Utah Becomes Latest US State to Pass a Data Privacy Law
The Utah Consumer Privacy Act (UCPA) follows in the footsteps of laws passed in California, Virginia and Colorado
Privacy concerns how laws and norms govern personal data, shaping cybersecurity duties for collection, storage, access, and disclosure.
Search across headline titles and summaries.
Background for this topic.
Privacy is the ability of people to control how information about them is collected, used, retained, and disclosed. In technical and legal contexts, it covers identifiable data and data that can support inferences about a person, not only information made public. Privacy rules and organizational policies commonly address purpose, transparency, access, correction, retention, and sharing.
For security practitioners, privacy depends on reducing unnecessary data and restricting legitimate access: data minimization, encryption, least-privilege controls, segregation of identifiers, retention limits, and audit logs all reduce exposure. Compromised credentials, misconfigured storage, excessive telemetry, or third-party access can reveal sensitive information; pseudonymized datasets may also be re-identified when combined with other data. During an incident, teams must establish what personal data was accessed or disclosed, contain further exposure, preserve evidence, and meet applicable notification and handling requirements.
The Utah Consumer Privacy Act (UCPA) follows in the footsteps of laws passed in California, Virginia and Colorado
The new framework is designed to revamp the previous Privacy Shield arrangement between the EU and US
Privacy & cybersecurity attorney, Leeza Garber, highlights the importance of hiring for behaviors in cybersecurity
Warn users there's no E2EE when using it via the browser, DPIA tells institutions Hot on the heels of Microsoft's report card from the Dutch department of Justice and Security comes news of rival messaging platform Zoom receiving a nod via a renewed Data Protection Impact Assessment (DPIA).…