The not-so-definitive guide to cybersecurity and data privacy laws

US cybersecurity and data privacy laws are, to put it lightly, a mess.

Years of piecemeal legislation, Supreme Court decisions, and government surveillance crises, along with repeated corporate failures to protect user data, have created a legal landscape that is, for the American public and American businesses, confusing, complicated, and downright annoying.

Businesses are expected to comply with data privacy laws based on the data’s type. For instance, there’s a law protecting health and medical information, another law protecting information belonging to children, and another law protecting video rental records. (Seriously, there is.) Confusingly, though, some of those laws only apply to certain types of businesses, rather than just certain types of data.


https://blog.malwarebytes.com/security-world/2019/03/not-definitive-guide-cybersecurity-data-privacy-laws/?utm_source=double-opt-in&utm_medium=email-internal-b2c&utm_campaign=EM-B2C-2019-March2-newsletter&utm_content=laws