill 362, also known as the Delete Act, enabling residents to request the removal of their personal information from all data brokers operating in the state. The Delete Act aims to provide consumers with greater control over their personal information that is collected and sold by data brokers. The [...]
The rise of “precision medicine”, the personalization of medical treatments based on large volumes of health data, has led to the increased use of automation. Advancements in data analytics and automated decision-making (ADM) technologies, which analyse vast genomic datasets to pinpoint personalised treatment strategies, have been game changers in the clinical trials space. Courts [...]
Here is a roundup of some of the recent regulatory updates in the data protection and privacy space around the world. Canada On September 22, 2023, the second set of amendments to Quebec’s privacy law (under “Bill 64” or “Law 25”) came into effect. The amendment aims to modernise Quebec’s long-standing privacy law in [...]
Business Email Compromise (BEC) is a type of cyber crime that involves misusing or impersonating a corporate email address to manipulate a company’s employees or contractors. The goal of BEC is normally to trick an employee into transferring funds or sharing sensitive information. BEC attacks are often sophisticated, and exploit email communication systems to [...]
In a move that underscores Turkey's commitment to supporting economic growth and enterprise development, the country’s Personal Data Protection Board (‘the Board’) recently made a substantial revision to their Data Protection Regulations (‘the Regulation’). The Board announced their decision on 6 July 2023, and presented a significant increase in the monetary threshold for exemption [...]
HewardMills Ltd is a company registered in England and Wales | Registered office: 77 Farringdon Road, London EC1M 3JU | Registration number: 11211970 | All rights reserved | © Copyright 2020 – 2024 | Privacy notice
