Website analytics are a key part of understanding whether a website “works,” and how to improve it; they arose almost at the same time that companies began using websites to transact business. For the most part, and for a long time, website analytics were seen as benign – a way to track information without trampling on an individual’s privacy rights.
Cybersecurity Lawyer Forum
Blog Authors
Latest from Cybersecurity Lawyer Forum
The CPPA Speaks Again – Five Takeaways
On Monday, October 17, 2022, the California Privacy Protection Agency Board issued revised regulations to the California Consumer Privacy Act of 2018 (as amended by the California Privacy Rights Act of 2020). The revised regulations propose dozens of changes that were intended to address business concerns that some of the requirements were confusing and costly to implement.
While the proposed…
California Consumer Privacy Act and Employee Personal Information
In 2018, the California Legislature adopted the California Consumer Privacy Act (CCPA) and became the first state to enact a comprehensive law designed to protect the privacy of consumers’ personal information. Businesses that are subject to the CCPA are required, among other things, to respond to consumers who wish to view the personal information collected by the business, delete personal…
Privacy Policies – Some Simple Lessons
Online privacy policies are ubiquitous. Sometimes they are mandated by law – that’s been the case in California for years – and a variety of other states and federal agencies (like the Securities and Exchange Commission) require them as well. As a practical matter, almost every firm that has an online presence has a privacy policy. But it’s not enough…
Facing the Knowledge Gap
Addressing privacy compliance and cybersecurity is becoming more and more challenging for companies. At least 26 states are considering various kinds of data privacy laws. At the same time the rate, depth, and impact of ransomware, wiperware and data breaches has become more intense and more expensive, and there is no indication that the trend will end soon.
Complying with…
The New Privacy Laws – What You Need to Do Now – Data Minimization
A New Year, A New Challenge
The last two years were busy ones for privacy advocates. In 2020, California voters passed the California Privacy Rights Act (CCPA), a major revision of the California Consumer Privacy Act of 2018; Virginia adopted the Consumer Data Protection Act; and Colorado approved the Colorado Privacy Act. Each of these laws will have an impact…
The Supply Chain Risk Conundrum: Rethinking the Network and Its Risks
Current information security and risk mitigation approaches are ineffective, and this failure is nowhere more apparent than in critical supply chains – defense, energy, health services, and other key industries. The source of much of the persistent failure to secure supply chains and the success of hackers compromising these vital arteries of commerce is that most organizations do not recognize all of…
Security Challenges – Three Thoughts for the New Year
2021 was a challenging year in cybersecurity, and there’s no reason to believe that this will end. As we approach 2022, all businesses large and small need to address some basic issues that impact the security of their systems. and their customers?
- Vendors. No company stands alone – they depend on a multitude of vendors and third parties to operate.
…
One Big Thing – Data Minimization
The Challenge
Complying with the ever-increasing number of privacy laws is a daunting task. In addition to comprehensive state laws, like California’s Consumer Privacy Act (CCPA), Virginia’s Consumer Data Protection Act and the Colorado Privacy Act, there are a multitude of targeted laws on the federal and state level. Other laws to consider include the EU’s General Data Protection Regulation…
Cybersecurity Guide for Hospitality Industry Now Available through NIST
Bob Braun was recently quoted in an article distributed by the National Institute of Standards and Technology (NIST), evaluating the organization’s recent publication of a three-part guide to securing guest and credit card data at hotels. “This publication analyzes and addresses the challenges common to almost all hotels in creating secure data systems,” he said. “Hotels would be well-advised to…