Data Collection Personally Identifiable Information

News & Analysis as of

California Amends Breach Notification Law: Unique New Refinements and Requirements

The California legislature has again amended the state’s breach notification statutes to impose new and unique requirements and refinements, adding further complexity to the patchwork of breach notification requirements....more

“And That’s the End!” 11th Circuit Ends VPPA Action in Ellis, But Leaves the Question of What is PII Unresolved

Digital content and media providers got some good news from the U.S. Court of Appeals for the Eleventh Circuit in October when the court held that plaintiffs must be “subscribers” and not just users of a provider’s service to...more

Illinois finds itself at forefront of facial-recognition litigation

Illinois is leading the way in regulating facial-recognition technology — it is one of only two states (the other Texas) that has passed laws covering the collection and use of biometric information. Illinois also is...more

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

Tagging Trouble: Forays into the Regulation of Biometric Data

We leave breadcrumbs of biometric information scattered around our daily lives, which may be collected and used by private entities, often without our knowledge or consent. The sound of your voice when you call your bank’s...more

PRIVACY POLICIES AND THE SALE OF CORPORATE ASSETS: It pays to plan ahead to preserve the value of your data assets

Personal data is a valuable corporate asset. At times, the personal information collected from customers (such as email address, mailing address, phone number, etc.) can be a company’s most valuable asset. Unfortunately,...more

Data privacy in the Americas - At a glance

As multinational employers are aware, data privacy laws can vary greatly from jurisdiction to jurisdiction. Ensuring compliance with the different requirements can be challenging, and the penalties for noncompliance can be...more

Does Your Website Privacy Policy Need Some Love?

Everyone does it, especially startups. You need a privacy policy for your website, and your legal budget is limited. Hop onto Facebook (or Google, or Amazon) — cut, paste and voilà! — your startup has a shiny new privacy...more

“My, what beautiful eyes you have . . .” – Biometric Data and Privacy

Biometric data – obviously not in just the movies anymore. It is alive, well, and increasingly being used in our everyday society. But, on September 23, 2015, when the Office of Personnel Management revealed that fingerprint...more

Effects of Schrems Ruling on International Internal Investigations

In a recent landmark decision, Maximillian Schrems v. Data Protection Commissioner, Europe’s highest court struck down a US-EU agreement that allowed companies to move personal electronic data between the European Union and...more

States Continue To Grapple With Data Breach Notification Issues

Connecticut’s data breach notification law currently requires notification “without unreasonable delay.” Effective October 1, 2015, Connecticut will (a) require notice of any breach of security not only “without unreasonable...more

US Safe Harbor Not Safe from EU Court Ruling

A major European court has just pulled the rug out from under nearly 5,000 US companies, snatching away the relative business certainty of the Data Transfer Safe Harbor, and maybe the safety of standard contract clauses and...more

Second Chance to File Oppositions to CTIA Challenge

In its June 2015 Lifeline Order on Reconsideration, the FCC adopted a new rule which requires ETCs to retain documentation demonstrating subscriber eligibility for Lifeline, such as a copy of the applicant’s food stamp card...more

EU U.S. Data Protection: The Safe Harbor Framework Under Attack

As a reaction to recent disclosures and revelations about the data collection and surveillance by the US government, the Safe Harbor permitting the transfer of personal information from the EU to the US is under attack, and...more

FTC Gives Words of Warning to the Wise

The Federal Trade Commission has issued new guidance on data security to help businesses that collect, store and use consumer information to stay out of hot water with the agency. Gleaned from the more than 50...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

Judicial Redress Act Advances

In what may prove to be a major step forward in US-EU privacy relations, the House Judicial Committee approved H.R. 1428, the Judicial Redress Act of 2015, on September 16. If enacted, the bill would allow citizens of...more

Delaware Enacts Package of Internet Data Laws

Joining the collection of states with online privacy laws, Delaware has enacted a package of statutes governing the collection, storage and use of the personal information of Delaware residents by websites, Internet and cloud...more

New Amendments to Japanese Privacy Law

Act on the Protection of Personal Information (the "APPI"), which was enacted in 2003 and which went into full effect in 2005, has not been amended since. Over the following decade, the advent of "big data" and the...more

Three Things In-House Counsel Needs to Know About Russia’s New Data Localization Law

On September 1, 2015, Russia’s new law requiring data localization, Russian Federal Law No. 242-FZ (“Russia’s Data Localization Law”) became effective. Although Russia’s Data Localization Law makes multiple changes to...more

Data Localisation Law – clarifications published with one month to go…

Just one month before the new Data Localisation Law (‘the law’) is due to come into force, the Russian Ministry of Communications has published its long-awaited clarifications (in Russian) to the new law....more

Six Ways for Data-Driven Medical Device Companies to Implement Effective Privacy and Security Measures

The increasing amounts of health information being generated, stored and collected have heightened the special risks medical device manufacturers have long faced. In addition to the nexus to patient health and safety, if a...more

IRS auditor loses flash drive exposing SSNs of almost 12,000 people

Katy Independent School District (ISD) was randomly audited by the IRS on August 5th. In order to conduct the audit, the IRS auditor had a flash drive with the names, addresses, birth dates and Social Security numbers of...more

Internet Savvy Senior Lacks Standing to Bring Website Privacy Putative Class Claims Against AARP

The United States District Court for the District of Columbia recently dismissed a putative class action alleging that AARP violated its website privacy policy by allowing Facebook and Adobe to collect personal information...more

The ABCs of COPPA Compliance

In today’s environment – when data breaches seem to be in the news nearly every day – the media, regulators and many others are hyper-focused on privacy issues. Schools and educational institutions are no exception when it...more

203 Results
View per page
Page: of 9

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.