Articles from Around the Web

Discover the latest industry insights and developments with our News from Around the Web page. We curate feeds from a variety of reputable organizations, bringing you a comprehensive overview of relevant news and trends. Stay informed and connected with the most current updates from across the web.

Keeping tabs on the proposed American Data Privacy and Protection Act

The proposed American Data Privacy and Protection Act and its legislative path are the closest U.S. Congress has ever been to passing comprehensive federal privacy legislation. The IAPP Resource Center has a topic page dedicated to all things ADPPA, including the latest version of the bill and various resources, analysis and original IAPP reporting related to the bill's progress. The Resource Center also carries a separate topic page for U.S.

Mobile payment app parent company sued in data breach lawsuit

Technology company Block is facing a class-action lawsuit for its alleged response to a data breach, IT Pro reports. Plaintiffs allege Block waited four months to notify customers of a breach to its mobile payment service Cash App application. In December, Block discovered a former employee downloaded user information and was able to access customer names, brokerage account numbers and trading activity.

Understanding geolocation data and a US regulatory path

Geolocation data is a growing topic among privacy professionals due to the lack of regulatory safeguards around such data. Gravy Analytics Vice President of Legal and Chief Privacy Officer Jason Sarfati said arriving at a legislative solution isn't easy given misunderstandings around user identifiability. Sarfati offered a rundown of what geolocation data is all about and pointers for U.S.

California attorney general serves first-ever CCPA fine

California Attorney General Rob Bonta announced the first enforcement action under the California Consumer Privacy Act, a $1.2 million settlement with multinational retailer Sephora over violations of the law's "Do Not Sell" provisions. Sephora's violation specifically relates to failures to inform individuals about the sale of their data and process sale opt-outs through the Global Privacy Control. The retailer did not utilize the 30-day cure period allowed under the CCPA. The landmark settlement also includes required operational improvements.

Potential Kenya-US trade deal could be favorable to Big Tech

Kenya created a requirement for startups that process personal data to register with the Office of the Data Protection Commissioner, PYMNTS.com reports. While Kenya’s Data Protection Act is the EU General Data Protection Regulation’s closest parallel on the African continent, a potential bilateral trade deal with the U.S. could save American companies compliance headaches after the EU-U.S. Privacy Shield was overturned in 2020. However, provisions of the anticipated Kenya-U.S.

OCR issues $300,640 fine over HIPAA Privacy Rule violations

The U.S. Department of Health and Human Services Office for Civil Rights fined New England Dermatology and Laser Center $300,640 for violating the Health Insurance Portability and Accountability Act Privacy Rule. The health center was found to have improperly deleted protected health information when it threw out specimen containers with labels carrying patient names, birthdates, dates of sample collection and name of the provider who took the specimen.