Posted in Regulatory Enforcement

Opinion

IAPP Westin Research Center

In Standoff with FTC, Wyndham Shoots Itself in the Foot

The Federal Trade Commission’s (FTC) resounding victory over Wyndham Worldwide Corporation in a U.S. District Court paves the way for increasing privacy and data security action by the agency, which over the past decade has asserted itself as the most forceful and well-respected privacy enforcement authority in the world.

More from Omer Tene

Cybersecurity

Is SEC Cybersecurity Guidance Working?

Imagine that the FBI and DHS have arrived at your company to inform you of a potential cyber threat. Your public company disclosure obligations may not be the first thing on your mind, but such issues will quickly emerge.

Big Data

Can We Balance Data Protection With Value Creation?

“Data People” by Andrés Opcional

In the last few years there has been a dramatic change in the opportunities organizations have to generate value from the data they collect about customers or service users. Customers and users are rapidly becoming collections of “data points” and organizations can learn an awful lot from the analysis of this huge accumulation of data points, also known as “Big Data.”

Organizations are perhaps thrilled, dreaming about new potential applications of digital data but also a bit concerned about hidden risks and unintended consequences. Take, for example, the human rights protections placed on personal data by the EU.  Regulators are watching closely, intending to preserve the eight basic privacy principles without compromising the free flow of information.

Some may ask whether it’s even possible to balance the two.

More from Sara Degli Esposti

From the Regulator

Stage Is Set for a Challenging Year for Privacy in Canada

Shakespeare wrote in The Tempest that “What’s past is prologue,” and this notion definitely holds true when we consider the most significant privacy issues for Canadians in 2014. Issues such as government surveillance and massive data breaches that pushed privacy to centre stage last year—prompting Dictionary.com to make “privacy” its word of the year—will undoubtedly continue to be hot issues. But we can also expect to see a plethora of challenging new issues flowing from the intersection of technology and privacy. The Office of the Privacy Commissioner of Canada has been closely examining several new technological issues as part of our recent research efforts—precisely because we expect they will raise important privacy issues in Canada in the year ahead and beyond.

Here is a glance at some of the key issues on our watch list:

More from Chantal Bernier

Cybersecurity

SEC and Cybersecurity—What Publicly-Traded Companies Need to Know

With the news that Target intends to wait until it files its annual report in March with the Securities and Exchange Commission (SEC) on the investment consequences of its massive cybersecurity intrusion from 2013, the SEC and cybersecurity once again gains attention.

From the Regulator

Living in Interesting Times—A View from the New Zealand Privacy Office

One of the dubious delights of being a privacy regulator is the unexpected things that crop up during every working week. It doesn’t matter how I plan and prioritise work—some headline-grabbing issue or urgent demand for time and attention will come across the desk and force a rethink. It can be a challenge, but it certainly keeps the job interesting.

More from Katrine Evans

Opinion

The Baffling Case of the Headless EDPS

Peter Hustinx (right) reflects on a career in privacy, with Christopher Kuner, before a standing-room crowd at the IAPP Data Protection Congress 2013 in Brussels.

After working in Brussels for the last 15 years, I have become accustomed to the byzantine machinations of European politics. But the spectacle that is currently unfolding concerning appointment of a new European Data Protection Supervisor (EDPS) and Assistant Supervisor paints a particularly dismal picture of how data protection in the EU can become a political football.

More from Christopher Kuner

Opinion

Think the FTC Is the De Facto U.S. Data Protection Authority? State AGs May Have Something To Say

By Divonne Smoyer, CIPP/US
and Aaron Lancaster, CIPP/US

The U.S. Federal Trade Commission (FTC) has understandably been the focus of much attention in the data privacy world. The FTC is considered by many to be the primary U.S. data privacy regulator and this blog has gone so far as calling the FTC the U.S.’s de facto Data Protection Authority (DPA). We respectfully disagree. The FTC is facing unprecedented challenges, while state attorneys general (AGs), who have similar—and in some instances greater—authority, are taking more and more steps to protect the privacy of their citizens.

More from Divonne Smoyer