Privacy & Information Security Law Blog : September 2009

Home > September 2009

UK Regulator Approves Hyatt Hotels BCR - First Approval under the Mutual Recognition Procedure

Posted on September 25, 2009 by Hunton & Williams LLP

On September 23, 2009, the Information Commissioner's Office (the "ICO"), the UK's data protection regulator, issued a press release announcing the approval of the Hyatt Hotels Corporation's binding corporate rules ("BCR") under the new mutual recognition procedure. Hyatt is the first UK applicant to receive approval under the mutual recognition procedure.

Mutual recognition was devised to speed up the process of BCR approval by EU Data Protection Authorities ("DPAs"). Under "mutual recognition," one EU Member State's DPA acts as the lead authority on a company's BCR application. Once approved by the lead authority, the other participating members of the procedure automatically approve the BCR application.

Tags: Article 29 Working Party, Binding Corporate Rules, Data Protection, Data Protection Authority, European Union, Information Commissioners Office, International, United Kingdom

Becoming HITECH: Actions Covered Entities and Business Associates Should Take Now to Comply with the Requirements of the HITECH Act

Posted on September 23, 2009 by Hunton & Williams LLP

The Health Information Technology for Economic and Clinical Health Act (the “HITECH Act”), which was signed into law in February 2009 as part of the economic stimulus package, substantially impacts requirements imposed by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The HITECH Act creates several new and potentially burdensome obligations that affect the relationship between covered entities and business associates. Because these changes are quite substantial and necessitate revisions to existing business associate agreements (“BAAs”), covered entities and business associates should begin compliance efforts as soon as possible. Read more on actions to take to comply with the requirements of the HITECH Act.

Tags: Business Associate Agreement, HITECH Act, Health Privacy, Protected health information, Security Breach

FTC Announces Public Roundtables on Consumer Privacy Issues

Posted on September 18, 2009 by Hunton & Williams LLP

On September 15, 2009, the Federal Trade Commission unveiled a series of public roundtables that will focus on the effect of modern technology and business practices on the privacy of consumer information. The goal of the panels is to explore how to best balance the concerns for consumer privacy, beneficial use of consumer information and technological innovation. The discussions will address myriad technologies and practices, such as social networking, cloud computing, behavioral marketing, mobile marketing and, generally, the collection of consumer information for various purposes. The roundtables will also consider the adequacy of existing legal and self-regulatory frameworks. Participants will include academics, privacy experts, consumer advocates, industry representatives, technology experts, legislators, and experts from outside the United States. The Commission has asked individuals and organizations to submit requests to participate as panelists and suggest discussion topics. The Commission also has asked interested parties to submit written comments and research on the issues of (i) risks, concerns and benefits associated with the collection and use of consumer information, (ii) consumer expectations of how their information is used, and (iii) the adequacy of existing legal requirements and self-regulatory regimes in protecting consumer privacy interests.

Click here for more information on the Commission’s news release.

Tags: Behavioral Advertising, Cloud Computing, Consumer Protection, Events, Federal Trade Commission, Marketing, Social networking

2009 IAPP Privacy Academy

Posted on September 14, 2009 by Hunton & Williams LLP

Don’t miss the 2009 International Association of Privacy Professionals’ (“IAPP”) Privacy Academy in Boston, MA, September 16-18th. The Academy provides various program topics on operational privacy and technology, as well as advanced breakout sessions focusing on today’s cutting edge privacy issues. We hope you will visit our privacy attorneys who are speaking on the following panels:

Suggestions From the States: Designing a Workable Breach Notice Requirement, Thursday, September 17, 11 a.m. – 12 p.m., Aaron Simpson, Hunton & Williams, moderates, and speakers include Rosa Barcelo, Senior Lawyer, European Data Protection Supervisor’s Office; Christopher Pierson, CIPP, CIPP/G, Chief Privacy Officer, Senior Vice President, Citizens Financial Group, Inc.; and James Shreve, CIPP, Attorney, Goodwin Procter, LLP
Federal Breach Notification Laws, Friday, September 18, 2:15 – 3:15 p.m., speakers include Bo Holland, Founder and CEO, Debix, Inc. and Rachel St. John, Hunton & Williams

