Technology Law Source

Tag Archives: personal information

China’s draft measure on cross-border personal information transfer

On June 13, 2019, the Cyberspace Administration of China (CMA, 国家互联网信息办公室), an office that serves as China’s central internet regulator and censor, released the draft Measures for Security Assessment of Cross-border Transfer of Personal Information (the Measure, 个人信息出境安全评估办法) for public comment.

Following is a brief analysis on how this Measure, if adopted, could affect U.S. entities doing business in China or doing business with Chinese entities. …

Grandfather Provision of Massachusetts Data Security Requirements Expiring

This note is a reminder of the expiration of the grandfather provision under the Massachusetts Data Security Regulations, summarized here, which expires on March 1, 2012.   Any applicable third party service provider contract entered into prior to March 1, 2010 must incorporate the appropriate security measures for personal information as specified in the regulations.  Companies should take steps immediately to ensure that their contracts with third party service providers who maintain, receive, or access personal information of Massachusetts residents conform with the regulation’s requirements.…

IMPACT: Measuring the Loss of Brand and Business Reputation after a Data Breach

Brand and business reputation suffer following a data breach. A recently released survey puts some numbers to the losses and shows just how much that damage can be, with breach of customer data being the most costly. The study, independently conducted Ponemon Institute LLC and sponsored by Experian® Data Breach Resolution, is believed to be the first study to compare the impact of the loss of confidential customer or employee information and sensitive business information with loss of brand and business reputation.…

Will Facebook soon be privacy-friendly?

FTC Audit Agreement According to various news reports, Facebook and the FTC are about to enter into an agreement which will subject Facebook to privacy audits for the next 20 years. The agreement will apparently require Facebook to obtain prior express consent before making public any information to which the user had granted limited access only. The agreement is a direct response to complaints over the changes Facebook made to its privacy policy in 2009, when previously private information became accessible to the public and users had to take active steps in order to return to their accustomed privacy settings.…

LexBlog