Showing results for 
Show  only  | Search instead for 
Did you mean: 
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Manager

October Briefing: Ready for New Data Protection Legislation?

data privacy and security briefing.png(ISC)² just launched our new monthly Data Privacy and Security Briefing (you might have seen it via email last week). These briefings will go beyond the headlines to start exploring what these developments mean to you and your organization.Topics in the first briefing include:

  • The EU-U.S. Privacy Shield framework and GDPR
  • The potential future role of the United States Federal Trade Commission in driving privacy and security regulation
  • If the U.S. federal government will be forced to create nationwide legislation in the wake of another round of headline-grabbing data breaches 

You can view the briefing here



4 Replies
Community Manager

Thanks for posting this, Kaity.


We're always looking for input from members. It would be great to hear what you think and what topics you'd like to see us explore in the future. 

Viewer II

Interesting read. Thank you for this.

Community Champion

The (ISC)² EMEA GDPR Task force will be happy to contribute....See our posts about GDPR in this community.

Newcomer III

On another note, there were 3 recent settlements with the FTC relating to the Privacy Shield. These settlements are interesting from a US perspective because it shows the recent aggressive enforcement of the Privacy Shield framework by US authorities. 


Three U.S. companies have agreed to settle Federal Trade Commission charges that they misled consumers about their participation in the European Union-United States Privacy Shield framework, which allows companies to transfer consumer data from EU member states to the United States in compliance with EU law.

In separate complaints, the FTC alleges that human resources software company Decusof LLC, printing services company Tru Communication Inc. (doing business as, and Md7 LLC, which manages real estate leases for wireless companies, violated the FTC Act by falsely claiming that they were certified to participate in the EU-US Privacy Shield.

The FTC also alleged that Decusoft falsely claimed participation in the Swiss-U.S. Privacy Shield framework. Despite these claims, all three companies failed to complete the certification process for the Privacy Shield, according to the FTC complaints.

“Today’s actions highlight the FTC’s commitment to aggressively enforce the Privacy Shield frameworks, which are important tools in enabling transatlantic commerce,” said Acting FTC Chairman Maureen K. Ohlhausen. “Companies that want to benefit from these agreements must keep their promises or we will hold them accountable.”