The Council of the European Union pushes on with Data Act
The Czech Presidency of the Council of the European Union made changes to the proposed Data Act before the scheduled discussion on Nov. 8. The modifications include an alignment of language regarding international data transfers to what is in the Data Governance Act. Changes to provisions for enforcement and interoperability are also part of the modifications. The Data Act will regulate how data can be accessed, shared, and transferred.
SolarWinds to pay $26 million settlement tentatively for data breach
SolarWinds will tentatively pay the $26 million settlement in filing with the US Securities and Exchange Commission (SEC). The settlement is for the shareholder lawsuit on the company’s cybersecurity disclosures before the data breach. The software company did not admit the violation, which requires approval by a judge. SolarWinds also received a Wells notice from the SEC, maintaining that the company violated US securities law.
Source: TechCrunch, IAPP
CPPA launches a 15-day comment period for CPRA draft regulations
A 15-day comment period was announced by the California Privacy Protection Agency (CPPA) for the California Privacy Rights Act (CPRA) draft regulations. It will run until Nov. 21. The public consultation was launched following the approval of the modified draft regulations by the CPPA Board. The final regulations are aimed to be in place before the end of 2022.