Facebook has agreed to set aside $550 million to settle a class-action lawsuit brought by users who allege the social media company violated the Illinois Biometric Information Privacy Act (BIPA), attorneys for the plaintiffs announced on Wednesday. San Francisco Federal District Court Judge James Donato must still approve the settlement, which the lawyers claim is…
One day after Quest Diagnostics reported that nearly 12 million of its patients were potentially affected by a malicious breach of third-party bill collection vendor American Medical Collection Agency (AMCA), fellow clinical testing firm LabCorp acknowledged that roughly 7.7 million of its customers may be affected by the same incident. Burlington, North Carolina-based LabCorp publicly…
A major operational error has resulted in the issuance of at least one million browser-trusted digital certificates from GoDaddy, Apple and Google that don’t comply with binding industry mandates. The misconfiguration is the result of open source EJBCA software package that many browser-trusted authorities use to generate certificates that secure websites, encrypt email, and digitally…
The finance, banking and payment services industries have until September 2019 to comply with PSD2, a revised set of European Union regulations that give consumers more options and safer ways to make payments online. At RSA 2019, Geoff Sanders, director of product at anti-fraud and MFA company iovation (and former co-founder and CEO of iovation…
By Paul Iagnocco, director, consulting ,TrustArc Global and domestic privacy regulations like GDPR and the California Consumer Privacy Act (CCPA) are forcing businesses to develop and implement comprehensive data management processes to comply with new privacy requirements. In this age of compliance, privacy strategies have become ongoing initiatives, rather than one-time implementations. New privacy-by-design principles…
California passed has just passed a law effectively banning weak passwords and enforcing other security measures to more effectively secure connected devices. While its unlikely individuals or businesses will be raided by local law enforcement for attempting to lock down their computer or Wi-Fi using “Password123,” the new law will require that manufactured devices be…
Sen. Ron Wyden, D-Ore., sent a letter to Attorney General Jeff Sessions urging the Justice Department to be more forthright about Stingray devices after learning they may interfere with 911 Emergency Services.
Crimson Hexagon, a company that generates consumer insights from public social media posts, has been suspended from Facebook while the social media giant evaluates whether the data collection firm violated Facebook policies.
Regulators in Alabama, California, Georgia, Maine, Massachusetts, New York, North Carolina and Texas set in place specific steps the credit bureau must follow.
Google announced its plans detailing how it will handle customer data to comply with GDPR requirements after May 25.
