Articles in the Data Security category cover the laws and regulations governing how organizations protect sensitive information, including security program requirements, breach prevention, and incident response. Topics include cybersecurity compliance, data breach notification duties, vendor and cloud security obligations, and enforcement risks under privacy and sector-specific rules.
Under several new state privacy laws, consumers can opt out of AI profiling used for decisions with legal or similarly significant effects. This right targets automated processing tied to credit, housing, employment, insurance, and other high-impact outcomes. This article explains what AI profiling is, which states provide opt-out rights, and how to request and enforce […]
The California DELETE Act creates a single, centralized opt-out process that lets consumers request deletion from registered data brokers at once. It expands California’s data broker registry and requires brokers to honor verified deletion requests (with certain legal exceptions). This article explains what the DELETE Act does, who qualifies, how the one-stop deletion mechanism works, […]
