Telecommunications carriers and providers of interconnected VoIP service with access to certain kinds of customer information collected through mobile devices are subject to existing privacy rules governing their use and disclosure of that information, the Federal Communications Commission announced in a declaratory ruling adopted at its June 27 meeting. Significantly, the decision makes clear that … Continue Reading
On 25 June, the Advocate General (the “AG”) submitted an Opinion on a set of questions that a Spanish court referred to the Court of Justice of the European Union (the “Court”). This is the first time that the Court has been asked to interpret the European Data Protection Directive 95/46/EC (the ‘Directive’) in the context of internet … Continue Reading
By: Kelly Carson Last month, the Federal Trade Commission (FTC) issued an updated “How-To” guide to help businesses and organizations determine whether they are subject to the agency’s Red Flags rule (Rule). Under the Rule, certain entities are required to establish written programs that are aimed at detecting and preventing identity theft. The FTC’s revised … Continue Reading
The CNIL announced in a press release on Thursday that it has issued a formal notice to Google Inc. that requires the search engine to provide clear and sufficient information to users about how their data is being used. In particular, the Paris based regulator wants Google to: Define specified and explicit purposes to allow … Continue Reading
Despite previous assertions to the contrary, the European Parliament’s Civil Liberties Committee (“LIBE”) announced on Wednesday that it would not be holding its important vote on the Proposed Data Protection Regulation before the summer recess. A new vote has not yet been scheduled but is planned for September or October 2013. As leading committee on … Continue Reading
On June 11, the Department of Health and Human Services released an unofficial version of all of the HIPAA regulatory standards in one document. The combined regulation text includes the following HIPAA standards: Transactions and Code Set Standards Identifier Standards Privacy Rule Security Rule Enforcement Rule Breach Notification Rule The document reflects the changes in … Continue Reading
By Anna Kraus The Department of Health and Human Services (HHS) announced on June 14 that it reached a settlement with Shasta Regional Medical Center (SRMC) in California over potential violations of the HIPAA Privacy Rule. Under the settlement, SRMC agreed to pay $275,000 and implement a comprehensive corrective action plan (CAP). HHS’s investigation was … Continue Reading
The Federal Communications Commission is scheduled to vote this month on a declaratory ruling stating that existing rules governing telephone carriers’ use of subscribers’ personal information also apply to data collected on mobile devices. Existing regulations restrict telecommunications carriers’ ability to use or disclose Customer Proprietary Network Information (CPNI) that a carrier obtains in the … Continue Reading
By Chris Higby & Kurt Wimmer Yesterday, the Federal Trade Commission held a forum on Mobile Security: Potential Threats and Solutions. The forum brought together academics, industry leaders, and security experts to discuss the security problems arising from the rapid adoption of mobile devices. The first panel, consisting of security experts and researchers, gave a … Continue Reading
Personalization of the shopping experience is a hot topic in the travel industry. It has also prompted privacy regulators to consider the implications for the consumer. For example, the Article 29 Data Protection Working Party in April issued a letter to the International Air Transportation Association (IATA) on this topic and a Department of Transportation committee recently … Continue Reading
