The US financial sector was visited by a wave of new regulatory rules during November.
At the beginning of the month, the FTC updated its Safeguard Rule to include more specific criteria for which safeguards must be implemented by financial institutions as part of their information security program. Those safeguards include limiting access authorizations to consumer information, using encryption to ...
The Israeli Government appointed Adv. Gilad Samama as the new head of the Privacy Protection Authority (PPA), ending a three-year period during which the role was vacant. Adv. Samma served in several professional and administrative positions in the Israeli Ministry of Justice. He was also a member of the “Tikva Hadasha” party, which is led by the current Minister of ...
Following the Irish privacy regulator’s August 2021 decision to fine WhatsApp EUR 255,000,000 for violation of the transparency obligation under GDPR, the messaging app changed its privacy policy. The amended policy now provides users with further information about the collection, storage and usage of their personal data and about WhatsApp’s third-party service providers.
Although WhatsApp has changed its privacy policy, ...
The Cyberspace Administration of China (CAC) published for public comments, new draft guidelines for the cross-border transfer of data. The draft guidelines impose a comprehensive security review obligation on companies who: (1) process personal data of over a million data subjects; (2) process personal data collected or generated by the operators of “critical information infrastructure”; (3) transfer important data; or ...
The European Data Protection Board (EDPB) adopted Guidelines 10/2020 on restrictions under Article 23 of the EU General Data Protection Regulation. Article 23 permits the EU Member States to impose restrictions on data subject rights, as long as they maintain the essence of the fundamental rights and freedoms of individuals and are necessary and proportionate.
According to the guidelines, the ...
The European Data Protection Board (EDPB) published draft guidelines on the interplay between Article 3, which sets out the territorial scope of the GDPR, and Chapter V, which regulates the transfer of data outside the EU. The draft guidelines clarify when the processing of data will be considered “transfer of personal data to a third country or to an international ...
Meta, Facebook’s mother company, announced two major changes to its policies, both intended to enhance users’ privacy.
The first change is the discontinuation of use of facial recognition technology on Facebook. Facial recognition enabled the operation of two main features: automatic tagging suggestions of people in photos and videos, and image descriptions for the blind and visually impaired (also known as ...
According to government documents disclosed this month, the South Korean Ministry of Justice (MOJ) has shared with companies engaging in artificial intelligence approximately 170 million facial images of local and foreign travelers in the Incheon International Airport in Seoul, without obtaining their consent. The biometric data that the MOJ shared was intended to assist the AI companies in developing a ...
New user? Click here to register