By

Alan Charles Raul

18 May 2016

The Supreme Court Remands Injury Question In Spokeo Class Action Privacy Claim

On Monday, May 16, the Supreme Court addressed the question of whether an alleged violation of the Fair Credit Reporting Act (FCRA), without allegation of concrete injury, is ever sufficient for Article III standing. The case, Spokeo Inc. v. Robbins, No. 13-1339 (2016), involved a class action against data broker Spokeo Inc.. The plaintiff, Thomas Robins, alleged that Spokeo violated the FCRA by inaccurately reporting online that he was a wealthy, married man with children and a graduate degree when he was actually unmarried and out of work. He argued that those inaccuracies could have hurt his chances with potential employers. The district court dismissed Mr. Robins’s case for failure to show any actual harm from the false information, but in 2014, the U.S. Court of Appeals for the Ninth Circuit allowed the case to move forward based on its analysis that Mr. Robins’s injury allegation was particularized because he alleged that Spokeo violated his individual rights when it handled his information.

(more…)

EmailShare
06 May 2016

District Court Rules for the FTC in “Unfairness” Action Against Amazon Regarding In-app Purchasing Controls

On April 26, the US District Court in Seattle granted the FTC’s motion for summary judgment against Amazon for providing allegedly inadequate parental controls to limit their children’s in-app purchases. Case No. C14-1038-JCC.  The FTC alleged that the company’s failure to require more robust password re-entry meant that many in-app purchases by children resulted in unauthorized charges to the parents.

(more…)

EmailShare
15 April 2016

Article 29 Working Party Releases Its Wish List for the EU-U.S. Privacy Shield

On April 13, the Article 29 Working Party announced that it had completed its assessment of the EU-U.S. Privacy Shield documentation. The announcement was followed by the release of a 58-page Opinion on the European Commission’s draft adequacy decision on the Privacy Shield.

(more…)

EmailShare
22 March 2016

IRS Alerts Payroll and HR Professionals to Email Phishing Scheme Soliciting W-2s

On March 1, the IRS issued an alert to payroll and human resources professionals regarding a phishing email scheme that purports to be from company executives and requests personal information on employees.  The IRS said this scheme is part of a “surge” in phishing emails seen this year.

(more…)

EmailShare
17 March 2016

FCC Proposes Privacy and Security Regulations for Internet Service Providers

On March 10, FCC Chairman Tom Wheeler issued a “fact sheet” summarizing a sweeping proposal to regulate the privacy and data-security practices of Internet service providers. The proposal would subject ISPs to new stringent requirements that other participants in the Internet ecosystem do not face because they are subject only to the more elastic oversight of the Federal Trade Commission under that agency’s general “unfair or deceptive” standard.

(more…)

EmailShare
09 March 2016

The EU-U.S. Privacy Shield Is a Victory for Common Sense and Transatlantic Good Will

*This post originally appeared in the Council on Foreign Relations’ Net Politics Blog on March 1, 2016.

When the Court of Justice of the European Union (CJEU) struck down Safe Harbor last year, it did so on the basis that the European Commission had not determined whether European data transferred to the United States enjoyed the same protections as in the European Union. Despite the fact a recent Sidley Austin report found that many U.S. privacy protections are essentially equivalent—if not stronger—than the European Union’s in national security matters and comparable in other areas, the Commission clearly needed to replace Safe Harbor with something else to satisfy the CJEU and domestic privacy activists.

(more…)

EmailShare
29 February 2016

Details of the EU-U.S. Privacy Shield Are Published

The much-anticipated documentation for the EU-U.S. Privacy Shield, a new framework on transatlantic data flows, was published by the European Commission on February 29, 2016. The framework now will undergo a process of review and approval, including by the EU’s Article 29 Working Party, which is due to finish its review by the end of March 2016. If approved, it will take effect after an implementation period, during which all companies that wish to use the Privacy Shield as a basis for data transfers will have to certify in accordance with the new framework.

(more…)

EmailShare
26 February 2016

President Obama Signs Judicial Redress Act

On Wednesday, February 24, President Obama signed the Judicial Redress Act into law.  “What it does in the simplest terms is makes sure that everybody’s data is protected in the strongest possible way with our privacy laws—not only American citizens, but also foreign citizens,” President Obama said at signing.  “We take our privacy seriously.  And along with our commitment to innovation, that’s one of the reasons that global companies and entrepreneurs want to do business here.” According to EU Commissioner Věra Jourová, “The signature of the Judicial Redress Act by President Obama is a historic achievement in our efforts to restore trust in transatlantic data flows . . . . It will strengthen privacy, while ensuring legal certainty for transatlantic data exchanges between police and criminal justice authorities. This is crucial to keep Europeans safe through efficient and robust cooperation between the EU and the U.S. in the fight against crime and terrorism.”

(more…)

EmailShare
10 February 2016

President Takes Action On Cybersecurity

President Obama today unveiled a “Cybersecurity National Action Plan.” The administration’s proposed budget includes $19 billion for cybersecurity spending, $3 billion of which will be devoted to updating agency systems. The plan includes the creation of a Federal Chief Information Security Officer to guide the implementation of increased security across the federal government and reside within the Office of Management and Budget. President Obama also issued two executive orders. The first establishes the Commission on Enhancing National Cybersecurity within the Department of Commerce to be composed of technology, national security, and business leaders. The Commission is charged with developing by December 1, 2016 “detailed recommendations to strengthen cybersecurity in both the public and private sectors.” The second requires the establishment of a Senior Agency Official for Privacy at each agency and creates the Federal Privacy Council as “the principal interagency forum to improve the Government privacy practices of agencies and entities acting on their behalf.” The OMB Director will be chair of the Federal Privacy Council, which will have the focus of coordinating internal agency policies.

(more…)

EmailShare
XSLT Plugin by BMI Calculator