Posts Tagged ‘privacy’
GM, OnStar Settle Privacy Issues
Who’s looking for some consumer privacy news? Because General Motors just agreed to an overhaul of how it collects and uses driver geo-location data, in a settlement that has almost all the hallmarks of a traditional privacy enforcement action. (Minus any monetary penalties, of course; this is still the Trump 2.0 era we’re talking about.)…
Read MoreTips for Successful Compliance Audits
Compliance audits are part of life for corporate compliance professionals: planning the audit, making sure it stays on schedule, working well with business units undergoing the audit to be sure nothing goes haywire. Last week I had the good fortune to moderate a webinar on compliance audits and took lots of notes. Let’s review. First,…
Read MoreThe ‘Dual Crisis’ of AI-Driven Fraud Today
More glum news from the anti-fraud world: A new report says financial firms are getting hammered by rising levels of AI-enhanced fraud — but at the same time, consumers are embracing online privacy technologies that make anti-fraud efforts more difficult because firms can’t easily verify an online user’s identity. So says Fingerprint, which on Tuesday…
Read MoreCalifornia Nails Tractor Supply on Privacy
Tractor Supply Co. has agreed to pay $1.35 million to settle charges with California regulators that the company violated the state’s tough data privacy law — the largest privacy fine in state history, and the state’s first enforcement action that extends to privacy rights for job applicants. Let’s take a look. The California Privacy Protection…
Read MoreMarriott Settles Huge Privacy Case
Marriott International has reached a settlement with state and federal regulators over repeated privacy breaches the hotel chain suffered in the 2010s, where Marriott will pay $52 million states across the country and implement a raft of cybersecurity improvements under the watchful eye of the Federal Trade Commission. The FTC and state attorneys general announced…
Read MoreReport Spotlights Privacy Access Requests
A study of consumers’ data privacy habits suggests that people are growing more possessive of their privacy rights, which in turn is driving up the compliance costs for businesses trying to meet those privacy demands. So says a report released Wednesday by DataGrail, a software firm that helps companies automate their privacy compliance processes. The…
Read MoreFresh Stats on Cyber & Privacy Risks
We have a fascinating new snapshot of cybersecurity risks these days — including companies racing to embrace cloud computing without fully understanding the security fundamentals, insecure mobile applications, and persistent bad habits with software patching and encryption. Said snapshot comes from Coalfire, one of the more notable cybersecurity and compliance software firms, which just released…
Read MoreThoughts on Data Security
This week I’m attending the ISACA-Institute of Internal Auditors GRC Conference in Las Vegas. As one might imagine, data security is all over the agenda, so I’ve been taking notes for those audit and compliance executives back home looking for suggestions on how to make your GRC efforts better. For starters I attended a fascinating…
Read MoreThat Massive Privacy Settlement for Fortnite
Like so many other adults in this world, I have children who play Fortnite. When they play, they ignore me. This gives me time for other pursuits, such as reading the massive enforcement action and compliance reforms that the feds just imposed on Fortnite. You may have seen the headlines already. Epic Games, the owner…
Read MoreSEC Reminders on Identity Theft
The Securities and Exchange Commission has published a review of financial firms’ identity theft programs, in case anyone is looking for helpful hints and tips on how to strengthen your own program. Most of the SEC’s advice, however, boils down to a company sincerely thinking about its risks here. The advice came in the form…
Read More