William Gamble Archive
Many people in the data privacy community will tell you that the GDPR (General Data Protection Regulation) is the gold standard of privacy law and that new U.S. state privacy laws fall short. This prejudice is not entirely correct, but …
Only three U.S. states have laws protecting biometric data: Illinois, Texas, and Washington. Of those, Illinois’s BIPA (Biometric Information Privacy Act) is the most rigorous, and its rules have led to almost 2,000 class action lawsuits being filed since 2017. …
Over the past five years, I’ve had the privilege of providing cybersecurity training, implementation and auditing support, and consultation guidance for countless U.S. businesses. I’ve also practiced most areas of business law over the past forty years. In this time, …
U.S. organizations might be surprised by the recent onslaught of information security requirements issued by the SEC (Securities and Exchange Commission). It has put forward two proposals aimed at regulating cybersecurity: the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure …
When a new rule or regulation comes into effect, organizations usually have one question: Does it apply to me? For U.S. businesses in the health care industry and defense industry, the answer is rather simple. If the new rule covers …
Earlier this year, the SEC (Securities and Exchange Commission) issued a proposal that would impose new cybersecurity requirements on a range of organizations. Under the plans, broker-dealers, clearing agencies, major security-based swap participants, the Municipal Securities Rulemaking Board, and other …
It has been a busy time for cybersecurity pronouncements on both sides of the Atlantic. First there was President Biden’s National Cybersecurity Strategy, then the UK government’s data protection reform bill and its white paper on AI (artificial intelligence), and …
May technologies’ blessings be upon you. A few years ago, we were blessed with blockchain technology, which allowed millions of people around the world to invest in the miracle of cryptocurrency. It also had the side effect of allowing North …
Your company has just been hacked. Awaiting you is hundreds of hours of work putting your network back together, investigating the damage, and dealing with affected customers. After all that, you may well have to defend a multimillion-dollar lawsuit. Now …
In efforts to curb cybersecurity and privacy issues, governments around the world have been tightening legislation on how organizations collect and share data. The most effective way to comply with these requirements is to draft the appropriate contracts. This is …