Nigeria’s extensive data protection law is in force

On April 25, 2019, the Nigeria Data Protection Regulation 2019 entered into force. The Regulation was issued by the National Information Technology Development Agency, NITDA, and it mirrors the EU General Data Protection Regulation (GDPR). The Regulation’s scope of application is quite broad. It applies to all transactions intended for the processing of personal data (which relate to an identified or identifiable natural person) of natural persons in Nigeria, natural persons residing in Read more [...]

A common legend debunked no written fee estimate is (probably) required in Italy before a lawyer is engaged

The Ufficio Studi del Consiglio Nazionale Forense (Research Office of the Italian Bar Association) clarified, already in December 2017 that Italian attorneys do not have a duty to communicate in writing to the client an estimate indicating the cost of their professional service and specify their expenses and fees BEFORE being engaged by a client. See Nota dell’Ufficio Studi n. 67 dated October 12, 2017  Notwithstanding the above, many still believe that an estimate before engagement is Read more [...]

Important question about the GDPR one –stop shop mechanism referred to the ECJ

On May 8, 2019, the Brussel’s Court of Appeal referred certain questions to the Court of Justice of the European Union (CJEU) to ensure that the Belgian Data Protection Authority (DPA) can pursue the case against Facebook also after the GDPR entered into force. In particular, the questions is whether the one-stop shop mechanism (which allows for a new cooperation mechanism between EU DPAs) also allows a DPA to initiate a proceeding before an EU court if it is not the lead supervisory authority.[1]  Read Read more [...]

North Carolina bill to amend Identity Theft Protection Act and to increase consumer protection post-breach

On April 16, 2019, North Carolina House of Representative introduced H.B. 904. The Bill amends the Identity Theft Protection Act. Among the many changes introduced, the Bill: amends the definition of security breach to include any incident of “unauthorized access to or acquisition of (was, access to and acquisition of) unencrypted and unreacted records or data containing personal information where illegal use of the personal information has occurred or is likely to occur or that creates Read more [...]

Massive violations of US households data

On April 30, 2019, vpnMentor published an article revealing that hacktivists Noam Rotem and Ran Locar discovered an unprotected database impacting up to 80 million American households (65% of US households). The 24 GB database was hosted by a Microsoft cloud server and included the number of people living in each household with their full names, their marital status, income bracket, age, date of birth and more. It included data of people over the age of 40. VpnMentor doesn’t know to which Read more [...]