transparency

The Article 29 Data Protection Working Party (“Working Party”), the independent European advisory body on data protection and privacy, comprised of representatives of the data protection authorities of each of the EU member states, the European Data Protection Supervisor (the “EDPS”) and the European Commission, has identified a number of significant data protection challenges related to the Internet of Things. Its recent Opinion 08/2014 on the Recent Developments on the Internet of Things (the “Opinion”), adopted on September 16, 2014 provides guidance on how the EU legal framework should be applied in this context. The Opinion complements earlier guidance on apps on smart devices (see InsidePrivacy, EU Data Protection Working Party Sets Out App Privacy Recommendations, March 15, 2013).
Continue Reading Internet of Things Poses a Number of Significant Data Protection Challenges, Say EU Watchdogs

Data is everywhere. The amount of data on the global level is growing by 50 percent annually. 90 [percent] of the world’s data has been generated within the past two years alone,” explains the International Working Group on Data Protection in Telecommunications in their Opinion of May 6, 2014, titled, “Working Paper on Big Data and Privacy: Privacy principles under pressure in the age of Big Data analytics“. The Working Group, founded in 1983, has adopted numerous recommendations and since the beginning of the 90s focused on the protection on privacy on the Internet. Its members include representatives from data protection authorities and other bodies of national public administrations, international organizations and scientists from all over the world.


Continue Reading Big Data Analysis is Possible Without Infringing Key Privacy Principles, Says International Working Group

With the ongoing public dialogue concerning the intersection of technological innovation, national security, and privacy that followed Edward Snowden’s revelations of classified information last year, it is no surprise that privacy and security were top themes at SXSW Interactive this year.  The following summarizes key points made about privacy throughout the Interactive conference, which ended

By Jim Garland, David Fagan, and Alex Berengaut

On January 27, 2014, the Attorney General and Director of National Intelligence announced that the U.S. government will allow Internet companies and telecommunications providers to disclose more information about government demands for customer data in national security investigations.  The government’s new transparency policy addresses legal demands served under two distinct statutory authorities.  First, under the Foreign Intelligence Surveillance Act (“FISA”), the government can apply to the U.S. Foreign Intelligence Surveillance Court (“FISC”) for orders compelling providers to disclose both the contents of their customers’ communications as well as non-content “metadata” relating to such communications.  Second, under the National Security Letter (“NSL”) statute, the FBI can compel companies to disclose certain non-content information about their customers.

Under the new policy announced on January 27, technology companies now have two options for reporting on the number of FISA orders and NSLs they receive:  Continue Reading Justice Department Allows More Transparency on Government Demands for Customer Information in National Security Investigations

Less than a week after the Bi-Partisan Congressional Caucus’s briefing on data brokers and privacy, the Federal Trade Commission has issued orders requiring nine data brokerage companies to provide the agency with information about how they collect and use data about consumers. The nine data brokers receiving orders from the FTC were:  Acxiom, Corelogic, Datalogix, eBureau, ID Analytics, Intelius, Peekyou, Rapleaf, and Recorded Future. The agency is seeking details about:

  • the nature and sources of the consumer information the data brokers collect;
  • how the data brokers use, maintain, and disseminate the information; and
  • the extent to which the data brokers allow consumers to access and correct their information or to opt out of having their personal information sold.

The nine companies must respond by February 1, and based on the information it receives, the FTC will prepare a study to make recommendations on whether and how the data broker industry could improve its privacy practices.Continue Reading FTC to Study Data Broker Industry’s Collection and Use of Consumer Data

On Monday, the Online Interest-Based Advertising Accountability Program, which monitors compliance with the Self-Regulatory Principles for Online Behavioral Advertising, issued a decision finding that the auto company Kia had failed to adhere to the Principles.  The Accountability Program also issued decisions stating that Kia’s ad agency–and the ad network the agency had

Last week, a group of eight House members sent letters to nine “major data brokerage companies,” seeking detailed information about “the business of data brokerage,” which the Congressmen described as “the collecting, assembling, maintaining and selling to third-parties of consumers’ personal information.”  The letter appears to have been spurred by a June 16

I’ve recently had the opportunity to participate in or moderate several panels on cloud computing, addressing issues such as governance, security, privacy, and legal liability.  

One issue that frequently comes up is whether cloud computing is really new or different.  That depends on how you look at it.  As a legal matter, the model itself