On January 21, 2019, the French Supervisory Authority for data protection (“CNIL”) issued a fine of €50 million against Google for violations of the General Data Protection Regulation (“GDPR”) (the decision was published in French here). The CNIL’s decision was triggered by complaints from two non-profit organizations together representing 9974 individuals. The case raises a … Continue Reading
By Mark Young, Joseph Jones and Ruth Scoles Mitchell The Article 29 Working Party (WP29) has published long-awaited draft guidance on transparency and consent under the General Data Protection Regulation (“GDPR”). We are continuing to analyze the lengthy guidance documents, but wanted to highlight some immediate reactions and aspects of the guidance that we think … Continue Reading
By Caleb Skeath As we reported yesterday, the Congressional Privacy Bill has been released, following the release of the White House’s proposal for a privacy bill in late February. The bill contains the Commercial Privacy Rights Act of 2015, the Congressional counterpart to the White House’s proposal, along with data breach notification provisions and the … Continue Reading
As readers of the InsidePrivacy blog know, we often save some fun reading on privacy issues for the weekend, given the crush of business during the week. Sure, you’re reading the FTC’s just‑released Internet of Things report (and hopefully Shel’s helpful analysis of it), but a little broader reading might be just right for our … Continue Reading
The Article 29 Data Protection Working Party (“Working Party”), the independent European advisory body on data protection and privacy, comprised of representatives of the data protection authorities of each of the EU member states, the European Data Protection Supervisor (the “EDPS”) and the European Commission, has identified a number of significant data protection challenges related … Continue Reading
“Data is everywhere. The amount of data on the global level is growing by 50 percent annually. 90 [percent] of the world’s data has been generated within the past two years alone,” explains the International Working Group on Data Protection in Telecommunications in their Opinion of May 6, 2014, titled, “Working Paper on Big Data … Continue Reading
With the ongoing public dialogue concerning the intersection of technological innovation, national security, and privacy that followed Edward Snowden’s revelations of classified information last year, it is no surprise that privacy and security were top themes at SXSW Interactive this year. The following summarizes key points made about privacy throughout the Interactive conference, which ended … Continue Reading
By Jim Garland, David Fagan, and Alex Berengaut On January 27, 2014, the Attorney General and Director of National Intelligence announced that the U.S. government will allow Internet companies and telecommunications providers to disclose more information about government demands for customer data in national security investigations. The government’s new transparency policy addresses legal demands served … Continue Reading
Less than a week after the Bi-Partisan Congressional Caucus’s briefing on data brokers and privacy, the Federal Trade Commission has issued orders requiring nine data brokerage companies to provide the agency with information about how they collect and use data about consumers. The nine data brokers receiving orders from the FTC were: Acxiom, Corelogic, Datalogix, … Continue Reading
On Monday, the Online Interest-Based Advertising Accountability Program, which monitors compliance with the Self-Regulatory Principles for Online Behavioral Advertising, issued a decision finding that the auto company Kia had failed to adhere to the Principles. The Accountability Program also issued decisions stating that Kia’s ad agency–and the ad network the agency had used to place … Continue Reading
Last week, a group of eight House members sent letters to nine “major data brokerage companies,” seeking detailed information about “the business of data brokerage,” which the Congressmen described as “the collecting, assembling, maintaining and selling to third-parties of consumers’ personal information.” The letter appears to have been spurred by a June 16 New York … Continue Reading
As we previously described, the White House recently released a landmark privacy report, entitled Consumer Data Privacy in a Networked World, which outlines key privacy principles in its “Consumer Privacy Bill of Rights” and calls on the National Telecommunications & Information Administration (NTIA) to work with industry and others to develop voluntary but enforceable codes … Continue Reading
As Congress continues to consider the need for privacy legislation, a number of organizations are working on new ways to better inform consumers about how data is collected, used, and shared online. A roundup of recent developments: Game developer Zynga has introduced an interactive tutorial called PrivacyVille. Players who follow along and learn about the … Continue Reading
I’ve recently had the opportunity to participate in or moderate several panels on cloud computing, addressing issues such as governance, security, privacy, and legal liability. One issue that frequently comes up is whether cloud computing is really new or different. That depends on how you look at it. As a legal matter, the model itself … Continue Reading
