Fintech services provider Plaid Inc. (“Plaid”) accepted a proposed settlement agreement to resolve a number of class-action lawsuits claiming that the company illegally collected and distributed users’ financial data without prior consent.
The US Senate Homeland Security Committee issued, on Tuesday, a report finding that federal agencies have failed to implement basic defenses to protect against cyberattacks.
The Luxembourg National Commission for Data Protection ordered Amazon to pay €746MM ($887MM) as a result of claims against Amazon Europe Core Sarl. The size of the fine suggests EU regulators are moving beyond their self-imposed grace period of ramping up GDPR compliance requirements.
An ordinance is currently on the desk and awaiting signature from Baltimore Mayor Brandon Scott, which will go into effect 30 days after signing and provide a blanket ban for the use of facial recognition technology within city limits.
Colorado became the third state in the U.S. to adopt its own set of comprehensive privacy laws, known as the Colorado Privacy Act aimed at protecting the use and sale of its residents’ personal and sensitive data. This blog post provides a high level summary and key takeaways regarding the new regulations.
The New York Department of Financial Services (“NYDFS”) recently entered into a consent order with two life insurance companies as a result of alleged violations of New York’s Cybersecurity Regulation.