Tags: Aaron Simpson, Events, International Association of Privacy Professionals

First Amendment Challenge Prompts Maine AG to Postpone Enforcement of New Child Privacy Protection Law

Posted on September 10, 2009 by Hunton & Williams LLP

On September 9, 2009, the U.S. District Court for the District of Maine dismissed a lawsuit challenging the validity of the Act to Prevent Predatory Marketing Practices Against Minors (the “Act”), which is set to take effect on September 12, 2009. The Act prohibits businesses from knowingly collecting or receiving a minor’s health-related information or personal information for marketing purposes without first obtaining verifiable parental consent. Businesses are also prohibited from using any health-related information or personal information regarding a minor for the purpose of marketing a product or service to the minor. In dismissing the claim, the Court acknowledged that the Plaintiffs had successfully established the likelihood of success on the merits that the Act is overbroad and violates the First Amendment. Although the Plaintiffs met this burden, the Court recognized that the Attorney General has agreed not to enforce the Act, and the Maine Legislature is committed to reconsidering its scope in January 2010. Accordingly, the Court, with the agreement of the parties, closed the lawsuit in a stipulated order of dismissal.

Click here for details regarding the scope and requirements of the Act.

Tags: Behavioral Advertising, COPPA, Enforcement, Internet, Maine, Marketing, Personal information, State Law

FTC's First Safe Harbor Enforcement Action

Posted on September 8, 2009 by Hunton & Williams LLP

The Federal Trade Commission (“FTC”) has secured a temporary restraining order against a company that allegedly falsely claimed to have self-certified to the EU/U.S. Safe Harbor Program. One count of the FTC's complaint claims that the company (named Balls of Kryptonite, LLC) misled consumers by inaccurately representing that it had self-certified to the U.S. Department of Commerce that it was Safe Harbor compliant. While the FTC has not alleged a substantive violation of the Safe Harbor, this case is significant for two reasons. First, it marks the first time the FTC has brought an enforcement action with respect to the Safe Harbor Program. The court order prohibits the defendants from misrepresenting the extent to which they “are members of, adhere to, comply with, are certified by, are endorsed by, or otherwise participate in any privacy, security, or any other compliance program sponsored by any government or third party.” Second, the FTC acted in concert with the UK Office of Fair Trading after consumers in the UK registered complaints with the FTC using a website established by 25 international consumer protection agencies to facilitate global consumer protection efforts. This is the first time the FTC has used the U.S. SAFE WEB Act of 2006 to enforce consumer protection regulations against a U.S. company operating exclusively outside the United States.

Tags: Department of Commerce, EU Data Protection Directive, Enforcement, European Union, Federal Trade Commission, International, Internet, Litigation, Safe harbor

This website is for general information purposes only. Information posted is not intended to be legal advice. For more information, please see the Disclaimer and Privacy Notice links.

Computerworld magazine has named Hunton & Williams the top firm for privacy for the third year in a row based on a survey of more than 2,000 corporate privacy professionals.More...

Topics

Behavioral Advertising
Centre for Information Policy Leadership
Enforcement
European Union
Events
FCRA
Financial Privacy
General
Health Privacy
Identity Theft
Information Security
International
Marketing
Online Privacy
Security Breach
State Law
Workplace Privacy

