Strategic Revenue – Domain and Internet News

Tag: EU General Data Protection

  • Cryptocurrency Exchange BitMEX Called “Outrageously Incompetent” for Using “CC”

    Cryptocurrency Exchange BitMEX Called “Outrageously Incompetent” for Using “CC”

    PALM BEACH, FL – BitMex, a peer-to-peer cryptocurrency exchange founded in 2014 has accidentally emailed its users with the CC (carbon copy) field rather than the “private” BCC (blind carbon copy) field leading to outrage by many of its users.

    In a tweet posted on Nov. 1, crypto-currency attorney Jake Chervinsky said the leak was done in the most “outrageously incompetent way imaginable.”

    BitMEX released an official statement on the issue, emphasizing that no personal or account information has been disclosed while elaborating on why the threat is still significant:

    We would like to apologize unreservedly for the concern this has caused” adding “We are aware that many users reuse email addresses across services. This, combined with a very human tendency to reuse passwords, meant that many of our users may have been at risk due to password hash dumps on other platforms, even ones unrelated to crypto.”

    One user had this to say regarding GDPR:

    The fact remains that you leaked personal infos (e-mails) of EU residents to entities outside the EU, which is subject to a GDPR fine of “4% of the company’s annual turnover, or €20 Million, whichever is higher”. Sending out compensations pro-actively should be a no-brainer.

    https://twitter.com/SerbanStokker/status/1191305560144121858

    Just hours after the leak BitMEX’s day went from bad to worse when its Twitter account was allegedly hacked with an update warning users to take your BTC and run”.

  • U.S. GDPR: The California Consumer Privacy Act (CCPA) Goes Into Effect January 2020

    U.S. GDPR: The California Consumer Privacy Act (CCPA) Goes Into Effect January 2020

    PALM BEACH, FL – The US’s answer to European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), enacted in 2018, will create new consumer rights relating to the access to, deletion of, and sharing of personal information that is collected by businesses. It also requires California’s Attorney General to solicit broad public participation and adopt regulations to further the CCPA’s purposes. The proposed regulations will establish procedures to facilitate consumers’ new rights under the CCPA and provide guidance to businesses for how to comply.

    This new law will require any business that provides services to California residents to:

    • Provide disclosures to consumers.
    • Allow consumers to request access to their information.
    • Delete consumer information at their request.
    • Allow consumers to opt out of the sale of their information.
    • Avoid discriminating against consumers who exercise these rights.

    The new law goes into effect on January 1, 2020.

    As a state law it also applies to any companies that do business in California and has annual gross revenues in excess of twenty-five million dollars ($25,000,000). Since data privacy law covers out-of-state merchants who sell to Californians, or even display a website in the state, all U.S. companies will need to comply with CCPA if they have such sales or activity in the state.

    Full bill text is here.

    Info-graphic: What Is the California Consumer Privacy Act (CCPA)

    CCPA GDPR TABLE
    Info-graphic: What Is the California Consumer Privacy Act (CCPA) and What Does it Mean for AdTech & MarTech?

  • GDPR: The Entering of a New Era; User Data Privacy and Protection; Are You Ready?

    NEW YORK, NY – The clock is counting down on a new set of rules to be enforced this May, which will affect not only UK based businesses, but all businesses operating in the digital realm, in the event they handle user data from UK based residents, to near any extent.

    There is a lot of preparation going on right now, and has been over the last year, in anticipation of these new rules. Some businesses may even disappear altogether. I for one, actually shut-down and sold-off at least one website service which stored WhoIs data via an API as it did not yield enough revenue for me to even bother with this new headache; so I dumped it.

    Here is the gist:

    The GDPR will introduce new accountability obligations, stronger rights and restrictions on international data handling. So if you operate any business on the Internet that stores personal information (PI) on users which could in any way identify them, addresses, phone numbers, IP addresses, etc.., be prepared to comply with the new requirements regarding the EU General Data Protection Regulation (GDPR) – (IT Governance) which has already taken effect at the beginning of the year, but becomes fully-enforceable on May 25th 2018.

    Good news for UK residents; Not good news for web site owners, because there is more red-tape to deal with.

    It might also be a good time, if you are the investment type, to look into technology companies that provide services related to mitigating risk and solving potential data breaches and evaluations of data security and privacy in nearly any capacity; they will likely begin moving in the financial markets if not already.

    The domainer in me picked up a few data privacy and protection risk assessment domain names which hopefully I can develop soon, they are:

    Data Privacy Risk

    Data Protection Risk

    Now I just need a good information or services related website to help provide solutions for the data protection and risk mitigation objectives of businesses scrambling for solutions.

    Any way, if you have not heard of the EU General Data Protection Regulation (GDPR) – (IT Governance) or have heard of it, but have been procrastinating on evaluating your own risk, you better get moving because the time to figure out what you’re going to do about it is running out fast.