Last week the California Senate unanimously approved a bill requiring that operators of commercial websites and online services that collect personal information disclose how they respond to “do-not-track” signals from web browsers and whether they allow third parties to engage in online tracking. The legislation, which was introduced by Assemblyman Al Muratsuchi, has been sponsored … Continue Reading
Today the National Institute of Standards and Technology (“NIST”) issued a discussion draft of a “Preliminary Cybersecurity Framework.” Executive Order 13,636 on Improving Critical Infrastructure Cybersecurity tasked NIST with developing a “Cybersecurity Framework” “to reduce cyber risks to critical infrastructure.” The Order specifies that the Framework must “provide a prioritized, flexible repeatable, performance-based, and cost-effective … Continue Reading
By Eric Carlson & Scott Livingston On August 27, 2013, state-run China Central Television broadcast a taped confession of detained British fraud investigator Peter Humphrey confessing to having used “illegal means” to obtain the personal information of Chinese citizens. This highly unusual broadcast of a confession made by a foreigner in China, along with other … Continue Reading
Earlier this week, U.S. Federal Trade Commission (FTC) Chairwoman Edith Ramirez gave the keynote address at a technology conference, in which she focused on the privacy challenges of so-called “big data.” Her remarks provide some guidance about what the FTC considers “best practices” in terms of deploying big data analytics without raising privacy concerns. Data minimization … Continue Reading
Recently, a jury in the U.S. District Court for Oregon awarded a plaintiff $18.58 million in compensatory and punitive damages for Equifax’s violations of the Fair Credit Reporting Act (FCRA). The plaintiff was a co-signor to a loan that was denied by a bank due to the plaintiff’s credit report, which was a “mixed file” that … Continue Reading
Earlier this week, the Huffington Post’s Jennifer Kerr reported on the practice of tracking of merchandise returns by retailers. According to the article, some retailers track merchandise returns to identify “chronic returners or gangs of thieves trying to make off with high-end products that are returned later for store credit.” The article notes that many … Continue Reading
Many employers have been surprised by recent rulings that two common employment policies run afoul of the National Labor Relations Act (“NLRA”) even if their employees are not union members. Based on a legitimate interest in preserving confidentiality and privacy, many employers have adopted social media policies limiting what employees may post on Facebook or … Continue Reading
The United States District Court for the Eastern District of Michigan has allowed a putative class action under Michigan law to proceed against several magazine publishers that allegedly sold lists of their customers’ names, addresses, and subscription choices to third parties. Earlier this week, in a case styled Halaburda v. Bauer Publishing Co., Judge Steeh … Continue Reading
The Digital Advertising Alliance (“DAA”) recently released a guidance document titled Application of Self-Regulatory Principles to the Mobile Environment (“Mobile Guidance”). The Mobile Guidance does not purport to establish new principles, but rather to explain how the DAA’s existing principles — the Self-Regulatory Principles for Online Behavioral Advertising and for Multi-Site Data — apply to the … Continue Reading
On July 30, 2013, the Korean Ministry of Security and Public Administration (MOSPA) announced several amendments to the Personal Information Protection Act (PIPA) concerning collection and use of ‘Resident Registration Numbers’ (RRNs) – Korea’s national identification numbers. The PIPA is a general legal framework for personal information protection and is complemented by several sector-specific laws. … Continue Reading
On July 30, 2013, the Korean Ministry of Security and Public Administration (MOSPA) announced several amendments to the Personal Information Protection Act (PIPA) concerning collection and use of ‘Resident Registration Numbers’ (RRNs) – Korea’s national identification numbers. The PIPA is a general legal framework for personal information protection and is complemented by several sector-specific laws. … Continue Reading
The US Information Security and Privacy Board (ISPAB) voiced concerns over potential harms resulting from a lack of controlled management of cybersecurity in wireless medical devices in response to FDA’s draft guidance, “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.” ISPAB operates under the National Institute of Standards and Technology (NIST) in its … Continue Reading
On July 16, 2013, China’s Ministry of Industry and Information Technology (“MIIT”) promulgated the Provisions on Protecting the Personal Information of Telecommunication and Internet Users (“Internet Provisions”). The Internet Provisions, which take effect September 1, 2013, provide specific implementation rules for telecommunication and internet information service provider’s (“TSPs” and “IISPs,” respectively) collection and use of … Continue Reading
Twitter recently released its bi-annual transparency report, detailing the number of requests that the company has received from governments for user information or to take down content. According to the report, the company received 1,157 requests for user information in the first six months of 2013, the highest amount since Twitter began releasing its report. … Continue Reading
Recently, the National Network to End Domestic Violence (NNEDV) and Facebook launched a guide intended to assist individuals who have been victims of domestic violence. The guide offers tips to individuals who have suffered abuse on “how to use Facebook in a way that ensures that they stay connected with friends and family, but control … Continue Reading
On August 1, Representatives Lee Terry (R- Neb.) and Jan Schakowsky (D-Ill.) announced the creation of a bipartisan Privacy Working Group in the U.S. House of Representatives that will seek to “examine online privacy concerns and issues…with a balanced approach that recognizes the need to protect personal information online in a manner that preserves growth … Continue Reading
