Written by Carol Umhoefer Between May 12 and May 15, 2015, as part of the annual Internet Sweep Days, nearly 30 Data Protection Authorities (“DPAs”) audited child-oriented websites and mobile apps to check compliance with data privacy rules. Results are expected in Q3 2015. The Global Privacy Enforcement Network (“GPEN”), which brings together numerous countries’ …
Written by Tara Swaminatha and Sydney White, et al. The new sanctions in President Barack Obama’s Executive Order 13694 of April 1, 2015, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” target individuals and organizations overseas who engage in cyberattacks or commercial espionage outside the US that are likely to result in a …
New US sanctions program to combat cybercrimes – 3 action steps for tech companies Read More »
By DLA Piper This week the FTC Bureau of Consumer Protection announced a new office to bolster the technological expertise of the Bureau and the FTC regional offices handling law enforcement investigations. The Office of Technology Research and Investigation (OTRI) replaces the Mobile Technology Unit (MTU) and will take on new technology in addition to …
FTC Announces Office of Technology Research and Investigation Read More »
By Patrick Van Eecke and Julie De Bruyn Today the Schrems v. Irish Data Protection Commission case was brought before the Court of Justice of the European Union (‘CJEU’) for an oral hearing, following referral by the Irish High Court. While the final ruling by the CJEU is to be awaited until June 24, it …
EUROPE: EU-US data flows at risk? European Court of Justice today heard Facebook case Read More »
By Giulio Coraggio The European Council approved the “one-stop-shop” privacy rule which might cause relevant issues to companies operating in different European countries, including large American Internet and technology companies, where separate disputes might arise. As part of the process that should lead to the introduction of the new EU Privacy Regulation, the EU Council …
Written by Sydney White The White House released its much anticipated legislative proposal on the Consumer Privacy Bill of Rights Act (CPBRA) that was first floated in 2012. The CPBRA, if enacted (which seems unlikely before 2016), would provide consumers with the right to decide how and what personal data is collected by companies and …
By Jennifer Kashatus On March 9, 2015, the Federal Trade Commission (FTC) announced that it executed a Memorandum of Understanding on privacy enforcement cooperation with the Dutch Data Protection Authority. In executing the MOU, the FTC noted that it increasingly seeks the assistance of international privacy authorities in its efforts to protect consumer privacy. In the MOU, the …
By Michael Malloy and Pavel Arievich On July 20, 2014 a new law amending the law on data protection and law on information was signed off by the Russian president and thus was officialy adopted. The law, as further clarified, will come into force on September 1, 2015. The law requires all personal data operators …
Russia: Important changes to Russian data protection rules Read More »
Written by Sydney White President Obama made a series of announcements on cybersecurity, data security, and privacy that will be incorporated into his State of the Union address tonight. In conjunction with the announcements, the White House released legislative proposals on cybersecurity information sharing and data breach notification. http://www.whitehouse.gov/omb/legislative_letters On cybersecurity information sharing, the proposal authorizes …
President Obama Unveils Plans About Cybersecurity Read More »
By Giulio Coraggio Privacy breaches and potential liabilities might increase as a consequence of the usage of drones that represent a massive resource in a number of different sectors, but might also trigger some “new” unexpected legal risks. Drones were initially used only in the military sector. However, the possibility to rely on them for …
What privacy obligations and liabilities for drones? Read More »
Student data privacy was the hottest data privacy or security issue at the state level during the 2014 legislative sessions. Fueled by grassroots parental concern over potential misuse of student data by school contractors who are not regulated by the Family Educational Rights and Privacy Act (FERPA), the federal education privacy law, many states enacted …
By Patrick Van Eecke & Julie De Bruyn Last week, the increased focus of national data protection authorities on the processing of personal data through mobile apps was again confirmed in an open letter from a group of data protection authorities. Earlier this year, the Global Privacy Enforcement Network (GPEN, consisting of 40 national and …
24 privacy authorities worldwide call for more mobile app privacy Read More »
Written by Sydney White On October 24, 2014, in its first data security enforcement action outside of the CPNI context, the Federal Communications Commission (“FCC” or the “Commission”) issued a Notice of Apparent Liability for Forfeiture of $10,000,000 against two telecommunications providers TerraCom, Inc. and YourTel America, Inc. (the “Companies”) providing telecom services to low-income …
FCC Forges New Ground on Enforcement of Data Security Duties under Communications Act Read More »
Written by Giangiacomo Olivi As we discussed in our previous posts, there are a number of positive trends that make the Internet of Things a long lasting evolution. Hardware is improving, there is an increasing understanding from the industry of the benefits that can be drawn from harmonization and interoperability, customers ever more expect to …
GLOBAL – Internet of Things – Top ten data protection concerns Read More »
By Patrick Van Eecke & Mathieu Le Boudec Last week, a resolution on big data was adopted under the auspices of the 36th International Conference of Data Protection and Privacy Commissioners (hereafter: “ICDPPC”). After earlier guiding documents released this year by, among others, the Executive Office of the President of the United States, the Information Commissioner’s Office …
Written by Peter McLaughlin On Friday, October 10th, an opportunity to submit comments on a Request for Information concerning awareness and implementation of the “Framework for Improving Critical Infrastructure Cybersecurity” closes. Companies of all sizes and sectors should pay attention to the resulting conclusions from the National Institute for Standards and Technology (NIST). While NIST …
By Patrick Van Eecke Mobile apps: increasing privacy transparency is on top of your to-do list! Patrick Van Eecke & Elisabeth Verbrugge As previously announced, the Global Privacy Enforcement Network (GPEN) recently released the results of the global privacy sweep of mobile applications it conducted in May 2014. More than 25 privacy commissions around the world …
Mobile apps – increasing privacy transparency is on top of your to-do list! Read More »
Written by Sydney White On August 29, the district court judge lifted the stay after finding that the decision was not appealable. Microsoft continues to refuse to turn over the emails and it seems likely that the judge will find Microsoft in contempt. A contempt order would be appealable as a final order and could …
Written by Ryan Sulkin The PCI Security Standards Council has recently published recommendations for ensuring that payment data and systems entrusted to third parties are maintained in a secure and compliant manner, in accordance with PCI-DSS requirements. The recommendations are available at the following link: https://www.pcisecuritystandards.org/documents/PCI_DSS_V3.0_Third_Party_Security_Assurance.pdf. A merchant, prior to engaging a supplier that will access …
PCI Security Standards Counsel: Recently Published Recommendations Read More »
Written by Aravind Swaminathan and Tara McGraw Swaminatha The New York Times reported this week that an organized Russian criminal group stole approximately 1.2 billion user name and password credentials associated with more than 500 million email addresses from hundreds of thousands of websites around the world. The article notes that the hackers used a …
HACKERS STEAL 1.2 BILLION PASSWORDS – 4 STEPS TO TAKE NOW Read More »
