This week’s Privacy Tracker legislative roundup includes legislation introduced in both Missouri and Kansas aiming to protect electronic communications and data from government intrusion. This comes after an Arizona representative announced she will propose legislation to effectively ban the National Security Agency from that state. The roundup also includes news of Pennsylvania considering an expansion of its DNA collection to those arrested for felonies and misdemeanors that require registration as sex offenders and the release of a new draft of the Data Protection Bill in the Cayman Islands.
In this week’s Privacy Tracker legislative roundup, see BakerHostetler’s year-in-review on international privacy laws and read about cases you may have missed while enjoying the holiday season. For example, a U.S. District Court has deemed a Florida drug-screening law unconstitutional; U.S. Magistrate Judge Laurel Beeler ruled in the Hulu privacy lawsuit that no proof of injury is needed for viewers to recover damages, and the U.S. Federal Trade Commission settled with Accretive Health over the company’s failure to protect consumer data. Also, read about the contradicting rulings over the NSA’s data collection practices.
While much happened this week in privacy news; the NSA’s surveillance was deemed likely unconstitutional, consent was declared dead, the data broker industry was put on notice by a U.S. senator and the EDPS released its 2014 inventory, the news that hit home for us was that Peter Fleischer and two other Google executives were acquitted in Italy’s Supreme Court after an eight-year battle over whether they were legally responsible for content that users uploaded to Italy’s version of YouTube. Back in the day, the implications of this case were a little scary for privacy pros around the globe, and it seems now it’s finally over. Take a look at this and all the week’s developments in privacy law in this Privacy Tracker weekly roundup.
On December 16, the District Court in the District of Columbia issued an opinion finding that the NSA program that has gotten significant attention due to the revelations of Edward Snowden was likely unconstitutional. In Klayman v. Obama, five plaintiffs sued a variety of government officials as well as private companies and sought preliminary injunctive relief based upon the assertion that the NSA program was unconstitutional and violated other statutes. In what ended up making big news, the court concluded there was a substantial likelihood the plaintiffs would prevail on their Fourth Amendment claims and issued an injunction. In this article, Andrew Serwin unpacks the court’s decision.
Last year, U.S. Senate Commerce Committee Chairman Jay Rockefeller asked the Government Accountability Office (GAO) to investigate privacy issues pertaining to companies that collect, aggregate and sell personal information about consumers. In late November, the GAO publicly released the resulting report, “Information Resellers: Consumer Privacy Framework Needs to Reflect Changes in Technology and the Marketplace.” What did the GAO examine, and, in the short term, how might Congress respond to the GAO’s findings and, when they are published, Senator Rockefeller’s own scheduled report?
France is receiving criticism for a new law expanding government agencies’ access to Internet data; a European Court of Justice advocate has deemed the data retention directive in violation of citizens’ fundamental privacy rights, and in the U.S., a petition to update the Electronic Communications Privacy Act has received more than 100,000 signatures. This week, Privacy Tracker reports on these developments as well as new administrative measures for Chinese credit reference agencies, U.S. states’ challenges to NSA surveillance and new fining powers for the Dutch data protection authority.
The Genetic Information Non-Discrimination Act of 2008 (GINA) regulates employers’ collection, use, safeguarding and disclosure of “genetic information,” making it a privacy statute—and one with which it is becoming increasingly difficult to comply, writes Philip Gordon. Social media posts celebrating a family member’s cancer remission or a son’s trip to the ER for asthma contain “genetic information” in the eyes of GINA, Gordon writes, adding, “Recent (Equal Employment Opportunity Commission) enforcement actions and private class-action filings as well as the increasing prevalence of personal social media in the workplace highlight the need for organizations to address, or revisit, their compliance with GINA.” Find out more about the EEOC’s implementing regulations and how to mitigate risk in your organization.
This week’s Privacy Tracker legislative roundup includes the IAPP’s coverage of the European Commission’s report critiquing the EU-U.S. Safe Harbor agreement and offering the U.S. 13 ways to save it, and insight from Eduardo Ustaran, CIPP/E, on the report. You’ll also find information on the United Nation’s approval of an unlawful surveillance resolution, why India may have to wait a little longer for a privacy law and South Africa’s new law. In the U.S., more regions are considering social media laws and DNA databases, and courts have decided cases relating to COPPA and consumer privacy.
In the U.S., FTC v. Wyndham will decide whether the company’s “failure to safeguard personal information caused substantial consumer injury” and whether the FTC even has the authority to regulate data security; the GAO is pushing for comprehensive federal law governing the collection, use and sale of personal data by businesses, and Sen. Franken is calling for regulation over biometric data before the horse leaves the barn. In the EU, the debate over Safe Harbor continues, with Albrecht and Reding saying EU residents need to be able take data privacy complaints to U.S. courts. The Office of the Australian Information Commissioner (OAIC) has released the final set of Australian Privacy Principles that cover access to and correction of personal information, and in Canada learn about Alberta’s need to create a new Privacy Act and why Bill C-30 is back in the news. All this and more, in this week’s Privacy Tracker legislative roundup.