The Boston Bar Association’s inaugural Privacy and Cybersecurity Conference will be held on May 24. The conference will bring together attorneys from private practice and in-house legal departments to network and discuss key topics and trends in privacy and cybersecurity. This full-day conference will cover a wide range of topics from data breach response and litigation to compliance and transactional issues. Panelists will discuss new developments in the legal and regulatory landscape,… More
Tag Archives: privacy
For internet-of-things watchers, some information to chew on: several news outlets have reported on a dispute between Amazon and law enforcement investigators in Bentonville, Arkansas. Arkansas police are investigating an apparent homicide that took place in November 2015, and have charged one suspect with murder. Searching the house where the crime took place, investigators uncovered an Amazon Echo device, a personal digital assistant that can be activated by voice commands.… More
The new (EU) 2016/679 General Data Protection Regulation (GDPR) will enter into force on 25 May 2018. Its scope is broader than that of the current 95/46/CE Directive, which means that more companies headquartered outside of the EU will have to comply with European data protection rules than under the current regime.
The 95/46/CE Directive set up a European body, the Article 29 Working Party,… More
Reuters reported earlier this month that, according to three former employees, Yahoo Inc. had “complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo mail accounts at the behest of the NSA or FBI.” Yahoo responded that the article was misleading, but did not deny the scanning had occurred.
The New York Times reported further details about this scanning: Yahoo had modified a system intended to scan emails for child pornography and spam in order to satisfy a secret court order requiring it to search for messages containing a computer “signature” tied to the communications of a state-sponsored terrorist organization.… More
On July 6, 2016, the European Union adopted Directive (EU) 2016/1148, “concerning measures for a high common level of security of network and information systems across the Union,” otherwise known as the Network and Information Security Directive. (A directive, in EU parlance, is an instruction to member states to achieve a particular objective and a general framework for how to do so. This differs from a regulation, which is immediately binding on all member states.) Pursuant to this Directive,… More
What the recent Amazon decision tells us
On 28 July 2016, the European Court of Justice rendered a decision in a dispute between an Austrian Consumer Protection organization known as VKI (Verein für Konsumenteninformation) and Amazon EU Sàrl, a subsidiary of Amazon registered in Luxembourg. The main issue in this case is whether Amazon General Conditions were enforceable under Consumer Law; however; one of the questions referred to the European Court was about the territorial scope (Article 4) of the 95/46/EC Directive on Data Protection.… More
In Case You Missed It: In a sign of the growing importance of cyber operations in warfare, the Obama administration plans to elevate the status of the Pentagon’s Cyber Command. The U.S. Cyber Command, or USCYBERCOM, was created on June 23, 2009. Its stated mission is to, among other things, “conduct full spectrum military cyberspace operations” to “ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.” Currently,… More
In Case You Missed It: U.S. Major party platforms address cybersecurity. The two major parties have released their 2016 election platforms, both of which include cybersecurity planks. The Republican platform’s perspective of cybersecurity is an element of national security and international relations. The platform called for harsh responses to cyber-attacks against American businesses, institutions, and government, applauded the Cybersecurity Information Sharing Act of 2015, and pledged to “explore the possibility of a free market for Cyber-Insurance.” The Democratic platform is largely as a continuation of President Obama’s cybersecurity policies.… More
In Case You Missed It: Court certifies class in suit against Apple. On July 15, 2016, U.S. District Judge Jon S. Tigar certified a class of users of the mobile app Path, who allege that Apple facilitated the app’s access their contacts without their knowledge. In the same decision, Judge Tigar denied certification to a proposed class of consumers who downloaded the app, but never had their contacts uploaded. … More
- The Privacy Shield will now go into effect.
- The preliminary start date for companies to be certified under the Privacy Shield is August 1, 2016.
- Expect more challenges to the Privacy Shield before all is said and done.
Following the invalidation of the US-EU Safe Harbor by the European Court of Justice in the Schrems case,… More