Sign in Subscribe

compliance

Policy Roast: "Reasonable security" is doing a lot of work in California

Policy Roast: "Reasonable security" is doing a lot of work in California

California did what policymakers love to do: it shipped a compliance object that sounds precise, then hid the hard part in a word like \\\"reasonable.

The Docket: The UK’s Reddit Fine Makes Child-Data Compliance Real

The Docket: The UK’s Reddit Fine Makes Child-Data Compliance Real

The ICO’s Reddit fine makes child-data governance concrete by treating predictable minor use and weak age assurance as a compliance failure.

Explain This: The SEC Cyber 8-K Rule (Materiality, 4 Days, and the Mistake That Gets You Sued)

Explain This: The SEC Cyber 8-K Rule (Materiality, 4 Days, and the Mistake That Gets You Sued)

Most incident response plans are written like the only audience is the SOC.

Breach Autopsy: PayPal's "Application Error" That Took Six Months to Detect

Breach Autopsy: PayPal's "Application Error" That Took Six Months to Detect

PayPal disclosed that a coding error exposed loan application data, including Social Security numbers, for six months before detection.