William Gamble Archive
Invalidation of the Privacy Shield U.S. companies that do business in the EU are in for a nasty shock. For the past four years, the EU–U.S. Privacy Shield framework has allowed them to transfer data from the EU in line …
Last week your CEO opened an email about chimpanzees in ties trashing an office. You’ve just learned the email contained malware, which has been exfiltrating valuable data to an IP address in Iran. After a brief panic attack, you start …
Let us assume you work for a company based in the U.S. Maybe you’ve heard of the European GDPR (General Data Protection Regulation). Perhaps you even heard about its requirements for cybersecurity and protecting personal information. Then you think to …
Cybersecurity breaches are always bad, but without a management system they can turn into a catastrophe. Take the plight of Lake City, Florida. It’s a small city about an hour away from Jacksonville, but it has big problems. The city’s …
Alphabet soup: that’s what it is. A real alphabet soup. The GDPR, CCPA, HIPAA, COPPA, GLBA, and LGPD. All of these letters represent laws. Laws here, there, and everywhere. Laws in Europe. Laws in the U.S. Laws in Brazil. Laws …
It is a widely held belief that every organization’s website needs a corresponding privacy policy. However, this is not the case. Whether you need an online privacy policy depends on what your organization does, where it does it, and your contractual obligations. According …
According to the Danish philosopher Søren Kierkegaard, “There are two ways to be fooled: one is to believe what isn’t true; the other is to refuse to believe what is true.” What Kierkegaard is telling us is something about which …
New technologies, whether from Apple, Facebook or other organizations always cause regulatory confusion. When cars were first developed and sold in large numbers in the early 20th century, the streets were chaos: there were no stop signs, warning signs, traffic …
Whenever I listen to the SANS Institute’s daily podcast on cybersecurity, I am always impressed by the ingenuity and persistence of cyber criminals. The popular conception of a hacker as some kid in a hoodie is misguided. These are well-organized …
In my last post, I spoke about the fundamental differences between the EU General Data Protection Regulation (GDPR) and the EU-US Privacy Shield. The US has a different view on data privacy and therein lies the challenge. US laws do …
