May 2011

 By Anna Kraus

Last Thursday, the Office of Management and Budget (OMB) released the preliminary regulatory review plans of 30 federal agencies, including the Department of Health and Human Services (HHS).  The regulatory review plans were mandated by President Obama in an executive order issued earlier this year, and are
Continue Reading HHS Regulatory Review Plan Contemplates Modifications to HIPAA

Senator Al Franken recently sent a letter to Apple and Google asking them to require all applications available in the Apple App Store and the Android App Market to have “clear and understandable” privacy policies.  He made a similar request at a Senate hearing on mobile privacy earlier this month. 

Continue Reading Franken Asks Apple and Google To Require Privacy Policies of Mobile Apps

A new bill has been introduced in the Illinois legislature that would make it illegal for employers to ask prospective employees for access to their social network profiles.  The bill, H.B. 3782, would amend the Illinois Right to Privacy in the Workplace Act to provide that employers may not ask

Continue Reading Illinois Bill Would Ban Employer Demands for Job Applicant Social Network Credentials

The Federal Communications Commission (FCC) recently launched a website devoted to helping small businesses with cybersecurity.  The site offers tips for small businesses facing online security issues and provides links to other sources of guidance.  The tips apply to all small businesses, not just those operating in fields subject to

Continue Reading FCC Launches Cybersecurity Site for Small Businesses

Late yesterday the UK ICO issued a new press release and guidance on its plans to enforce the new UK “cookie regulation,” which was enacted by the UK Government to implement the EU’s e-Privacy Directive.  

The new release, which follows previous ICO guidance outlining how businesses might comply with

Continue Reading On First Day of New UK Cookie Rules, ICO Issues a 1-year Moratorium on Enforcement

By Anna Kraus

Last week, the Office of Inspector General (OIG) within the Department of Health and Human Services (HHS) issued two audit reports regarding federally mandated data security measures for health information.  Both reports are highly critical of HHS’s efforts to protect the security of electronic health information.

In
Continue Reading OIG Criticizes HHS Oversight of the HIPAA Security Rule, Data Security Controls in Health IT Standards

Representatives Edward Markey and Joe Barton recently introduced the “Do Not Track Kids Act of 2011,” which would expand and modernize the Children’s Online Privacy Protection Act (COPPA) and also would introduce new privacy protections for all minors under 18.  

COPPA currently prohibits operators of websites and online services from knowingly collecting, using, or disclosing personal information from children under 13 years of age without parental consent.  The Do Not Track Kids Act would, among other changes, expand COPPA to cover online and mobile applications and to protect unique device identifiers such as IP addresses.

Separately, the bill would establish new privacy rules to protect minors under 18.  If enacted, the bill would prohibit the use of personal information for targeted marketing to minors, require express consent from parents or teens prior to the collection of geolocation information, require operators to provide a means to delete personal information shared publicly by minors, and require covered entities to implement a “Digital Marketing Bill of Rights for Teens” that would be influenced by the Federal Trade Commission.

After the jump is a summary of the bill’s key provisions.Continue Reading Markey and Barton Introduce “Do Not Track Kids Act of 2011”

The Federal Communications Commission is seeking public comment on the use of location-based services in connection with a forthcoming staff report.  Comments are due to the FCC by July 8, 2011.

The agency also is teaming up with the Federal Trade Commission to host an educational forum on June 28, 2011

Continue Reading FCC Drafting a Report on Location-Based Services

Senator Rockefeller, Chairman of the Senate Commerce Committee, has asked Apple, Google, and the Association for Competitive Technology to respond to questions to help determine whether the applications running on their mobile platforms comply which the Children’s Online Privacy Protection Act (COPPA). COPPA requires operators of certain websites and online

Continue Reading Senator Rockefeller Asks Mobile Companies About Children’s Privacy

By Elizabeth Katz

Twenty-five years after authoring the Electronic Communications Privacy Act (“ECPA”), Senator Patrick Leahy has introduced a bill, the ECPA Amendments Act of 2011 (S. 1011), that is intended to adapt the Act to the privacy and security challenges of the 21st Century.  The bill would amend Title II of ECPA, commonly called the “Stored Communications Act” or “SCA,” which regulates the disclosure to private parties and the U.S. government of electronic communications in storage with certain service providers.  Much of S. 1011 increases the requirements that the U.S. government must satisfy to compel disclosure of covered communications.

The bill was introduced amid a flurry of activity in the Senate related to privacy and data security.  Last week, the newly formed Senate Subcommittee on Privacy, Technology and the Law held a hearing on privacy in the mobile communications context (which also touched on ECPA reform), and the Senate Commerce Committee held a similar hearing today (its sixth hearing on consumer privacy in the past 13 months).

After the jump is a summary of S. 1011’s key provisions.Continue Reading Senator Leahy Proposes Amendments to ECPA