Monthly Archives: December 2010

President Obama Signs Red Flag Program Clarification Act

Posted on December 20, 2010 by Hunton & Williams LLP

On December 18, 2010, President Obama signed into law the “Red Flag Program Clarification Act of 2010” (S.3987), which amends the Fair Credit Reporting Act with respect to the applicability of identity theft guidelines to creditors.  The law limits the scope of the Federal Trade Commission’s Identity Theft Red Flags Rule (“Red Flags Rule”), which requires “creditors” and “financial institutions” that have “covered accounts” to develop and implement written identity theft prevention programs to help identify, detect and respond to patterns, practices or specific activities that indicate possible identity theft.

Continue reading…

Tags: , , , , , ,

Centre Releases Statement on Department of Commerce’s Green Paper

Posted on December 20, 2010 by Hunton & Williams LLP

The Centre for Information Policy Leadership at Hunton & Williams has issued the following statement about the U.S. Department of Commerce’s “Green Paper” released on December 16

The Centre for Information Policy Leadership congratulates the Department of Commerce on the release of its Green Paper, entitled “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework,” and commends the Department for the extensive outreach and research it conducted to inform the document.  Continue reading…

Tags: , , , ,

Court Finds Fourth Amendment Protects Email Privacy

Posted on December 17, 2010 by Hunton & Williams LLP

On December 14, 2010, the United States Court of Appeals for the Sixth Circuit ruled in United States v. Warshak that a “subscriber enjoys a reasonable expectation of privacy in the content of emails” stored, sent or received through a commercial internet service provider (“ISP”).  According to the court, the government must have a search warrant before it can compel a commercial ISP to turn over the contents of a subscriber’s emails.

In 2008, a jury sitting in the Southern District of Ohio convicted defendants Steven Warshak, Harriet Warshak and TCI Media, Inc. of various crimes relating to defrauding customers of Berkeley Premium Nutraceuticals, Inc.  Before trial, Warshak’s motion to exclude thousands of emails that the government obtained from his ISP was denied.  The defendants appealed their convictions, arguing that the government’s warrantless seizure of Warshak’s private emails violated the Fourth Amendment’s prohibition on unreasonable searches and seizures.

Continue reading…

Tags: , ,

German DPAs Set Minimum Qualification and Independence Requirements for Company Data Protection Officers

Posted on December 17, 2010 by Hunton & Williams LLP

On November 25, 2010, the German data protection authorities responsible for the private sector (also known as the “Düsseldorfer Kreis”) issued a resolution on the minimum requirements for the qualifications and independence of company data protection officers (“DPOs”).  This initiative follows inspections carried out within companies that revealed a generally insufficient level of expertise among DPOs given data processing complexities and the requirements set by the Federal Data Protection Act.  The DPAs recognize that a DPO’s workload depends primarily on the size and number of data controllers the DPO supervises, industry-specific factors related to data processing and the level of protection required for the types of personal data being processed.  Changes with respect to these factors frequently increase the burden on DPOs without a compensating increase in resources needed to ensure proper oversight.

Continue reading…

Tags: , , , ,

Update: Department of Commerce’s “Privacy Bill of Rights”

Posted on December 17, 2010 by Hunton & Williams LLP

As previously reported, on December 16, 2010, the U.S. Department of Commerce released its Green Paper “aimed at promoting consumer privacy online while ensuring the Internet remains a platform that spurs innovation, job creation, and economic growth.”

During a press teleconference earlier that morning announcing the release of the Green Paper, Secretary Gary Locke commented on the Green Paper’s recommendation of adopting a baseline commercial data privacy framework, or a “privacy bill of rights,” built on an expanded, revitalized set of Fair Information Practice Principles (“FIPPs”).  He indicated that baseline FIPPs would respond to consumer concerns and help increase consumer trust.  The Secretary emphasized that the Department of Commerce would look to stakeholders to help flesh out appropriate frameworks for specific industry sectors and various types of data processing.  He also noted that the agency is soliciting comments on how best to give the framework the “teeth” necessary to make it effective.  The Secretary added that the Department of Commerce is also open to public comment regarding whether the framework should be enforced through legislation or simply by conferring power on the Federal Trade Commission. Continue reading…

