PH Privacy

Clarifying Two Areas of Confusion on Privacy Shield: September 30, 2016, Deadline & Effect on Swiss Safe Harbor
With the European Commission’s (“EC”) approval of the U.S.-EU Privacy Shield Framework (“Privacy Shield) on July 12, 2016, many companies are rushing to self-certify to the new compliance mechanism for personal data transfers from Europe to the United States. By certifying in the first two months – by September 30, 2016 – organizations can take advantage of a nine-month grace period from the date they certify to bring their existing commercial relationships and agreements with third parties into conformity with the Accountability for Onward Transfer Principle.
Privacy Shield Set For Formal Adoption Next Week: Beyond That, The Future Is Cloudy
A key European Union committee with responsibility for privacy determinations today approved the new EU-US Privacy Shield. With that approval, formal adoption by the European Commission is expected next week.
Public Interest Group Asks FCC to Pause Connected Car Spectrum Usage over Privacy and Cybersecurity Concerns
Over the past two decades, the Department of Transportation and the automotive industry have worked together to develop a framework identifying the types of services and devices that are integral to the development of a connected and intelligent transportation system. Such services include collision avoidance systems to reduce motor vehicle accidents, and automated electronic payment systems to facilitate the payment of tolls and gas.
Spokeo and Article III Standing: You May Be Particularized But Are You Concrete?
In Spokeo, Inc. v. Robins, the Supreme Court confirmed the power of the word “and.” In a six to two decision, the Court confirmed that to satisfy the “injury-in-fact” prong of the three-part test to establish Article III standing, plaintiffs must show that the injury was both “concrete” and “particularized.”
FTC’s First Foray into APEC Cross-Border Privacy Rules: Settlement Reached
Yesterday, the Federal Trade Commission (“FTC” or the “Commission”) accepted, subject to final approval, a consent agreement to settle charges that a hand-held vaporizer manufacturer misrepresented its participation in the Asia-Pacific Economic Cooperation (“APEC”) Cross Border Privacy Rules (“CBPR”) system.
FCC Seeks Comments on New Privacy Rules for Broadband ISPs
Yesterday, in a 3-2 party-line vote, the Federal Communications Commission (“FCC”) adopted a Notice of Proposed Rulemaking (“NPRM”) proposing new rules to regulate how broadband Internet service providers (“ISPs”) collect, use, and protect personal information about their customers.
CFPB’s First Foray Into Data Security Makes $100,000 Splash
On March 2, the Consumer Financial Protection Bureau (the “Bureau”) announced enforcement action against online payment processor, Dwolla Inc. (“Dwolla”). This is the Bureau’s first enforcement action related to data security pursuant to its authority to prohibit unfair, deceptive, and abusive acts and practices (“UDAAP”).
Top 10 Trends Executives and General Counsel Should Follow
Companies around the globe increasingly are collecting ever-greater volumes of sensitive personal information from their customers for business and competitive purposes. If improperly stored, used, stolen, or shared, this information can have devastating reputational and financial consequences. This makes privacy, cybersecurity, and data management critical issues for senior management, board members, and general counsel to understand in order to effectively manage risk.
Undressing the Judicial Redress Act
Congress has taken a critical step in implementing its obligations under the recently announced EU-U.S. Privacy Shield through Wednesday night’s passage of the Judicial Redress Act in the House of Representatives.
1 2 3 4 5 6