Regulatory and




                                     Privacy News







        FTC takes a stand against stalker apps through Retina-X court settlement. The US Federal Trade Commission
        (FTC) has taken a stand against stalkerware applications in a first-of-its-kind settlement with Retina-X Studios.
        This week, FTC attorney Lisa Weintraub Schifferle said the company, the maker of stalker software including
        MobileSpy, PhoneSheriff, and TeenShield, failed to make sure the apps were used for legitimate purposes.
                Source:  https://www.zdnet.com/article/ftc-takes-a-stand-against-stalkerware-apps-through-retina-x-
                court-settlement/



        Pentagon Receives 2,000 Comments on Vendor Cyber Certification Program. The Defense Department is less
        than three months away from finalizing its framework for measuring vendors’ cybersecurity practices, and
        industry has a lot to say about the program. Over the past six weeks, the Pentagon received more than 2,000
        comments on the first public draft of the Cybersecurity Maturity Model Certification, or CMMC, according to
        Ellen Lord, the department’s undersecretary for acquisition and sustainment.
                Source:  https://www.nextgov.com/cybersecurity/2019/10/pentagon-receives-2000-comments-
                vendor-cyber-certification-program/160706/



        What is the New York SHIELD Act? On 25th July 2019, the New York Governor Andrew Cuomo signed the Stop
        Hacks and Improve Electronic Data Security (SHIELD) Act, making it a state law. This act amends and broadens
        the coverage of the existing data breach notification law by expanding the definition of:

                1. Covered Entities to include any individual or entity that holds the private information of a New York
                   State resident, regardless of whether that individual or entity does business in the state of New
                   York.
                2. Private Information to include - username or email address in combination with a password or
                   security question; biometric information such as fingerprints, voice print, retina or iris image;
                   account number, credit or debit card number that can be used to access an individual's financial
                   account without additional identifying information.
                3. Data Breach to include unauthorized access to private information regardless of whether that
                   data has been acquired by unauthorized personnel. The data breach notification law would be
                   triggered indications if private information was viewed, communicated with, used, or altered by a
                   person without valid authorization or by an unauthorized person.
                Source: https://duo.com/blog/what-is-the-new-york-shield-act



        Ready to Pay $30,000 for Sharing a Photo Online? The House of Representatives Thinks You Are. Tomorrow
        the House of Representatives has scheduled to vote on what appears to be an unconstitutional copyright bill
        that carries with it life altering penalties. The bill would slap $30,000 fines on Internet users who share a
        copyrighted work they don’t own online.
                Source:  https://www.eff.org/deeplinks/2019/10/ready-pay-30000-sharing-photo-online-house-
                representatives-thinks-you-are
                                                    www.accumepartners.com
                                                                                                                     7