The New York Times reports that the Legal Aid Society has launched a class-action lawsuit against the New York City Police Department (NYPD), alleging that the Department maintains an unauthorized DNA database. It claimed that officers from the New York Police Department took DNA samples without the agreement of both suspects and non-suspects by offering...
The US National Institute of Standards and Technology releases its draft AI Risk Management Framework Taking and opens a related public consultation to receive inputs from both private and public sector. NIST has released the draft keeping in mind the fact that AI carries benefits and risks. The draft deals with design and evaluation of...
The Committee on Information Technology of the Iowa House passed House File 2506 almost unanimously. The effective date for the bill is Jan. 1, 2024 but the Iowa Senate must report the File out of a committee by March 18 for further consideration. Find the text here.
The US Securities and Exchange Commission (SEC) today proposed amendments to its rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. Public companies may be required to report cybersecurity incidents within 4 days. These disclosures would be made to the investors as cybersecurity is an ‘emerging...
A US Senator puts forward a proposal for inclusion of teenagers under COPPA, during a speech at the Internet Education Foundation’s annual State of the Net. Currently, COPPA governs online privacy of children within 13 years of age. Another point proposed by the Senator is to not letting the corporate culture exploit minors. Find the...
The US Securities and Exchange Commission (SEC) has for the first time issued a proposal for cybersecurity rules, procedures and data breach prevention measures for investment funds and advisers. If approved, the measures will require thousands of companies to report cyberattacks within 48 hours. The proposals require funds and registered investment advisers to develop written...
The Office of Information Security of the US Department of Health and Human Services (HHS) has released a report providing insights into the May 2021 Conti ransomware attack on the Health Service Executive (HSE) in Ireland. With the report, the HHS’s Health Sector Cybersecurity Coordination Center (HC3) provides advice for US healthcare and public health...
American Headquarters:
PrivacyRules Ltd.
151 West 4th Street
Suite 200
Cincinnati, OH 45202, USA
European Office:
Via dei Della Robbia 112
50132, Firenze
Italy (IT)