Posted in Regulatory Enforcement

Opinion

IAPP Westin Research Center

In Standoff with FTC, Wyndham Shoots Itself in the Foot

The Federal Trade Commission’s (FTC) resounding victory over Wyndham Worldwide Corporation in a U.S. District Court paves the way for increasing privacy and data security action by the agency, which over the past decade has asserted itself as the most forceful and well-respected privacy enforcement authority in the world.

More from Omer Tene

From the Regulator

Living in Interesting Times—A View from the New Zealand Privacy Office

One of the dubious delights of being a privacy regulator is the unexpected things that crop up during every working week. It doesn’t matter how I plan and prioritise work—some headline-grabbing issue or urgent demand for time and attention will come across the desk and force a rethink. It can be a challenge, but it certainly keeps the job interesting.

More from Katrine Evans

Opinion

The Baffling Case of the Headless EDPS

Peter Hustinx (right) reflects on a career in privacy, with Christopher Kuner, before a standing-room crowd at the IAPP Data Protection Congress 2013 in Brussels.

After working in Brussels for the last 15 years, I have become accustomed to the byzantine machinations of European politics. But the spectacle that is currently unfolding concerning appointment of a new European Data Protection Supervisor (EDPS) and Assistant Supervisor paints a particularly dismal picture of how data protection in the EU can become a political football.

More from Christopher Kuner

Opinion

Think the FTC Is the De Facto U.S. Data Protection Authority? State AGs May Have Something To Say

By Divonne Smoyer, CIPP/US
and Aaron Lancaster, CIPP/US

The U.S. Federal Trade Commission (FTC) has understandably been the focus of much attention in the data privacy world. The FTC is considered by many to be the primary U.S. data privacy regulator and this blog has gone so far as calling the FTC the U.S.’s de facto Data Protection Authority (DPA). We respectfully disagree. The FTC is facing unprecedented challenges, while state attorneys general (AGs), who have similar—and in some instances greater—authority, are taking more and more steps to protect the privacy of their citizens.

More from Divonne Smoyer

Opinion

Galileo’s Problem and How Legislation Won’t Stop the Orbit of Technology

Like the Catholic Church’s Congregation of the Index of 1616, which outlawed the movement of the Earth around the sun, so too will the European Parliament restrict transborder data flows by legislative fiat this week.

Of course, the flow of data across borders will not cease or even diminish. Individuals will continue to carry iPhones on cross-Atlantic flights, “transferring data” (whatever that means) about their employers’ customers to “non-adequate” countries; and European individuals and businesses will access non-EU based websites and services, including banking, telecom, retail and cloud. Lawyers will be paid to produce paperwork, which bureaucrats will read; businesses continue to operate as before.

As Galileo said, “And yet it moves”.

More from Omer Tene

Opinion

The U.S. Doesn’t Have a National Data Protection Authority? Think Again…

“The U.S. has no national data protection authority.” Ask an EU official why he or she believes the EU’s data protection system to be superior to the U.S. model, and that will be at or near the top of the list. But tell that to Google. Or TJX. Or CBR Systems. Or any of the dozens of other companies that have been pursued by the U.S. Federal Trade Commission (FTC) over the past several years for alleged data security or privacy violations.

More from Jason Weinstein

Opinion

The Tension Between Innovation and Application Privacy Regulation

By Kenesa Ahmad, CIPP/US

Today’s discussions about application privacy revolve around smartphones and tablets. However, the app ecosystem is evolving significantly beyond this to encompass emerging technologies, such as wearable computing—e.g., fitness accessories and smart eye wear. These trends raise questions about how to regulate app privacy in a way that will keep pace with rapid technological innovation and consumer adoption.

More from Kenesa Ahmad

Trending

Will Public Release of Privacy Audits Be the Wave of the Future?

By Jedidiah Bracy, CIPP/US, CIPP/E

It’s pretty rare for a company to issue a press release after its privacy practices have been independently audited. Perhaps some have—and readers, please let me know—but companies generally don’t do such things.

That is, until this week.

More from Jedidiah Bracy