It’s back to school time - time to put away the flip flops and beach chairs and settle back into the routine. To help motivate you, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) has announced a new round of cybersecurity examinations! This comes on the heels of the… Continue Reading
Privacy Regulation
Subscribe to Privacy Regulation RSS FeedThinking Big about Data – the new EDPS Ethics Board
Posted in EDPS, EU Data Protection Regulation, European Union, Privacy RegulationGiovanni Buttarelli, the European Data Protection Supervisor (EDPS), recently announced the formation of a new external Ethics Board that will do a deep dive into the complex ethical issues that surround the use of personal data in the “big data” economy. (See press release and full opinion links here.) The EDPS is particularly concerned… Continue Reading
FCC Ruling Addresses Robocalls by Health Care Providers
Posted in Privacy Regulation, UncategorizedWritten by Jordan Cohen As we discussed in last week’s Privacy Monday, the Federal Communications Commission (FCC) recently released its Declaratory Ruling and Order clarifying and expanding the reach of the Telephone Consumer Protection Act (TCPA). While the ruling is broad in its subject matter, part of the ruling specifically addresses so-called “robocalls” made by health care providers…. Continue Reading
Recognizable Faces Disappear from Facial Recognition Meetings
Posted in Data Compliance & Security, Privacy RegulationFacing “industry stakeholders [that] were unable to agree on any concrete scenario” in which affirmative consent should be obtained from individuals before employing facial recognition technologies, nine consumer advocacy organizations made an about-face and withdrew from the multistakeholder process coordinated by the National Telecommunications and Information Administration (“NTIA”). These organizations, which include the… Continue Reading
New Hampshire Establishes Privacy Protections for Student Online Personal Information
Posted in Children, Data Compliance & Security, Privacy Regulation, SecurityCalifornia again has provided a model of privacy legislation for other states to follow. New Hampshire Governor Maggie Hassan recently signed into law House Bill 520 (the “Bill”), a bipartisan effort to establish guidelines for the protection of student online personal information. Who is covered by the Bill? Modeled after California’s Student Online Personal Information… Continue Reading
Connecticut Amends Data Breach Notification Law
Posted in Data Breach, Data Breach Notification, Identity Theft, Privacy RegulationIn the absence of any meaningful moves in Congress to enact uniform data breach notification, the states continue to make adjustments to existing laws to better protect affected residents in their states.
NAIC Adopts Cybersecurity Regulatory Principles - What’s Important to the Regulators
Posted in Cybersecurity, Privacy Regulation, SecurityFile this under: A View Into What the Regulators Deem Important. The National Association of Insurance Commissioners (NAIC), the standard-setting organization in the U.S. insurance industry created and governed by the chief insurance regulators from the 50 states, the District of Columbia, and five U.S. territories, recently published its “Principles for Effective Cybersecurity: Insurance Regulatory… Continue Reading
Privacy Monday - April 27, 2015
Posted in Cybersecurity, Events and Webinars, Privacy Monday, Privacy RegulationSome privacy & security bits and bytes to start your week: FCC to Hold Public Workshop on Broadband Consumer Privacy Tomorrow Over the last several months, the Federal Communications Commission has taken on a significantly expanded role on consumer privacy protection issues. Between the FCC’s expanded notion of the type of personal information subject to… Continue Reading
FCC Chairman Tom Wheeler Speaks about Cybersecurity at RSA Conference
Posted in Cybersecurity, Legislation, Privacy Regulation, SecurityAs cyber week continues in Washington, Federal Communications Commission Chairman Tom Wheeler traveled to the west coast to speak about cybersecurity at the RSA Conference in San Francisco. Wheeler noted that the FCC has several charges to protect against cyber-attacks and similar threats, including the agency’s responsibility to protect the safety of communications networks generally,… Continue Reading
It’s Cyber Week in Washington, DC — and RSA Conference Week in San Francisco
Posted in Cybersecurity, Legislation, Privacy RegulationSecurity is on the agenda from coast to coast this week. Cybersecurity information sharing legislation will hit the House floor this week. H.R. 1731, the National Cybersecurity Protection Advancement Act was reported out of the House Committee on Homeland Security on April 17, and H.R. 1560, the Protecting Cyber Networks Act was moved by the… Continue Reading
WEBINAR: Compliance with EU Data Protection Laws for US Companies
Posted in EU Data Protection Regulation, Events and Webinars, Privacy RegulationRegister now for the fourth installment in our monthly 2015 Privacy Wednesday webinar series, coming up next Wednesday, April 29th at 1:00 pm ET. Susan Foster, a CIPP/E in Mintz’s London office, will consider issues faced by US companies who do business in Europe or simply interact with European customers. We will look at how to… Continue Reading
UPDATE: FTC Plans Review of YouTube Kids App
Posted in Children, Federal Trade Commission, Privacy RegulationAs we predicted in our post late last month, Google’s YouTube Kids app has attracted more than just the “curious little minds” Google was hoping for. Yesterday, a group of privacy and children’s rights advocates (including the Center for Digital Democracy and the American Academy of Child and Adolescent Psychiatry) asked the Federal Trade Commission… Continue Reading
The FCC and the Uncertain Future of Privacy Oversight for Internet Service Providers
