Tag Archives: privacy

FTC Seeks to Hold Companies to GDPR/Privacy Shield Promises

As if having to deal with all the EU’s Data Protection Authorities wasn’t challenge enough for companies trying to comply with GDPR, the FTC has now asserted that it has a role in GDPR enforcement.  In particular, the FTC says it has a role in making sure that US companies live up to the GDPR-related promises that they make.  This position came to fruition in a proposed FTC settlement with California-based employment training company,… More

Blogging from BIO 2018: And on the Third Day… the Panel Discussed Privacy and Data Security

It took three days, but I finally found a panel at BIO 2018 that addressed the current challenges in privacy and security regarding health data.  This panel, Realizing the Potential of Clinical and Consumer Genomics, was focused on all the new genetic tests that are available (with more to come) and all the genetic data those tests are generating.  I was particularly impressed with the approach of Mindstrong Health to privacy and security,… More

Privacy Shield: Article 29 Working Party Calls Upon the European Commission and US Authorities to Restart Discussions

‎On November 28, 2017, the EU’s Article 29 Working Party issued its report on the First Annual Joint Review of the EU-US Privacy Shield, which was conducted on September 18-19, 2017.

In this 38 page report, the WP analyzed the Privacy Shield’s commercial and government aspects (as it did in its earlier opinion, issued in April 2016 when the Privacy Shield was still a draft;… More

Schrems II Judgment Rendered

A 152 page judgment was rendered today by the Irish High Court in Schrems II:  DPC v Facebook.

Not surprisingly, the court decided to refer the case to the Court of Justice of the European Union to make a decision about the validity of the three decisions ‎issued by the Commission for the Standard Contractual Clauses.

Ms. Justice Caroline Costello referred these issues because she concurred with the Irish Data Protection Commissioner’s view there are “well founded”… More

Mistake in Your Credit Report? The Latest Spokeo Decision Suggests You May Have A Case.

In the 9th Circuit’s August 15, 2017 decision in Robins v. Spokeo, the latest in the long-running legal debate about when a consumer cause of action exists for a data breach, the 9th Circuit has declared that inaccuracies in a published credit report may sometimes constitute a “concrete injury” sufficient to confer Article III standing. This is a significant win for consumer protection advocates,… More

FTC Updates COPPA Guidance for Businesses

On June 21, 2017, the FTC updated its COPPA Compliance Guidance for businesses. The new guidance includes new descriptions of services and products covered by COPPA, and new methods for obtaining parental consent.

Though the guidance is new, the subjects of the guidance generally are not; for example, “internet-enabled location-based services” have long been within the ambit of COPPA because geolocation information has long been part of the definition of “personal information” of children that COPPA regulates.… More

Boston Bar Association’s Inaugural Privacy and Cybersecurity Conference, May 24, 2017

The Boston Bar Association’s inaugural Privacy and Cybersecurity Conference will be held on May 24.  The conference will bring together attorneys from private practice and in-house legal departments to network and discuss key topics and trends in privacy and cybersecurity.  This full-day conference will cover a wide range of topics from data breach response and litigation to compliance and transactional issues. Panelists will discuss new developments in the legal and regulatory landscape,… More