Latest Publications

Share:

Uber Settles FTC Dispute Over Consumer Data Privacy and Security Allegations

There are several key takeaways from a 20-year proposed consent order agreed to by Uber Technologies, Inc. (Uber) and the Federal Trade Commission (FTC)...more

Nevada Becomes the Third State to Enact Website Privacy Notification Law

Not everything that happens in Vegas stays in Vegas. Starting on October 1, 2017, a new Nevada privacy law will require certain website owners and operators to publish a notice regarding their privacy policies, disclosing to...more

To DPO or Not to DPO: Revised Guidance Issued on Data Protection Officers Under GDPR

If you are a hospital processing European Union (EU) patient data, if you maintain EU customer loyalty programs, or if you engage in behavioral advertising of EU citizens, you may be required to appoint a data protection...more

United Kingdom Privacy Office Issues Guidance on Consent Under GDPR

The EU General Data Protection Regulation (GDPR), which takes effect in May 2018, will require companies to reassess their mechanisms for obtaining, tracking, and verifying individuals' consent. Companies will need clear and...more

Disclosure Is Key for Cross-Device Tracking, FTC Staff Report Says

If you or your third-party providers are engaged in cross-device tracking, you must adequately disclose the practice to your end users, provide them control over their information, and exercise care when collecting sensitive...more

EU e-Privacy Regulation Raises Stakes for Compliance

The European Commission's proposed e-privacy regulation sets forth obligations on handling electronic communications and clarifies obligations for seeking consent for the use of cookies. Meant to bring the e-privacy directive...more

FTC Settles with Targeted Digital Advertising Company over Supercookie Advertising Practices

The Federal Trade Commission (FTC) has entered into a proposed consent order requiring digital advertising company Turn Inc. to include a clear and conspicuous notice detailing how it collects, uses, or shares information...more

Affair Website Ashley Madison Fined $8.75 Million Over Data Breach, Misrepresentations

The Federal Trade Commission (FTC) has entered into a multimillion dollar settlement with the owners and operators of AshleyMadison.com, a dating website for people interested in having discreet affairs, related to the...more

Prepare for Compliance with General Data Protection Regulation Checklist

The Irish Data Protection Commissioner (DPC) has issued a 12-step checklist of actions companies can take now to better prepare for compliance with the General Data Protection Regulation (GDPR), the new EU privacy regulation...more

HHS Designates Cloud Service Providers as Business Associates Under HIPAA

Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more

European Court Of Justice Rules That Dynamic IP Addresses Can Be Personal Data

In a ruling with significant potential impact, the Court of Justice of the European Union (CJEU) has ruled that a dynamic internet protocol (IP) address may constitute "personal data" under EU Data Protection Directive...more

UK ICO Offers Guidance on Privacy Notices Under the GDPR and the UK Data Protection Act

In an anticipated guidance, the United Kingdom's Information Commissioner's Office (ICO) updated its code of practice for privacy notices titled Privacy notices, transparency and control (the Code). Significantly, the ICO has...more

To (Dis)Close for Comfort–FTC Workshop Seeks Effective Consumer Disclosures

A goal of providing effective disclosures to consumers is to allow consumers to make informed decisions. But what must be done to make disclosures effective? This was the question the Federal Trade Commission (FTC) explored...more

Lessons for Businesses from FTC’s Opinion on LabMD’s Data Security Practices

The Federal Trade Commission (FTC) has issued an Opinion and Final Order finding that the data security practices of LabMD, Inc. were unreasonable, and therefore constituted an unfair act or practice in violation of Section 5...more

OCR Announces First HIPAA Enforcement Action against a Business Associate

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) announced an agreement with Catholic Health Services of the Archdiocese of Philadelphia (CHCS), settling allegations that CHCS violated the Health...more

European Parliament Adopts EU General Data Protection Regulation; 12 Steps Businesses Should Take Now

The European Parliament has voted to adopt the draft text of the General Data Protection Regulation (GDPR), which imposes enhanced requirements on organizations processing personal data in the European Union and transferring...more

EU-U.S. Privacy Shield Framework Text Published: Imposes New Obligations on U.S. Entities that Seek Data Transfers from the EU

The European Commission (EC) has released details of the EU-U.S. Privacy Shield, a new framework under which personal data may be transferred from the European Union (EU) to the United States. The Privacy Shield replaces the...more

California Data Breach Report Defines “Reasonableness” Standard for Data Protection

Nearly three in five Californians were victims of a data breach in 2015, according to a report released by state Attorney General Kamala D. Harris. The report adopts minimum standards of ''reasonable security'' for personal...more

President Obama Gives EU Citizens Judicial Redress for Privacy Violations

The Judicial Redress Act (Act), signed into law on February 24, 2016, by President Obama, extends the privacy protections offered to U.S. citizens under the Privacy Act of 1974 to citizens of ''covered countries'' overseas....more

From Safe Harbor to Privacy Shield: New EU-U.S. Agreement for Transatlantic Data Flows

The European Commission (EC) and the U.S. Department of Commerce have reached an agreement to create a framework for transfers of personal data from the European Union to the United States. The framework, named the EU-U.S....more

Use of Big Data May Violate Federal Consumer Protection Laws, FTC Report Warns

A new Federal Trade Commission (FTC) report, "Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues," warns that certain uses of big data consisting of consumer information may implicate various federal...more

1/27/2016  /  Analytics , Big Data , Discrimination , ECOA , FCRA , FTC , Popular

FTC Takes Action against App Developers on COPPA Allegations Involving Persistent Identifiers

The FTC has announced enforcement actions against two app developers that allegedly violated the Children’s Online Privacy Protection Act (COPPA) by using persistent identifiers to serve advertising to children. The...more

President Signs Bill Creating Exception to GLBA Annual Notice Requirement

An amendment creating an exception to the annual privacy notice delivery requirement for financial institutions has been signed into law by President Obama as part of the “Fixing America’s Surface Transportation Act” (FAST...more

Company Prevails in Challenge to FTC Data Security Complaint

A recent decision by the Federal Trade Commission (FTC) Chief Administrative Law Judge (ALJ) dismissed the FTC’s complaint against LabMD, Inc. (LabMD) asserting the company’s alleged failure to protect consumer data in two...more

California Updates Data Breach Notification Statute

Three bills that will update California’s data breach notification requirements have been signed into law by Governor Jerry Brown. The bills impose specific requirements on providing breach notification to consumers, add a...more

34 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.