Tag Archives: privacy

What Do Pumpkin Spice Lattes and National Cybersecurity Awareness Month Have in Common?

What do pumpkin spice lattes and National Cybersecurity Awareness Month have in common?  Not much, other than both should be top of mind in October, but that doesn’t mean that it’s wrong to think about them both in August.

Held every October, National Cybersecurity Awareness Month is a collaborative effort between government and industry to ensure every American has the resources they need to stay safe and secure online while increasing the resilience of the Nation against cyber threats.  … More

EU Commission Issues Communication about GDPR

The EU Commission issued today a “Communication to the European Parliament and the Council” which is entitled “Data protection rules as a trust enabler in the EU and beyond- taking stock”, which outlines the current state of EU data protection, with particular focus on the impact of GDPR.

  1. The implementation of GDPR in the EU

The Commission notes that all EU Member States have updated their national data protection laws except for three (Greece,… More

China’s Internet Regulator Drafts COPPA-Like Rules for Children’s Data Privacy

In early June, the Cyberspace Administration of China released for public comment new draft regulations applicable to the collection of personal information relating to children under 14 by online service providers.

The draft regulations share many of the same structures as those utilized by the Children’s Online Privacy Protection Act (“COPPA”) in the United States:

  • online service operators will have to obtain parental consent based on a comprehensive disclosure about the collection,…
  • More

Privacy and Data Security Strategies for Start-Up Companies

Start-up companies know that, when potential investors kick the tires, they will look carefully at the company’s business model and IP portfolio.  These days, investors are also likely to look at whether the company is in compliance with privacy and data security laws.  Cybersecurity has become increasingly important for business of all sizes.  While identity thieves may focus on the target rich environments of large-scale enterprises,… More

The Cost of a Free Press: Allergy Practice Pays $125,000 to Settle Physician’s Disclosure of Patient Information on TV

Allergy Associates of Hartford, P.C. (“Allergy Associates”), has agreed to pay $125,000 to the Office for Civil Rights (“OCR“) at the U.S. Department of Health and Human Services (“HHS”) and to adopt a corrective action plan to settle potential violations of the HIPAA Privacy Rule.  Allergy Associates is a health care practice that specializes in treating individuals with allergies, and is comprised of three doctors at four locations across Connecticut.… More

Senator Warner’s White Paper Gives Congress Options for Regulating Social Media and Technology Companies

Senator Mark Warner of Virginia has released a white paper outlining policy proposals for regulating social media and technology companies. The paper has gained significance in recent weeks as pressure builds on Congress to pass federal data privacy legislation. In the wake of Europe’s GDPR and California’s Consumer Privacy Act, industry groups, tech companies, and privacy activists alike have urged Congress to act.… More

California Amends its Consumer Privacy Act

On September 23, 2018, California Governor Jerry Brown signed into law SB-1121, a bill that makes several amendments to the Golden State’s landmark Consumer Privacy Act (“CCPA”). California enacted the CCPA in June after legislators reached a last-minute compromise with a group of privacy activists who would have put a more stringent data protection measure on the November ballot. Given the hasty enactment of the law,… More

FTC Seeks to Hold Companies to GDPR/Privacy Shield Promises

As if having to deal with all the EU’s Data Protection Authorities wasn’t challenge enough for companies trying to comply with GDPR, the FTC has now asserted that it has a role in GDPR enforcement.  In particular, the FTC says it has a role in making sure that US companies live up to the GDPR-related promises that they make.  This position came to fruition in a proposed FTC settlement with California-based employment training company,… More