Legislation Would Give Consumers Ability to File Lawsuits Against Major Credit Reporting Agencies Over Data Breaches
US Senators Raise Concerns About EdTech Data Privacy
Subject Access Requests – What does ‘one month’ mean?
The ICO has confirmed a small, but important, change to the time limits for responding to subject access requests (SARs) under the GDPR. Calculation of the one-month time limit should begin from the date on which the request was received, not the day after. Therefore, if a request is received on 3rd September, the deadline for responding will be 3rd October (rather than 4th October, as previously understood). The ICO update on the subject, which…
ICO Launches Investigation into Facial Recognition in King’s Cross, London
On August 15, 2019, the UK Information Commissioner’s Office (“ICO”) announced that it had launched an investigation into the use of live facial recognition technology at the King’s Cross development in London. This follows a letter sent by the mayor of London, Sadiq Khan, to the owner of the development inquiring as to whether the use of the software was legal. The company responsible for the technology said it was used for the purposes of…
New Notification Requirements in New York for Healthcare Providers Facing a Cybersecurity Incident
On August 12, Mahesh Nattanmai, New York’s Chief Health Information Officer, issued a notice letter (“the notice”) on behalf of the New York State Department of Health (“Department”) requiring healthcare providers to use a new notification protocol for informing the Department of a potential cybersecurity incident. The updated protocol is considered effective immediately from a healthcare provider’s receipt of the notice letter.
“We recognize that providers must contact various other agencies in this type of…
Avoiding the Dreaded Link under CCPA: “Do Not Sell My Personal Information”
English Confidentiality Protections in Trade Secret and IP Cases
The EU Trade Secrets Directive 2016/943 contains a variety of confidentiality protections expressly protecting the publicity of the proceedings because “[t]he prospect of losing the confidentiality of a trade secret in the course of legal proceedings often deters legitimate trade secret holders from instituting legal proceedings to defend their trade secrets, thus jeopardising the effectiveness of the measures, procedures and remedies provided for. For this reason, it is necessary to establish, subject to appropriate safeguards…
Security Researchers Find Biometric Data on 28 Million Records Is Exposed
It was reported this week by The Guardian and Forbes that security researchers from Vpnmentor have discovered and published a report that Suprema, a company that collects and monitors biometric information such as fingerprints and facial recognition data, has left exposed the biometric information of 28 million records and 23 gigabytes of data insecure.
Suprema services police departments, banks and defense contractors, and provides identity and time and attendance solutions, fingerprint scanners, and mobile authentication…
Can You Really Protect Against Ransomware?
We’ve written a few times recently about municipalities, companies, and government agencies hit with ransomware attacks this year. In early July, it was reported that a court system in Georgia was attacked with ransomware, causing lawyers, court employees and the public to have to rely on “old school” paper to file pleadings and keep the court system running. This got me thinking about ransomware, and then I came across a Security Tip (ST-19-01) sheet…
Beyond-Visual-Line-of-Sight Drone Operations in Alaska
A beyond-visual-line-of-sight (BVLOS) flight of a drone traveled along the Trans-Alaska pipeline system (TAPS) this month, led by a team from the University of Alaska Fairbanks (UAF) Center for Unmanned Aircraft Systems Integration. Operators flew the drone along 3.87 miles of TAPS, using onboard and ground-based detection systems (instead of human observers) to detect and avoid other aircraft. The drone also had onboard collision avoidance technology and a five-nautical mile system consisting of eight ground-based…