In February, President Obama signed an Executive Order that put into motion a number of initiatives aimed at improving the cybersecurity posture of the “critical infrastructure” of the United States. Among the Order’s most significant provisions is Section 7, which directs the Commerce Department via its National Institute of Standards and Technology (NIST) to develop a voluntary Cybersecurity...
Having first been tabled in August 2009, the Protection of Personal Information Bill (POPI) has taken just over four years to get to the point where it was passed by the South African National Assembly on 20 August. All that stands in the way of POPI becoming law is its translation into Afrikaans and the signature of South African President Jacob Zuma.
The California state Senate passed a bill that would require require certain website operators and online service providers to disclose whether they honor users’ “do not track” requests; a bill proposed to the Michigan Assembly could mean fines and jail time for law enforcement officers who track suspects using GPS without a warrant; Wisconsin is poised to be the ninth state this year to pass an employee social media privacy law, and, in Brazil, work is ongoing towards the nation’s first set of data protection and Internet governance laws—including a new amendment requiring data to be stored locally, which is raising concerns among U.S. tech companies.
The privacy news seems to have stirred up more legal questions than answers this week. With effective dates coming up for HIPAA in the U.S. and FOIA reforms in the UK, privacy pros are figuring out the new lay of the land. Court cases in the U.S. and France bring up e-mail privacy questions, both in and out of the workplace, and in the UK one court ruling may reveal a need for stronger data destruction policies. Lastly, an article from The New York Times questions the new trend of class-actions leaving plaintiffs empty-handed.
The lasting legacy of California’s SB 1386, more about the court case that has some questioning BYOD policies and congressional delays to reforming the Electronic Communications Privacy Act. Plus, read about key changes included in amendments to the Ukrainian privacy law and a contentious New Jersey bill that would allow warrantless cellphone searches.
New challenges to a Utah surveillance law; an interesting turn of events in a case deciding whether government authorities can extract historical location data directly from telecommunications carriers without a search warrant; legislative initiatives related to FISA and the USA PATRIOT Act; questions about the future of Safe Harbor, and information on developments in Italy, France and Australia.
Safe Harbor is in danger. Organizations that have certified under Safe Harbor should closely monitor the EU’s legislative process and the TTIP for indications about Safe Harbor’s future. And they should give careful thought to contingency plans for handling the personal data of EU data subjects.