Tags: , , , , , , , , , , , , ,

Canada Adopts Stringent Anti-Spam Legislation

Posted on December 16, 2010 by Hunton & Williams LLP

Adam Kardash from Heenan Blaikie LLP in Canada reports that Bill C-28, the Fighting Internet and Wireless Spam bill, received Royal Assent on December 15, 2010.  The centerpiece of the Act are prohibitions aimed at preventing spam, but the law also includes regulations to combat phishing and protect users from online malware.  Specifically, among other things, the legislation would prohibit:

  • sending commercial electronic messages (including emails and text messages) without consent (subject to certain limited exceptions);
  • altering transmission data on email messages; and
  • the installation of computer programs without express consent. Continue reading…
Tags: , , ,

Department of Commerce Issues Landmark Privacy Green Paper

Posted on December 16, 2010 by Hunton & Williams LLP

On December 16, 2010, the U.S. Department of Commerce Internet Policy Task Force issued its “Green Paper” on privacy, entitled “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.”  The Green Paper outlines Commerce’s privacy recommendations and proposed initiatives, which contemplate the establishment of enforceable codes of conduct, collaboration among privacy stakeholders, and the creation of a Privacy Policy Office in the Department of Commerce.  Noting that “privacy protections are crucial to maintaining the consumer trust that nurtures the Internet’s growth,” the Green Paper “recommends reinvigorating the commitment to providing consumers with effective transparency into data practices, and outlines a process for translating transparency into consumer choices through a voluntary, multistakeholder process.” Continue reading…

Tags: , , , , , , , ,

Senator Kerry’s Senior Advisor Provides Key Insight into Forthcoming Privacy Bill

Posted on December 10, 2010 by Hunton & Williams LLP

On December 10, 2010, Senior Advisor to U.S. Senator John Kerry (D-Mass.), Daniel Sepulveda, briefed the Centre for Information Policy Leadership at Hunton & Williams LLP (the “Centre”) members on Senator Kerry’s forthcoming privacy legislation.  The bill, which will be introduced next Congress, aims to establish a regulatory framework for the comprehensive protection of individuals’ personal data that authorizes rulemakings by the Federal Trade Commission. Continue reading…

Tags: , , , , , , , ,

Jerusalem Declaration Calls for International Agreement on Data Protection Enforcement

Posted on December 10, 2010 by Hunton & Williams LLP

The 32nd International Conference of Data Protection and Privacy Commissioners held in Jerusalem this October continued the trend from past conferences by enacting a resolution, this time with respect to the adoption of global privacy standards.  The Jerusalem Declaration calls for an intergovernmental conference in 2011 or 2012 to negotiate a binding international agreement guaranteeing respect for data protection and privacy, and facilitating cross-border coordination of enforcement efforts.  The basis for the binding international agreement would be the Madrid Resolution, which was adopted in November 2009.

The Jerusalem Declaration was sponsored by the French Data Protection Authority (the “CNIL”) and was seconded by nine other entities, including the Irish Data Protection Commissioner, the New Zealand Privacy Commissioner, the Spanish Data Protection Agency and the UK Information Commissioner’s Office.  Despite the resolution, it seems highly unlikely the intergovernmental conference will take place within the proposed two-year timeframe.

Tags: , , , , , , , , ,

House Approves Social Security Number Protection Act

Posted on December 9, 2010 by Hunton & Williams LLP

On December 8, 2010, the U.S. House of Representatives approved the Social Security Number Protection Act of 2010 (S. 3789), which is aimed at reducing identity theft by limiting access to Social Security numbers.  The bill prohibits printing Social Security numbers, or any derivative of a Social Security number, on government-issued checks, and bars federal, state and local government entities from employing prisoners in jobs that would allow them to access Social Security numbers.  Although there are numerous state laws on the books to safeguard Social Security numbers, the Social Security Number Protection Act will provide federal coverage.  The bill was introduced by Senators Dianne Feinstein (D-CA) and Judd Gregg (R-NH) and passed in the Senate by unanimous consent on September 28, 2010.  It is now headed for signature by President Obama.

Tags: , , , ,