Notifications to breach victims are too late and provide too little important information
A recent press release from the Dutch DPA (Autoriteit Persoonsgegevens) emphasizes that Dutch organizations need to do better in providing breach victims with timely information that they need to protect themselves. If the Dutch DPA thinks warnings or alerts sent to victims more than three weeks after a breach is “way too slow,” The Data […]
Retrospective: 2024 in comprehensive state data privacy law
2024 was an active year for state privacy law. Keir Lamont and David Stauss recap the year for IAPP: By the numbers, 2024 experienced a comparable level of activity to 2023 with seven new states passing comprehensive privacy laws, bringing the total number of state laws to 19 — or 20 depending on whether you […]