U.S. Congressional Research Service published a report on the EU-U.S. Data Privacy Framework and its supporting U.S. executive order. Notably, the report suggests how U.S. Congress could consider legislation to extend safeguards for EU citizens' data in the event the executive order is revoked by a future president.
The U.S. Department of Commerce appointed 16 members to the new Internet of Things Advisory Board, according to the U.S. National Institute of Standards and Technology, which will provide administrative support. The board will advise the Internet of Things Federal Working Group in areas including federal regulations, programs or policies involving IoT, IoT-related challenges and opportunities for small businesses and internationally.
Peru’s National Authority for the Protection of Personal Data of the Ministry of Justice and Human Rights approved a document allowing for the transfer of personal data internationally in keeping with global standards.
Compromise text circulated by the Czech Presidency of the Council of the European Union clarifies areas of scope, data-sharing and public access within the Data Act. The text will be discussed Oct. 27 by the Telecom Working Party. Within the text, nonmedical wearable technologies are covered by the regulation, excluding products that display content and process and store data, including smart TVs, personal computers and smartphones.
A U.S. federal appellate court judge upheld a previous ruling that advertising technology company NaviStone’s tracking tools violated a Pennsylvania state wiretapping law, MediaPost reports. The ruling now clears way for a Pennsylvania resident’s lawsuit against NaviStone and a retailer for using “technology that allegedly enables online retailers to arrange to send postal mail to ‘anonymous’ web users after they visit a website.” With the ruling, the case is now remanded to the U.S.
U.S. lawmakers are split on how to implement a digital currency, with Republicans seeking to ensure citizens’ privacy and Democrats concerned with cybersecurity, Roll Call reports. However, members of both parties agree the U.S. Federal Reserve must be granted legislative authority to begin issuing a digital dollar, even though there is not yet a concrete proposal to do so. Democrats have said any legislation enabling the creation of a U.S.
A resolution issued by Canadian data protection authorities notes that while a digital identity ecosystem offers many benefits, it must be developed and implemented with privacy, security, transparency and accountability. The resolution, issued Oct. 24, provides elements to include in the design and operation of a digital identity ecosystem.
The ever-evolving nature of online advertising often leaves children most vulnerable to their messages, whether knowingly or unknowingly. However, in the digital advertising world, children today are even more susceptible to ads that obfuscate the differences between commercials and entertainment, brought in part by so-called influencer culture. To discuss the future of online advertising to children, staff with the U.S.
National Cyber Security Coordinator of India Rajesh Pant said the revised Data Protection Bill will be tabled by Indian Parliament during the budget session starting February 2023, Fortune India reports. Pant called the draft bill "very critical" and said Parliament will consider the proposal "early next year" following public consultation.
New York’s Department of Financial Services reached a $4.5 million settlement with EyeMed Vision Care over Cybersecurity Regulation violations that led to a July 2020 breach. The DFS found EyeMed’s failure to conduct adequate risk assessments, implement multifactor authentication, and limit user access privileges enabled a threat actor to access its email mailbox containing more than six years of consumers’ sensitive and personal health data. Under the settlement, EyeMed will conduct a cybersecurity risk assessment and develop a plan to address identified risks.