NSA Appoints Chief Privacy Officer

On January 29, 2014, the National Security Agency (“NSA”) announced that Rebecca Richards has been appointed to serve as the NSA’s new Civil Liberties and Privacy Officer. Ms. Richards, who previously worked as the Senior Director for Privacy Compliance at the Department of Homeland Security, will advise the NSA Director on civil liberties and privacy issues and implement reforms in those areas.

California Attorney General Files Lawsuit Based On Late Breach Notification

By | InfoLawGroup | January 30, 2014
California Attorney General Files Lawsuit Based On Late Breach Notification

In the first case of its kind (that I am aware of), the California Attorney General’s office filed a complaint against the Kaiser Foundation Health Plan, Inc. (“Kaiser”) alleging a violation of California’s “unfair competition law” (Business and Professions Code sections 17200-17210) arising out of a personal information security breach and delayed notification. 

European Commission Aims for Europe to Be World’s Leading ‘Trusted Cloud Region’

European Commission Aims for Europe to Be World’s Leading ‘Trusted Cloud Region’

Developing on the European Cloud strategy, ‘Unleashing the potential of Cloud Computing in Europe’ released in 2012, the European Commission has released a memo to foster greater support for cloud computing services in Europe, with the ambition for Europe to become the world’s leading trusted cloud region and a harmonious single market for cloud computing known as ‘Fortress Europe’.

Commissioner’s Roadmap for Conclusion of EU Data Protection Reform Package Announced

Commissioner’s Roadmap for Conclusion of EU Data Protection Reform Package Announced

Data Protection Day in Europe, 28 January 2014, saw the announcement by EU Justice Commissioner Viviane Reding of a more precise timetable for the adoption of the EU’s data protection reform package, comprising a Regulation governing general data protection and a Directive governing the use of personal data in the area of law enforcement and crime.

Mexican Data Protection Authority Issues New Data Security Guidelines

Mexican Data Protection Authority Issues New Data Security Guidelines

The Mexican data protection authority, the Institute of Access to Information and Data Protection (the IFAI), has issued data security guidelines for businesses to ensure measures are implemented to comply with the data security provisions of the Mexican data protection law, the Federal Law on the Protection of Personal Data in the Possession of Private Parties (the Federal Law).