data security

GLBA is About to Get a Cybersecurity Upgrade

If you aren’t a regular reader of the Federal Register, you may have missed a proposed upgrade for safeguarding customer information. Background When the Gramm Leach Bliley Act, fondly known as GLBA, was enacted in 1999 we were worried about Y2K, a gallon of gas cost $1.22, and SpongeBob SquarePants had just premiered on Nickelodeon…. Read more »

Data Security under the California Consumer Privacy Act: Instructions Not Included

“Reasonable security.” If you’re a California business, this is what’s generally expected of you (e.g., Cal. Civ. Code § 1798.81.5).  If you collect personal data, you are expected to secure it.  But what’s the right level of cybersecurity under the California Consumer Privacy Act of 2018 (CCPA)?  Are specific frameworks recommended? Let’s wade into the… Read more »