Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Category Archives: Privacy Regulation

Subscribe to Privacy Regulation RSS Feed

Target Becomes a Target: Proposed California Bill Aims to Make Retailers Liable for Data Breach Incidents

Posted in Data Breach, Data Breach Notification, Privacy Regulation

Written by Jake Romero, CIPP/US Following a string of high-profile data breaches and new data suggesting that approximately 21.3 million customer accounts have been exposed by data breach incidents over the past two years, the California legislature has introduced legislation aimed at making retailers responsible for certain costs in connection with data breach incidents.  If… Continue Reading

New Draft Processor to Sub-processor Model Clauses (Art. 29 Working Party)

Posted in Cloud Computing, European Union, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California  (LONDON) The Art. 29 Working Party, a key advisory body to the EU Commission, recently proposed draft model clauses to cover the transfer of personal data from EEA data processors to non-EEA sub-processors. The draft model clauses have the potential to bring greater certainty to… Continue Reading

Over 20 Million Customer Accounts Affected by Data Breaches in California; Attorney General Harris Promises Increased Enforcement

Posted in Cybersecurity, Data Breach, Privacy Regulation

Written by Jake Romero, CIPP/US When you think of catastrophic events that take place online and have a devastating effect on millions of people, you probably think of HBO Go crashing during the True Detective finale.  However, California Attorney General Kamala Harris wants to remind you that you should be thinking about data breaches.  New… Continue Reading

Privacy Monday – March 10, 2014

Posted in Cybersecurity, Privacy Monday, Privacy Regulation

We hope that you remembered to “spring forward” over the weekend — Today’s Privacy Monday is a bit longer than usual – but an important read, particularly if you are a mobile app developer. California Public Utilities Commission Declines to Develop New Regulations and Standards for Wireless Carriers and Mobile App Providers  . . …. Continue Reading

Risky Business: Target Discloses Data Breach and New Risk Factors in 8-K Filing… Kind Of

Posted in Data Breach, Data Breach Notification, Privacy Regulation

Written by Adam Veness After Target Corporation’s (NYSE: TGT) net earnings dropped 46% in its fourth quarter compared to the same period last year, Target finally answered the 441 million dollar question – To 8-K, or not to 8-K?  Target filed its much anticipated Current Report on Form 8-K on February 26th, just over two… Continue Reading

FTC Approves Another COPPA Safe Harbor Program

Posted in Children, Federal Trade Commission, Privacy Regulation

Written by Julia Siripurapu The FTC has announced its unanimous approval for the kidSAFE Seal Program proposed by Samet Privacy, LLC under the “safe harbor” provision of the COPPA Rule (the “kidSAFE Seal Program”). The Commission’s decision comes after an extended public comment period due to the agency’s shutdown last year.  For more information regarding… Continue Reading

California Moves to Restrict Collection of Consumer Personal Information Online: the Process, History and Politics Behind Senate Bill 383

Posted in Data Compliance & Security, Legislation, Privacy Litigation, Privacy Regulation

Written by Jake Romero The California Senate has passed a bill restricting the information that certain online retailers can collect in connection with consumer purchases.  Senate Bill 383 would amend Sections 1747.02 and 1747.08 of the California Civil Code to address the collection of customer information in connection with credit card purchases in online transactions… Continue Reading

Federal Data Security Breach Notification – is 2014 the Year?

Posted in Data Breach Notification, Privacy Regulation

Written by Amy Malone Data privacy legislation has been introduced regularly, but has yet to pass, could this be the year? The recent breaches at Target and Neiman Marcus (see our posts here, here, here) have drawn national attention and may be the impetus needed to pass the legislation. Currently two bills addressing data breaches… Continue Reading

New Timeline for Adoption of Definitive EU Data Protection Regulation

Posted in European Union, Legislation, Privacy Regulation

Written by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) The European Commission announced yesterday that it is working towards a revised timeline for the adoption of a definitive Data Protection Regulation by the end of 2014. While Commissioner Viviane Reding’s press release about finalizing the Regulation by the end of 2014 has been… Continue Reading

Retailers Ask FCC to Clarify that Text Message Responses Are OK

Posted in Privacy Regulation, Uncategorized

Written by Ernest C. Cooper Should retailers be required to obtain written consent before sending a consumer a text message with information or a coupon that was specifically requested?  The Retail Industry Leaders Association (RILA) thinks not, and has filed a petition asking the Federal Communications Commission to clarify that sending a one-time text message… Continue Reading

Look North, Marketers – Canadian Anti-Spam Law is Coming

Posted in Data Compliance & Security, Privacy Regulation

Written by Cynthia Larose The US CAN-SPAM Act is old hat for marketers in the US.    But it is time to revisit email marketing compliance programs if you send email north of the US border.  Canada’s anti-spam law (known as “CASL”) has been debated for years but is finally coming into effect.   Industry Canada released its… Continue Reading

COPPA: New Year, New Requests to FTC For Investigation of Violations

Posted in Children, Federal Trade Commission, Privacy Regulation

Written by Julia Siripurapu As we predicted in our prior blog post reviewing the key children’s privacy developments of the past year, 2014 is turning out to be the year of enforcement of children’s privacy regulations! The first two requests for investigation under the Amended COPPA Rule have been filed with the FTC by the Center… Continue Reading

Social Media for Financial Institutions – Final Guidance

Posted in Privacy Regulation, Uncategorized

Written by Amy Malone At the end of 2013,  the Federal Financial Institutions Examination Council (FFIEC) became the latest regulator to weigh in on social media and offered their final social media guidance.  The proposed regulation was released last January (mentioned in our post here.) The final guidance is much like the original proposal with… Continue Reading

On the 9th Day of Privacy, the European Union Gave to Me . . .

