Earlier this month, San Francisco City Attorney Dennis Herrera filed a complaint in California state court against MeetMe, Inc., the maker of a social networking app that, as the complaint puts it, is designed “to introduce users to new people and enable them to interact with strangers online and in person.” The complaint takes issue with one of the ways MeetMe encourages users to interact—by...
Looking at the federal and state bills being introduced in the U.S., this Privacy Tracker weekly roundup reports on lawmakers’ efforts to get privacy-protecting laws on the books; however, FTC Commissioner Maureen Ohlhausen has called for legislators to look to existing laws, saying “We simply do not need new talk, new laws or new regulations.” Also take a look at new compliance hurdles for organizations in Canada and Australia as new laws are set to roll out in those countries. Also, in the EU, the LIBE has published amendments it would like to see in the Network and Information Security Directive.
The Supreme Court of Canada, in a unanimous ruling, has determined that the Alberta privacy law is unconstitutional and has given the province one year to amend it; A federal judge in Vermont has ruled there can be no expectation of privacy when it comes to data exposed online via a peer-to-peer file-sharing network, and the New Zealand Parliament has voted down a bill that would have given the privacy commissioner increased powers. Meanwhile, the FTC has asserted its power over parental-consent methods, Brazil is calling for a crackdown on government surveillance and Italy’s data protection authority and intelligence department have entered into a cooperation protocol. This week’s Privacy Tracker roundup has these stories and more.
In the U.S., guidelines and court rulings have offered insight on everything from drone use to workplace audio recordings, while, internationally, questions still loom about the future of Safe Harbor and national leaders have presented an Internet privacy resolution to the UN. Kazakhstan’s privacy law is scheduled to come into effect this month, and Indonesia is looking into consolidating its sectoral coverage into an overarching law. Also in this week’s roundup is analysis of India’s privacy bill, California’s spate of privacy laws and insight from the FTC and the New Jersey Attorney General’s Office on how to avoid the wrath of regulators.
This week, read about California’s continued push towards privacy protections including Gov. Jerry Brown signing into law an amendment to the California Online Privacy Protection Act that requires websites to disclose in privacy policies how they react to Do-Not-Track signals, the passing of the “eraser law” and movement on a bill that would extend the employee social media law to public agencies. Meanwhile, a Minnesota court has determined the state is not responsible for an employee’s alleged inappropriate accessing of driver’s license records, and the Fourth U.S. Circuit Court of Appeals has ruled in favor of a former Virginia deputy sheriff saying his Facebook “Like” is protected by the First Amendment. Plus, read about legislative activity in the EU, Singapore, Australia and South Africa.
U.S. Courts and states have been taking things into their own hands in terms of privacy law these days, and this week is no exception. While recent cases have mainly tackled the Stored Communications Act, this week’s news highlights a court decision upending the way the Telephone Consumer Protection Act has been interpreted. California continues to push forward privacy bills, with the “eraser law” that would allow youths to erase misguided posts, and while industry and regulators clash on the EU data protection law’s timeline, France is pushing the EU to adopt a plan that would see non-EU tech firms regulated and taxed based on where their websites are used.
Find out about Google’s push to get its e-mail scanning case dismissed, changes to the HIPAA final rule, the latest FTC settlement, updates on proposals in California and new laws in New Jersey and Illinois—and those are just the U.S. developments. In Europe, one MEP has expressed “major concern” regarding two data breach notification schemes proposed under the draft Network and Information Security Directive and the planned General Data Protection Regulation.
The California state Senate passed a bill that would require require certain website operators and online service providers to disclose whether they honor users’ “do not track” requests; a bill proposed to the Michigan Assembly could mean fines and jail time for law enforcement officers who track suspects using GPS without a warrant; Wisconsin is poised to be the ninth state this year to pass an employee social media privacy law, and, in Brazil, work is ongoing towards the nation’s first set of data protection and Internet governance laws—including a new amendment requiring data to be stored locally, which is raising concerns among U.S. tech companies.
Privacy Tracker reports that while Texas already has a breach notification law on the books that applies to citizens of states without a notification law, it recently passed Senate Bill 1610, which increases the scope further. It also gives organizations the choice of reporting under Texas law or that of the state of the affected person, but Gant Redmon, writing for CO3Systems Blog, says “best practice will remain notifying under the law of the state where the affected party resides.” Meanwhile, Nevada has become the 11th state to pass a social media law prohibiting employers from asking for access information for employees’ or prospective employees’ social media accounts.
RI Senate passes a bill to loosen patient confidentiality, and a CA Senate committee votes to ban “revenge porn.”