Posted in Federal Trade Commission, Privacy RegulationThe Federal Communications Commission’s (“FCC”) net neutrality proceeding culminated this month with the release of an Order reclassifying broadband Internet access service as a common carrier Telecommunications Service subject to regulation under Title II of the Communications Act. Previously, the FCC classified broadband service as a lightly regulated Title I Information Service, while Title II… Continue Reading
Privacy Monday - March 23, 2015: COPPA Refresh
Posted in Children, Privacy Monday, Privacy RegulationOn Friday, the FTC published updates to the COPPA FAQs, the Commission’s compliance guide for businesses and consumers, to address the applicability of COPPA and the Amended COPPA Rule to educational institutions and businesses that provide online services, including mobile apps, to educational institutions. Specifically, nearly a year after the last update to the “COPPA… Continue Reading
Privacy Monday - March 16, 2015: Unpacking the Obama Administration’s Consumer Privacy Proposal
Posted in Privacy Monday, Privacy Regulation, UncategorizedTaking another “step” toward developing comprehensive privacy legislation, the White House has released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015. The draft reflects the Fair Information Practice Principles (“FIPPs”) long championed by the Obama Administration, and calls on businesses engaged in the collection of consumer information (“covered entities”) to… Continue Reading
One Less Carrot for Business: Council of European Union Limits the “One-Stop Shop” Mechanism in the Draft Data Protection Regulation
Posted in EU Data Protection Regulation, European Union, Legislation, Privacy RegulationThe draft Data Protection Regulation doesn’t offer many carrots to business – and a recent announcement by the Council of the European Union takes away one of the biggest carrots, the “One-Stop Shop” mechanism. The One-Stop Shop refers to the principle that businesses would have to deal with just a single national data protection authority instead of… Continue Reading
State Data Breach Notification Law Updates
Posted in Cybersecurity, Data Breach Notification, Data Compliance & Security, Privacy RegulationState legislatures are not waiting for Congressional action on a national data breach notification standard. Montana — Montana has amended its 10-year old breach notification law (see Mintz Matrix) to expand the definition of “personal information” and require notice to the state attorney general’s consumer protection office. H.B. 74, signed into law by Governor Bullock,… Continue Reading
ICYMI: Privacy in the Workplace Webinar
Posted in Employee Privacy, Events and Webinars, Privacy Regulation, Social Media, UncategorizedOur 2015 monthly Privacy Issues Wednesday webinar series continued this month with Jennifer Rubin and Gauri Punjabi’s Privacy in the Workplace presentation. Jen and Gauri discussed the latest statutory and common law developments concerning employer monitoring of employee email, access to employee social media accounts, social media policies, and bring your own device (“BYOD”) policies. We… Continue Reading
California May Limit Law Enforcement’s Warrantless Data Collection
Posted in Cybersecurity, Privacy RegulationEager to retain its spot among the principal laboratories for domestic privacy legislation, California’s legislature is set to debate Senate Bill 178, legislation restricting state law enforcement agencies from requesting data without a warrant. Five other states have adopted similar legislation in recent months, and California’s proposal largely follows that trend.
Privacy Monday - January 26, 2015
Posted in Cybersecurity, Data Breach, HIPAA/HITECH, Legislation, Privacy Monday, Privacy Regulation, UncategorizedGood Monday - The East Coast prepares for Apocalypse (Sn)ow. In the meantime, here are three privacy-related tidbits for your day. Privacy Concerns Cause Scale Back of Release of HealthCare.gov Data We spend a fair amount of time warning about third party vendors and the risk that such vendors can pose to sensitive data. … Continue Reading
Cybersecurity and Privacy in State of the Union Address
Posted in Children, Cybersecurity, Data Breach, Data Breach Notification, Data Compliance & Security, Legislation, Privacy Regulation, SecurityAs expected in his State of the Union address last night, President Obama made it very clear that cybersecurity is on his agenda for 2015. After stating that: “No foreign nation, no hacker should be able to shut down our networks, steal our trade secrets or invade the privacy of American families, especially our kids,”… Continue Reading
White House Proposes National Data Breach Notification Standard
Posted in Cybersecurity, Data Breach, Data Breach Notification, Federal Trade Commission, Legislation, Privacy RegulationWritten by Cynthia Larose, CIPP and Ari Moskowitz, CIPP This has been a big week for cybersecurity announcements from Washington. In what the White House has called a series of “SOTU Spoilers,” President Obama announced his intention to follow through on some of the recommendations in his administration’s Big Data report — the culmination of… Continue Reading
Privacy Monday - January 12, 2015
Posted in Cybersecurity, Data Breach Notification, Data Compliance & Security, Employee Privacy, Federal Trade Commission, Legislation, Privacy Monday, Privacy Regulation, SecurityThree privacy/security stories that you should know as you start your week: President Obama to Offer Cybersecurity/Privacy Previews to State of the Union Proposals In a series of speeches this week, President Obama will preview important issues to appear in his January 20th State of the Union address. A White House official said… Continue Reading
For the New Year - A New Mintz Matrix of State Data Breach Notification Laws
Posted in Data Breach, Data Breach Notification, Legislation, Privacy Regulation, UncategorizedMake sure to get your January 2015 Mintz Matrix! Available here for downloading and always linked through the blog right hand navigation bar. Things you will not want to miss: California has significantly amended its breach notification requirements Kentucky’s new data breach law (2014) is expanded effective January 1 As always, this chart is… Continue Reading
