CCPA will be live in less than 3 months. Do you have a plan?

In January, I’ll start a new game: ask a company to retrieve all the information they have about me in less than 45 days. One of the requirements of CCPA, is to be able to reply to a customer request to have access to all the data you have about them in less than 45 days. These are called the Verifiable Customer Requests. You may be able to complete 10, 20 replies. But what if you received 10 every day? What does it take to keep your customers happy and being compliant?


The Current State of CCPA - What You Need to Know

In the digital age, more often than not, you can be sure that some enterprise has hold of your personal information. This information could be your name, email, phone number, IP address, country and other details. This can come from submitting a form, subscribing to a newsletter, accepting cookies, accepting the privacy policy or terms and conditions when creating an account or downloading software.


GDPR One Year Anniversary: The Civil Society Organizations' View

GDPR is a landmark in privacy jurisdiction. Through its 99 articles, it sets a framework for both businesses and individuals on their rights and responsibilities when it comes to protecting privacy. The most important element in my opinion is that privacy functions a fundamental human right and needs to be protected.


Report Finds Over Half of UK Orgs Still Not GDPR Compliance

Despite GDPR having been enacted over 15 months ago, over half of UK organizations are still not compliant with the General Data Protection Regulation (GDPR). The report released by Egress, GDPR Compliance: where are we now?, polled 250 GDPR decision-makers and found that 52% were not fully compliant with the new regulation. Even worse, 35% of respondents claimed compliance with the EU-wide data protection regulation had actually dropped down on the priority list over the past year.


7 tips for strengthening your security posture around GDPR

Security is an ongoing effort. It’s worth assessing your security situation from time to time, and as GDPR fines have started to land, it’s a good time to review your data movement and storage setup. Recently, the news broke that British Airways must pay an astounding £183 million fine because of last year’s data breach.


Dealing with three pathbreaking scenarios under the CCPA

“I’d like to pay with my credit card.” “Sure! Let me have your card. Could I also get your full name, phone number, and address?” “Yeah. It’s Logan Lovato, and I live at 1 Lemon Street, Anaheim. My number is 714.308.75xx.” This was a common occurence at retail stores across the US in the not too distant past. People shared their information and didn’t think much about it.


Most Security Pros Think Recent GDPR Fines Won't Significantly Affect Policies

In July 2019, UK Information Commissioner’s Office (ICO) announced its intention to fine two companies for violating the European Union’s General Data Protection Regulation (GDPR). ICO began by disclosing its intention to penalize British Airways in the amount of £183 million (approximately $224 million) on 8 July.


One Year After GDPR: Three Common Mistakes Businesses Still Make

May 25, 2019 marked the one-year anniversary of the European Union’s (EU) General Data Protection Regulation (GDPR) coming into full effect. This milestone serves as a timely reminder for any business in the EU or doing business with EU residents on both the implications of failing to protect data and the procedures needed to prevent this from happening.


British Airways faces record 183 million GDPR fine after data breach

What’s happened? British Airways is facing a record fine of £183 million, after its systems were breached by hackers last year and the personal and payment card information of around 500,000 customers were stolen. 183 million quid!? That sounds huge! Yes, it’s the biggest fine ever handed out by the UK’s Information Commissioner’s Office (ICO).