Data Breach

Since at least fall of 2017, the Department of Education (“ED”) has expected institutions of higher education to report data breaches directly to the department on the same day a breach is discovered – or...

Read More →

Nearly three years after adding a mandatory data breach notification provision to its federal privacy law, Canada has taken steps that will effectuate the dormant requirement. The Governor General in Council, on the recommendation of...

Read More →

Alabama became the 50th and final state to enact data breach notification legislation when Governor Kay Ivey signed into law the Alabama Data Breach Notification Act of 2018. Alabama’s law comes on the heels of...

Read More →

This post has been updated to reflect that the WP29 has since released updated guidance. In our recent blog post on the Article 29 Working Party’s draft guidance on the GDPR’s breach notification requirements, we...

Read More →

This post has been updated to reflect that the WP29 has since released updated guidance. Most companies handling personal data of EU residents know that the General Data Protection Regulation (“GDPR”) will impose mandatory data...

Read More →

S3 Buckets: Not so Simple?

September 5, 2017 | 0 Comments

Uber has agreed to settle a complaint stemming from allegations that the ride-hailing company made deceptive claims concerning its data security practices following a 2014 data breach. The data breach in question affected an Amazon...

Read More →