Posted in Data Breach Notification, Data Compliance & Security, Employee Privacy, European Union, Legislation, Privacy Regulation

. . .  a delayed delivery notice for the biggest package of the holiday season! Written by Susan Foster, Solicitor, England & Wales/Admitted in California, CIPP-E (LONDON) Major changes are on the way in Europe that will have a significant impact on companies anywhere in the world that collect or process personal data of residents… Continue Reading

Data Brokers Under Scrutiny

Posted in Legislation, Privacy Regulation

The Senate Commerce Committee released this morning its majority staff report, A Review of the Data Broker Industry: Collection, Use, and Sale of Consumer Data for Marketing Purposes, on the practices data brokers use to collect and sell personal information of consumers and how those practices affect the privacy of hundreds of millions of Americans. … Continue Reading

On the Seventh Day of Privacy, the FTC Gave to Me….

Posted in Children, Federal Trade Commission, Privacy Regulation

Significant compliance obligations with children’s privacy rules!  Written by Julia Siripurapu, CIPP/US Last December, the FTC gave to us the long awaited (or maybe not so much by covered entities!) final amendments to the 14-year old Children’s Online Privacy Protection Act (COPPA) Rule (the “COPPA Rule,” and as amended, the “Amended COPPA Rule”). Published in… Continue Reading

On the Second Day of Privacy, California Gave to Me……

Posted in Children, Data Breach Notification, Data Compliance & Security, Legislation, Privacy Regulation

Well, the headlines don’t exactly work with the traditional tune, but blame the editor for that….. Written by Jake Romero, CIPP/US 2013 was a busy year for California.  We passed a budget with a surplus, let Kim and Kanye get engaged in one of our stadiums and panicked over possibly losing Sriracha sauce.  At the… Continue Reading

Google pays BIG to state Attorney Generals for Improper Consumer Tracking

Posted in Class Action Litigation, Data Compliance & Security, Federal Trade Commission, Privacy Litigation, Privacy Regulation

Written by Julia Siripurapu Earlier this month, Google, Inc. (“Google” or “Company”) entered into an  agreement with the Attorney Generals of 37 states and the District of Columbia, settling allegations of violation of  the participating states’ consumer protection or applicable computer abuse statutes (the “Settlement Agreement”). Here’s what got the tech giant in trouble: Google… Continue Reading

The Clock is Ticking for Implementation of “Enhanced Notice”: The 6 Questions Online Service Providers Should be Asking about Online Behavioral Advertising Following Increased Enforcement Warning

Posted in Privacy Regulation

Written by Jake Romero Walking around a department store isn’t the only time you’re being tracked while you shop.  If you’ve ever visited a web page and seen an advertisement for the exact same pair of shoes you were looking at on a different web page the day before, then you know that something similar… Continue Reading

Big Brother is Watching You (Shop For Pants): Mobile analytics firms implement code of conduct for tracking customers while they shop

Posted in Mobile Privacy, Privacy Regulation

Written by Jake Romero If you’ve ever dealt with that pushy salesperson at Bed, Bath & Beyond who won’t take your word for it that you’re just browsing and not ready to commit to a high-end home espresso machine, you know that being followed around at a retail store can be unsettling and intrusive. “Unsettling”… Continue Reading

FTC and the “Internet of Things”: Franchisor on the hook

Posted in Data Compliance & Security, Federal Trade Commission, Privacy Regulation

Written by Amy Malone Last fall the Federal Trade Commission brought cases against a software developer and rent-to-own stores that secretly monitored people in their homes.  The developer provided the stores with software that had a “Detective Mode” that once enabled allowed the stores to log key strokes, capture screen shots, take pictures using the… Continue Reading

Senator Markey Back in the Privacy Hunt: Google’s New Terms of Service Prompt Letter to FTC

Posted in Federal Trade Commission, Online Advertising, Privacy Regulation

Written by Adam Veness Google has recently announced changes to its terms of service that will allow Google to incorporate its users’ photos, comments and names in advertisements.  This new policy will go into effect on November 11th. Seemingly always quick to action when privacy issues are implicated, Senator Edward J. Markey (D-MA) has already… Continue Reading

Changes to California’s Privacy Laws: What They Mean for Your Business

Posted in Data Breach Notification, Data Compliance & Security, Privacy Regulation

The federal government may be completely unable to pass laws, but that certainly isn’t the case with the State of California, which has just completed a data privacy hat trick by passing three significant laws addressing a broad subset of data privacy issues. The big question: is your online and/or mobile business ready for the… Continue Reading