Vischer Partner David Rosenthal wrote about how to secure data in the cloud to prevent unlawful intrusion by U.S. entities in light of changing data security policies and geopolitics. He expanded a standard method to assess the risk of foreign interference, which is available through an open-source Excel spreadsheet.Full story
U.S. officials are using TeleMessage software to archive conversations on the Signal app, raising concerns that sensitive national security messages could be vulnerable, The Washington Post reports. U.S. Sen.
The European Data Protection Board adopted opinions on EU adequacy measures during its most recent plenary meeting. One opinion supported the approval of the European Commission's proposed six-month extension of the U.K.'s adequacy with the EU General Data Protection Regulation and the Law Enforcement Directive.
The California Privacy Protection Agency ordered a USD345,178 fine and corrective measures to clothing retailer Todd Snyder over California Consumer Privacy Act claims. The agency alleged a technical flaw did not allow proper transmission of opt-out preferences while the retailer allegedly required identity verification to complete opt-outs.
Texas Attorney General Ken Paxton announced 30-day compliance notices were issued to several Chinese-based companies in regard to alleged Texas Data Privacy and Security Act violations. Alibaba, CapCut and TP-Link were among the companies to receive general noncompliance warnings.
The European Data Protection Supervisor denied a 2024 request by the European Investment Bank to transfer personal data to India and several non-EU countries due to the lack of adequate data protections, Moneycontrol reports, citing the EDPS' 2024 annual report. The EDPS stated India does not yet ensure an "essentially equivalent level of data protection" to the EU General Data Protection Regulation.
In an op-ed for Infosecurity Magazine, BBB National Programs Vice President for Global Privacy Initiatives and Operations Divya Sridhar writes recent actions taken by the White House have added a layer of uncertainty to U.S. firms' ability to adhere to the EU-U.S. Data Privacy Framework.
France's data protection authority, the Commission Nationale de l'Informatique et des Libertés, issued guidance for retailers using augmented camera systems at self-checkout to protect individuals' rights.
South Korea's Personal Information Protection Commission published a guide to inform individuals of their rights when requesting the transmission of their personal data. The guidance is geared toward helping individuals using the MyData system, which is being expanded to all sectors in the economy.
The U.S. Customs and Border Protection is seeking a facial recognition tool that can be used to verify individuals' identity when coming into the U.S., Wired reports. The CPB said in its request for information it is aiming to use a tool that would be able to "augment the passenger images" and "capture 100% of vehicle passengers."Full story