Under India's pending data protection bill, a data fiduciary would need to ensure that data is used only for the purpose for which it was collected, Justice (retired) B.N. Srikrishna, chairman of India's Data Protection Committee, explains in this exclusive video interview.
A third medical lab test firm - BioReference Laboratories - has acknowledged that it's a victim of the data breach at American Medical Collection Agency, which may have exposed data on more than 20 million patients. Meanwhile, at least four state attorneys general are now investigating the breach.
One year after the EU's General Data Protection Regulation went into full effect, data protection experts gathered at the European Data Protection Summit in London to review the state of privacy - not just in the U.K. and Europe but across the world. Here are eight takeaways.
Apple will introduce a feature in its new iOS 13 operating system later this year that allows the use of Apple credentials to log into other services. The feature is designed to reduce the amount of personal information that app developers obtain, a clear shot across the bow of Facebook and Google.
Australian National University has detected a data breach that resulted in the copying of "significant amounts" of staff and student data stretching back 19 years. The intrusion began in late 2018 and was detected on May 17.
Unlike the European Union's General Data Protection Regulation, the California Consumer Protection Act is very prescriptive in nature, says Subhajit Deb of Dr Reddy's Laboratories, a global pharmaceutical company. In a video interview, he offers compliance insights.
A proposed $74 million settlement of a consolidated class action lawsuit against Premera Blue Cross after a 2014 data breach that affected nearly 11 million individuals includes $32 million for breach victims and also would require the health insurer to invest $42 million to bolster data security.
Post-GDPR, the California Consumer Privacy Act was the first piece of US legislation to emerge - but it's hardly the last. Attorney Sadia Mirza of Troutman Sanders talks about the potential impact of CCPA and other pending privacy legislation.
Global payment companies Mastercard and Visa say they are making progress toward storing all their data on Indians within the country and wiping out data related to Indian transactions that's stored overseas. The moves are an effort to comply with Reserve Bank of India's directive on data localization.
News aggregator Flipboard has initiated a systemwide password reset affecting as many as 150 million users following two database intrusions. Flipboard doesn't collect ID or financial information, but users could be at risk if they have reused their Flipboard password on other services.
Retired Supreme Court Justice B.N. Srikrishna, who headed the committee that drafted the proposed Indian data protection bill, acknowledges that the bill's breach notification requirements will need further clarification.
One year after Europe's tough new GDPR privacy law went into full effect, authorities in Britain have seen the number of annual data breach notifications more than quadruple. Meanwhile, the number of data protection complaints filed by Europeans has doubled.
A security researcher has reported that the mobile phone numbers, and in some cases, other information, of 300 million Indians that use the Truecaller caller ID app are available for sale on the dark web. But the maker of the app says its database was not breached.