Gender by the Numbers in Data Protection Authorities

(Mar 5, 2015) With the very popular Women Leading Privacy events here at Summit, we added a wrinkle to a recent effort to update the information for contacting global DPAs. What's the gender equality look like in DPA leadership? A cursory glance at the numbers would tell a casual observer that, out of 150 Data Protection Authorities, 74 of them are headed by men, 42 are headed by women and 34 are non-agency safeguards, such as court systems. But those numbers do not tell the whole story. Europe, with a total... Read More

A New Era Begins at the EDPS

(Mar 3, 2015) On Monday, March 2, I attended a reception in Brussels at which new European Data Protection Supervisor (EDPS) Giovanni Buttarelli and Assistant Supervisor Wojciech Wiewiórowski presented their strategic plan for the next five years. Entitled “The EDPS Strategy 2015-2019: Leading by Example,” the document represents a key moment in the work of the EU’s leading data protection regulator. In the 11 years since Peter Hustinx originally established it, the EDPS has come to enjoy a worldwide reputat... Read More

Taming the Beast: The White House and FCC Throw Down the Gauntlet

(Mar 2, 2015) The past few years have seen an epic struggle between governments, businesses and individuals for governance of the Internet. The platform, which now pervades every aspect of our daily lives, promises different things to different stakeholders. Governments see it as a driver of economic growth as well as a source of intelligence about competing economies, terrorist threats, domestic law enforcement and, in certain countries, political dissent. Businesses view it as a hotbed for innovation as wel... Read More

Room: Companies Shouldn’t Wait for GDPR

(Feb 26, 2015) In a speech Tuesday, European Commissioner for Digital Economy and Society Günther Oettinger said the EU should create a single law to protect its citizens' data from Facebook and Google, USA Today reports. "Americans are in the lead. They have the data, the business models and the power,” Oettinger said, warning tech giants must do more to comply with the EU's data protection rules or face being "thrown out of the single market." Meanwhile, PwC Legal Partner Stewart Room, CIPP/E, has suggested ... Read More

ICO Takes Various Actions; NHS Register Concerns Persist; Motorist Info Published Online

(Feb 26, 2015) In his Global Privacy Dispatches for this week’s edition of The Privacy Advisor, Brian Davidson, CIPP/E, reports on recent actions by the Information Commissioner’s Office (ICO). Davidson discusses the ICO’s report on how community healthcare providers deal with data privacy issues and the ICO’s new powers to audit NHS authorities, while separately, The Guardian reports that in Scotland, “plans to expand an NHS register to cover all residents and share access with more than 100 public bodies” ar... Read More

Lessons To Be Learned from In re Hulu Privacy Litigation

(Feb 25, 2015) For four years now, Hulu has been fighting allegations that it violated the Video Privacy Protection Act in sharing consumer data with third parties. In this Privacy Tracker post, Emily Yu, CIPP/US, provides a history of the case in preparation for its next day in court, noting, “While this case focuses on a business engaged in online video streaming services, it also reveals trends in online consumer privacy concerns and the results of Hulu’s privacy practices …  Any business that uses tracking... Read More

Brill: Cultivating a Defense of the U.S. Privacy Framework

(Feb 24, 2015) U.S. Federal Trade Commissioner Julie Brill has been busy cultivating a defense of the U.S. privacy framework while also forging a path toward continued interoperability between the EU and U.S. With calls in Europe to end the Safe Harbor agreement with the U.S., Brill has been busy demonstrating the enforcement efforts of the Federal Trade Commission and other U.S. regulators in the commercial sphere while also reaching out to European regulators and government officials to help maintain a conne... Read More

LinkedIn Settles Password Security Class-Action

(Feb 24, 2015) LinkedIn has settled a class-action lawsuit alleging it falsely assured 800,000 users who paid for its premium service that it had strong security measures to protect their personal information, The New York Times reports. In June 2012, a file containing 6.5 million encoded LinkedIn user passwords was posted on a Russian hacker site, and because the passwords were protected with a weak form of security, hackers could easily decode them. While there was no indication the breach affected the Linke... Read More

Hulu Case Returns on February 26: What Is the Legal Lesson?

(Feb 24, 2015) For four years now, Hulu has been fighting allegations that it violated the Video Privacy Protection Act in sharing consumer data with third parties. In this Privacy Tracker post, Emily Yu, CIPP/US, provides an outline of the case, noting, “While this case focuses on a business engaged in online video streaming services, it also reveals trends in online consumer privacy concerns and the results of Hulu’s privacy practices … Any business that uses tracking technology and social networking on their websites should pay attention.” Read More