The FTC's new “Click to Cancel” rule mandates businesses to simplify subscription cancellations, making them as straightforward as the sign-up process.
The U.S. Department of Justice has issued a proposed rule to restrict data access by specific foreign countries, following an executive order by President Biden.
We at Kaamel Technology are pleased to share the news that we have recently completed our System and Organization Controls (SOC) 2 Type II Audit.
On September 9, the U.S. IoT Cybersecurity Label, known as the "Cyber Trust Mark," came into effect to enhance the security of consumer IoT devices.
On August 30, the U.S. Federal Trade Commission (FTC) settled with security company Verkada, which will pay a $2.95 million penalty and implement stronger security measures following a lawsuit from the Department of Justice (DOJ).
On August 23, Brazil's National Data Protection Authority (ANPD) approved new regulations on international data transfers, including the adoption of Standard Contractual Clauses (SCCs) as a legal mechanism. These regulations require companies to ensure compliance with Brazil's LGPD and implement transparency measures for cross-border data transfers.
Kaamel was recently featured in an Adweek report for its work in data privacy and security. The article discusses the widespread use of cookies and similar tracking technologies, highlighting the challenges companies face in complying with global privacy regulations like GDPR and CCPA.
The Financial Supervisory Service (FSS) of South Korea has found that Kakao Pay transmitted user data to Alipay in China without consent, potentially violating the Credit Information Use and Protection Act. Kakao Pay faces possible sanctions and significant penalties as the investigation continues.
Singapore’s PDPC urges businesses to register their Data Protection Officers through the BizFile+ platform by September 30, 2024, to comply with the PDPA.
The Texas Attorney General has filed a lawsuit against General Motors for allegedly collecting and selling the private driving data of over 1.5 million Texas residents without their consent, in violation of state law. The case highlights the need for automakers to comply with privacy laws, ensuring transparency and informed consent in data collection and usage practices.
On July 1, new data privacy laws in Florida, Oregon, and Texas came into effect, requiring businesses to update privacy policies, conduct impact assessments, and strengthen data security measures. Companies must ensure compliance with these regulations to protect consumer privacy and avoid significant penalties.
The EU Artificial Intelligence Act introduces a comprehensive regulatory framework for AI systems, categorizing them based on risk levels and imposing specific transparency and compliance obligations for each category.
Texas Attorney General Ken Paxton has reminded companies to register as data brokers under the newly enacted S.B. 2105 by March 1, 2024, or face penalties. The law mandates registration, public notice, and the implementation of a comprehensive information security program for entities that collect, process, or transfer personal data of Texas residents.
California sues Tilting Point for violating child privacy laws with its game SpongeBob: Krusty Cook-Off, resulting in a $500,000 settlement and required compliance measures.
In response to rising cybersecurity threats and stricter privacy regulations, Google and Microsoft are enhancing email security measures, requiring modern authentication methods like OAuth and two-factor authentication.
Apple's iOS 17.5 update has caused deleted photos to reappear, raising privacy concerns. Users discovered this issue after upgrading, leading to speculation about potential privacy issues.
The Federal Communications Commission (FCC) has proposed cybersecurity labeling rules for Internet of Things (IoT) products, introducing a voluntary labeling program called the "Cyber Trust Mark" to enhance consumer transparency and data protection.
The American Privacy Rights Act (APRA) of 2024, announced by US Representative Cathy Rogers and Senator Maria Cantwell, aims to establish comprehensive national data privacy and security standards in the US.
The U.S. Federal Communications Commission (FCC) has approved a voluntary cybersecurity labeling program for wireless consumer IoT products. The program provides consumers with an FCC IoT label, indicating compliance with minimum cybersecurity standards.
The executive order aims to prevent "countries of concern" from accessing and exploiting US individuals' bulk sensitive personal data and US government-related data due to national security risks.
President Biden has signed an executive order to restrict the mass sale of Americans' personal data to "countries of concern" such as Russia, North Korea, Cuba, Venezuela, China, and Iran.
DoorDash settled for selling personal information of California customers without notification or opt-out mechanisms, breaching CCPA and CalOPPA regulations.
The EU Data Act, which came into effect on January 11, 2024, aims to address problems in data sharing and usage. It sets clear rules for accessing, getting, and sharing data, particularly for products connected to the internet.
Iceland's Persónuvernd fined local governments for privacy breaches using Google's education system in schools, citing non-compliance with regulations.