The pace of privacy legislation at the federal level has begun to pick up, with news that Senator John Kerry (D-MA) and Representative Bobby Rush (D-IL) both will introduce comprehensive privacy bills in the coming days or weeks.
In discussing Senator Kerry’s proposal, staff have suggested that it will build
Continue Reading Kerry, Rush, Speier to Introduce Privacy Legislation
Hawaii legislators have introduced several bills to amend the state’s data breach notice law. Two of these legislative measures would eliminate the “risk of harm” trigger for breach notification in Hawaii. Currently, notice to Hawaii consumers is required only “where illegal use of the [breached] personal information has occurred, or is reasonably likely to occur and that creates a risk of harm to a person.”
A number of state breach notice laws have such provisions, and industry commenters responding to the Department of Commerce’s Green Paper on “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework” have argued that breach notice should be required only when there is a significant risk of harm to individuals. These commenters argue that breach notice should be limited in this manner to prevent unduly alarming consumers and to avoid the dilution of breach notification for those cases in which a significant risk of harm does exist. In contrast to this approach, legislative measures in Hawaii would eliminate any “risk of harm” trigger for breach notification.
Specifically, these legislative measures would amend Hawaii’s breach notification requirements in the following respects:Continue Reading Hawaii Considers Amendments To Data Breach Notification Law
It is no surprise that the 97 comments filed in response to the Department of Commerce’s Green Paper on “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework” take a range of positions on issues such as the need for federal privacy legislation, the relevance of
Continue Reading Department of Commerce Proposed Privacy Framework: Context Matters
On January 19, U.S. Representative Steve Cohen (D-TN) introduced H.R. 321, the “Equal Employment for All Act,” which would amend the Fair Credit Reporting Act to restrict employers from using consumer credit reports to make adverse employment decisions (e.g., hiring, promotion, termination) regarding prospective or current employees. The Act
Continue Reading Federal and State Legislation to Restrict Employer Use of Employee Credit Reports
Blog readers in the U.S. may have missed this month’s Wired U.K., which included “ultra personalized” covers that provided detailed information about each of a small number of subscribers who received it. The cover included hand-collected data about subscribers’ telephone numbers, social networking activities, eBay purchases, property sales, and
Continue Reading What Wired’s “Ultra Personalized” Take on Privacy Means for You
Today, the EU Commission formally approved Israel’s status as a country providing “adequate protection” for personal data under the European Data Protection Directive. The Data Protection Directive generally prohibits personal data from being transferred outside the EU unless the data is subject to an “adequate level of protection,” or certain
Following on from ENISA’s recent report on cloud computing in government, Commissioner Neelie Kroes set out some further thoughts on a European Cloud Computing Strategy last week at Davos. In an encouraging sign for cloud providers and European industry more broadly, Commissioner Kroes spoke positively about the need to ensure that
Continue Reading Towards a European Cloud Computing Strategy