Archives

Recent Updates

Links

Financial Industry News

Google settles Buzz privacy lawsuit SAN FRANCISCO Google Inc has settled a lawsuit accusing it of privacy violations in connection with its Buzz social networking service, according to a court document filed on Friday. The settlement filing comes on the same day Google said it would...
September 6, 2010 6:16 AM
Google pays millions to settle privacy case GOOGLE has agreed to pay $US8.5 million ($9.28m) to settle a privacy lawsuit over its Buzz social networking tool, according to court documents. Buzz was added to Google's free email service Gmail in February.Legal paperwork made available online last...
September 6, 2010 11:51 PM
George Osborne needs to push banks to publish executive pay Bankers' pay transparency is only fair and the chancellor knows it – all that's needed now is legislationGeorge Osborne, the chancellor: has to get his skates on if he's not to miss the deadline for next year's annual reports. Photograph: Anthony Devlin/PAGeorge Osborne says, via his official spokesman, that he is committed to forcing banks to publish the pay brackets of their big earners on a no-names basis. Good. The scheme, devised by Sir David Walker, is a worthwhile reform. It is...
September 6, 2010 9:13 AM
Norway man pleads not guilty to terror financing OSLO, Norway -- A Somali-born Norwegian citizen pleaded not guilty Tuesday to charges of sending over $30,000 to top leaders of an al-Qaida-linked Somali militant group at the start of the first trial under Norway's 2002 terror financing law. Norwegian...
September 7, 2010 1:39 AM
Norway man on trial for terror financing A Somali-born Norwegian citizen has pleaded not guilty to charges of sending over $US30,000 to top leaders of an al-Qaeda-linked Somali militant group at the start of the first trial under Norway's 2002 terror financing law. Norwegian prosecutors...
September 7, 2010 2:09 AM
13 PKK members surrender to Turkish security forces Thirteen members of the outlawed Kurdish Workers' Party (PKK) who ran away from the PKK camps in Iraq surrendered to Turkish security forces on Monday, the semi- official Anatolia news agency reported.The PKK rebels told the Turkish security forces at...
September 6, 2010 6:20 PM
Balloon ban unlawful, judge decides CHILD protection group Bravehearts has permission to fly its white balloons as it likes.A judge has overturned a ruling which banned them on the grounds they could jeopardise a sex crime trial in country Victoria.White Balloon Day was banned in...
September 7, 2010 12:35 AM
Bozo bus depot needs tighter security: Kelly Police Commissioner Raymond Kelly wants NYPD terror cops to look into lax security at a New Jersey depot where mass-transit menace Darius McCollum stole dozens of buses.The Daily News exposed dramatic security lapses at the Hoboken facility this week,...
September 6, 2010 11:14 PM
The Guardian: Viewpoint Let's have a public say in bankers' pay George Osborne says, via his official spokesman, that he is committed to forcing banks to publish the pay brackets of their big earners on a no-names basis. Good. The scheme, devised by Sir David Walker, is a worthwhile reform. It is also very modest. If the coalition government could not hold its nerve on this minor matter then the new independent Banking Commission, examining the case for structural reform, would be redundant.One of the banks' main objections is that disclosure could...
September 6, 2010 10:49 AM
Police launch anti sexting video The video launch in Canberra coincided with the beginning of a three-day conference on hi-tech crime in Sydney which will focus on the difficulties the cyber environment presents for policing and subsequent legal action.AFP Commissioner Tony Negus said...
September 6, 2010 7:30 PM

Privacy & Information Security Law Blog

Unless otherwise noted, attorneys not certified by the Texas Board of Legal Specialization.

The Hunton & Williams law firm's Privacy and Information Management practice includes attorneys who provide services related to privacy law and information security. Our lawyers practice in all areas of privacy and information security, including: state and federal privacy law compliance; EU data protection compliance, including global data transfer mechanisms such as the U.S. Safe Harbor program and model clauses; HIPAA compliance, including the Privacy Rule and Safeguards Rule; GLBA compliance, including the Privacy Rule and Safeguards Rule; FCRA compliance, including disclosure of consumer reports, Affiliate Marketing Rule compliance, and Red Flags Rule compliance; e-commerce issues such as CAN-SPAM, TCPA, mobile marketing, other direct marketing and behavioral advertising; response to and preparation for information security breaches, including breach notification; workplace privacy, such as employee monitoring; identity theft; records management, records retention, and records disposal; online privacy such as COPPA compliance and website privacy notices; e-discovery; and FTC or other government enforcement actions.

Atlanta, Austin, Bangkok, Beijing, Brussels, Charlotte, Dallas, Houston, London, Los Angeles, McLean, Miami, New York, Norfolk, Raleigh, Richmond, San Francisco, Washington - www.hunton.com

LexBlog Lawyer Blogs and Law Firm Blog Design

Privacy & Information Security Law Blog : Privacy Lawyer & Attorney : Hunton & Williams Law Firm : Personal Data, Information Security

Published By
Hunton & Williams

Global privacy and information security law updates and analysis