On March 9, 2017, the Court of Justice of the EU (“CJEU”) handed down a ruling limiting the reach of its prior “right to be forgotten” jurisprudence, by holding that the right does not prevail over society’s interest in access to official public records of company details required by law.
Continue Reading CJEU Limits Public Record ‘Right to Be Forgotten’

By David Fagan and Libbie Canter

Yesterday, the House Subcommittee on Commerce, Manufacturing, and Trade voted to report the Secure and Fortify Electronic Data Act (H.R. 2577) — the SAFE Data Act — to the full House Energy & Commerce Committee, moving the legislation one step closer to passage. The legislation creates a national breach notification standard that would preempt the 46 state laws (plus District of Columbia and Puerto Rico laws) that presently require entities to notify consumers of breaches of their personal information.

The legislation was introduced formally on July 19 by Rep. Mary Bono Mack (R-CA) and was approved by the Subcommittee by a voice vote that appeared to track party lines. Rep. Bono Mack had circulated a discussion draft of the SAFE Data Act last month that we discussed here.

Prior to voting the bill out of the Subcommittee, members considered several amendments to the legislation, focusing in particular on issues relating to the rulemaking authority of the Federal Trade Commission and the scope of the definition of personal information. The Subcommittee took the following actions on proposed amendments:

  • It approved an amendment offered by Rep. Bobby Rush (D-IL) that is intended to clarify that the Act’s information security obligations apply to paper records in addition to electronic records. 
  • It approved an amendment offered by Reps. Marsha Blackburn (R-TN) and Pete Olson (R-TX) that appears designed to make it more difficult for the Federal Trade Commission to expand the definition of personal information. Prior to the amendment, the bill expressly authorized the FTC to modify the definition of personal information through an Administrative Procedures Act rulemaking process.


Continue Reading House Subcommittee Approves Bono Mack Breach Notification Legislation

yourlife_462x693.jpgBlog readers in the U.S. may have missed this month’s Wired U.K. which included “ultra personalized” covers that provided detailed information about each of a small number of subscribers who received it.  The cover included hand-collected data about subscribers’ telephone numbers, social networking activities, eBay purchases, property sales, and other activities, and was designed