Category

Information Governance

Category

In the sphere of internet regulation, the current Ukrainian government has been more active in the past months than all former Ukrainian governments together in the past 20 years. At the beginning of May, the law establishing the first ever Ukrainian secondary liability regime for third-party copyright infringement came into force. Later that same month, the President of Ukraine approved a decree ordering ISPs to block access to a number of popular Russian online services…

New, innovative, and exciting technologies emerge every day, and we constantly hear about how these new technologies are going to disrupt particular sectors of the economy. Disruptive innovation is becoming commonplace and businesses are scrambling to evolve and adapt to the new environment.Yet another vital economic sector is under pressure to adopt new technologies in order to remain relevant and competitive. According to a report published by the McKinsey Global Institute earlier this year, technological…

The conversation about the use of digital currencies is far from over, but increasingly blockchain, the technology behind the new generation of cryptocurrencies, is gaining recognition. Blockchains automate interactions, allowing parties to a transaction to bypass the necessity of third parties for the management and enforcement of financial transactions. The technology has received increased attention because it allows for irreversible transactions across open networks with minimal risk of interception. The decentralised nature of a blockchain…

A recent privacy breach case in Canada offers practical guidance for organizations anywhere to avoid the over-retention of personal data.A May 2017 Order from the Office of the Information and Privacy Commissioner of Alberta provides new insight into the requirement under section 35 of the Personal Information Protection Act to retain personal information only as long as reasonably required. To manage risk, organizations retaining personal information should be prepared to clearly articulate the purpose of…

On May 16, 2017, the Ukrainian President signed Presidential Decree No. 133/2017 which introduces sanctions against 1228 individuals and 468 legal entities.The Decree has received unprecedented public attention because it establishes restrictive measures (sanctions) against Russian IT companies and their Ukrainian subsidiaries. Such companies/subsidiaries are popular among Ukrainians and provide services such as social networks, a search engine, a navigation service, accounting software, antivirus solutions, and more.The sanctions are based on Article 4 of the…

The volume and type of electronically stored information (“ESI”) retained by corporations has increased exponentially in recent years, creating a range of challenges for corporations developing formal records retention policies. While certain types of records must be retained for a fixed period as determined by legislation, many documents are not subject to a specified retention period. Retention then becomes a matter of business need and risk mitigation. In addition, the expanding scope of legal privacy…

The EU General Data Protection Regulation (“GDPR”) came into force on May 24, 2016. Companies offering goods or services to individuals in the EU have until May 25, 2018 to comply with the requirements set out by the GDPR. While GDPR requirements may appear rather prescriptive compared to its predecessor – the EU Data Protection Directive – the GDPR advocates for a systematic and organized compliance culture.Article 30 of the GDPR requires companies to maintain…

Organizations are recognizing that data scientists can play a valuable role in enterprise IT security. However, effective security requires a collaborative effort between data scientists and security professionals within an enterprise. While data scientists have a pivotal role to play, they cannot and should not operate in a vacuum.Leveraging Data Science to Mitigate Security RiskData science is a field of research that involves analyzing massive data sets to extract useful information. In the context of…

When a person deactivates, deletes or disengages with his or her profile on an online service, what happens to that person’s personal information? When a person leaves, does personal information stay?In 2015 Ashley Madison, an online dating website known for connecting users to explore or engage in extramarital affairs, was hacked and the personal information of 36 million users was publically exposed. The data breach prompted a joint investigation by the Canadian and Australian privacy…

As explored in an earlier b:INFORM article, “Email Compliance: Act Now, Save Millions – Information Governance Report Is A Call To Action,” email management is proving to be a major compliance challenge for organizations, threatening financial harm and loss of reputation if left unaddressed. Employing a legally compliant and business savvy email management program is a critical starting point in overcoming the complexities and challenges associated with email retention. In order to facilitate compliant email…