Oregon recently joined numerous states in prohibiting employers from seeking access to employees’ or prospective employees’ private social-media accounts, personal email, and other online content.
To enhance security standards to protect customer payment data in the context of increasing e-commerce, the Payment Card Industry (PCI) Security Standards Council has announced it has releasedversion 3.0 Payment Application Data Security Standards (PA-DSS) and version 3.0 of the PCI Data Security Standard (PCI-SS), which will become effective from 1 January 2014.
The National Institute of Standards and Technology (“NIST”) recently published an update on its development of the much-anticipated Cybersecurity Framework (“Framework”), a roadmap for managing cyber risks using current best practices, guidelines, and standards.
On 28 November 2013, UK Government Department of Business, Innovation and Skills (BIS) announced, following a report on “UK Cyber Security Standards”, that a new cyber security standard is to be created based on ISO27000-series.
Data privacy and security made the headlines practically daily in 2013. Our second annual Privacy and Data Protection 2013 Year in Review topped 65 pages!
The FTC recently announced settlements with twelve U.S. companies regarding alleged false claims of compliance with the U.S.-EU Safe Harbor and the Swiss Safe Harbor (collectively the “Safe Harbors”).
As of January 1, 2014, California law requires operators of websites and online services to publicly disclose how they respond to “do not track” (dnt) signals, though the exact requirements vary depending on whether an entity is a first party (e.g., web publisher) or third party (e.g., ad network). The new law will not require companies to honor dnt signals.
A report that NSA’s collection of bulk phone records did not lead to any “known terrorist plot or the disruption of a terrorist attack” and since it is illegal, the NSA program should be shut down.
California Court Agrees Song-Beverly Act is Inapplicable to Online Purchases of Physically-Delivered Goods
Earlier this month, a California trial court held that the Song-Beverly Act does not apply to online purchases of physically delivered goods.