GDPR

Congress should consider acting quickly or companies could treat the Golden State's new data privacy restrictions as a national standard.

Congress should consider acting quickly or companies could treat the Golden State's new data privacy restrictions as a national standard.

Not only does it illustrate the willingness of regulators to impose massive fines for massive data breaches, it also reminds us that this situation could be just the tip of a financial iceberg, says White Hat Security's Mark Rogan.

The technology can help banks get the most out of the vast amounts of information at their disposal.

In their efforts to understand data privacy regulations and maintain compliance, it’s become clear that a large number of retailers simply don’t know the true whereabouts of their customers’ data, never mind how that data is being used, says Cleo's Dave Brunswick.

Even though the General Data Protection Regulation has put data security and privacy top of mind throughout Europe in its first year, it is not likely the U.S. will see a similar federal mandate anytime soon — if ever.

Because various aspects of the General Data Protection Regulation were made public two years before they became official law, European lawmakers naturally felt it gave companies plenty of time to get data security compliance in place. But it appears most companies either lost track of time or haven't solved the compliance puzzle yet.

A new regulation in the Golden State could provide a de facto national standard as Congress continues to stall on data breach legislation.

While most early GDPR fines have been relatively low, a larger more recent fine at Google is a sign of larger levies to come, according to Karen Neuman and Federica De Santis from the privacy and cyber security practice at Goodwin.

Regulators are handing out fines for GDPR violations, that while relatively small can have a large impact on the push for sharable identity by drawing attention to how large companies use data.