IT Security & Privacy

Dutch Watchdog Slaps Uber with €10 Million Fine for Privacy Breaches

The Dutch Data Protection Authority (DPA) has levied a hefty €10 million ($11 million) fine against Uber for violating privacy regulations related to the personal data of its drivers. The DPA's investigation revealed that Uber failed to specify in its terms and conditions how long it retained drivers' personal data and the security measures in place when transmitting the data to undisclosed entities outside the European Economic Area (EEA).

California Attorney General Initiates Investigative Sweep on Streaming Services for CCPA Compliance

California Attorney General Rob Bonta has announced a comprehensive investigative sweep, targeting businesses associated with popular streaming apps and devices. The focus of this initiative is to assess and ensure compliance with the California Consumer Privacy Act (CCPA). The Attorney General's office is issuing letters to businesses operating streaming services, alleging a failure to adhere to the CCPA's stringent regulations, particularly emphasizing the opt-out requirements for businesses engaged in the sale or sharing of consumer personal information.

CNIL Imposes €32 Million Fine on Amazon France Logistique for GDPR Violations

The French data protection authority, CNIL, has fined Amazon France Logistique €32 million for serious violations of the General Data Protection Regulation (GDPR). The penalty comes after several investigations prompted by employee complaints and media reports about the company's practices in its large warehouses.

VF Corp's Cybersecurity Incident Exposes Data of 35.5 Million Consumers

VF Corp, the parent company overseeing renowned sneaker brand Vans, has reported a significant data breach impacting approximately 35.5 million consumers. The cybersecurity incident, identified on December 13, 2023, disrupted global customer orders through the company's e-commerce platform, causing delays in order fulfillment and resulting in the cancellation of certain product orders.

FTC Joins Global Initiative to Strengthen Privacy and Data Security Enforcement

In a move towards bolstering international cooperation on privacy and data security enforcement, the Federal Trade Commission (FTC) has officially signed on to participate in the Global Cooperation Arrangement for Privacy Enforcement (Global CAPE). This multilateral arrangement facilitates collaboration, investigative assistance, and information-sharing among privacy authorities worldwide.

Financial Watchdog AMF Issues Warning on Impersonation Scams and Malicious Websites

In a recent advisory, the Autorité des marchés financiers (AMF), the French financial regulatory authority, has raised concerns about a surge in fraudulent activities involving the unauthorized use of its name. The warning is targeted at both regulated and unregulated entities under the AMF's jurisdiction, cautioning them against falling victim to sophisticated scams.

FINRA Places Cybersecurity Front and Center in Its 2024 Regulatory Oversight Report

FINRA’s 2024 regulatory oversight report has emerged providing new guidance and insight regarding the emerging risk landscape, including such topics as financial crime, operational and communications risks, market integrity concerns, and financial custodianship.The report seeks to provide guidance on these themes. Providing observations, recommendations, and associated obligations across each topic. The frontrunner for these categories is cybersecurity, which FINRA asserts is critical to success in all other areas of compliance, risk management, and long-term organizational health.