Celebrating Data Privacy from A to Z
In honor of Data Privacy Day and its spirit of education, I thought it might be appropriate (and fun) to celebrate some (but certainly not all) of the A, B, Cs of Data Privacy. Would love to see your contributions, too!
A is for Advance Encryption Standard or AES, approved by NIST. Are you encrypting transmissions of sensitive data and portable storage devices? See more below.
B is for Breach Notification Laws, including the 45 state laws, District of Columbia, Puerto Rico, Virgin Islands, HITECH Act, and international regulations. (Also Behavioral Advertising.)
C is for . . . what to Choose? -- Contracts? Cloud Computing? How about California - the first state to enact a breach notification law, California Civil Code sections 1798.29, 1798.82 et seq. (SB 1386), and the first state Office of Privacy Protection
D is for Data Protection Authorities in the European Union
E is for the EU Data Protection Directive. Oh, and Encryption, of course. See above and below.
F is for Financial Institutions, regulated by (wait for it . . . after the jump . . .)
Continue Reading...EU Data Protection Directive May Apply to Certain "Users" of Social Networking Sites
It is a little vague, but according to this report it appears that simply using a social networking website may subject certain individuals and organizations to the requirements of the EU Data Protection Directive (e.g. notice, consent, etc.). Essentially, if your purpose for being a user is not "personal" then you could be subject to the EU Directive. Stated differently, if you use a social networking site to advance commercial, political or charitable goals your activities as a user may be regulated by the EU Directive. Continue Reading...
