2012 IAPP Global Privacy Summit

Posted on March 6, 2012 by Hunton & Williams LLP

Join us at the International Association of Privacy Professionals (“IAPP”) Global Privacy Summit in Washington, D.C., March 7-9, 2012. Hunton & Williams privacy professionals will be featured speakers in the following sessions:

  • Mending Fences after a Breach
    Thursday, March 8, 12:15 p.m.
    Speakers include: Lisa J. Sotto, partner and head of the Global Privacy and Data Security practice, Hunton & Williams LLP; Susan Grant, Director of Consumer Protection, Consumer Federation of America; and Joanne B. McNabb, Chief, California Office of Privacy Protection. Continue reading…
Tags: , , , , , , , , , , , , , , , , , ,

Digital Advertising Alliance Supports Browser-Based Choice Mechanism

Posted on February 28, 2012 by Hunton & Williams LLP

The Digital Advertising Alliance (“DAA”) recently announced that its members will work “to add browser-based header signals to the set of tools by which consumers can express their preferences” not to be tracked online and will work with browser providers to develop “consistent language across browsers…that describes to consumers the effect of exercising such choice.”

This announcement came on the heels of the Obama administration’s release of a framework for a Consumer Privacy Bill of Rights. The DAA’s agreement represents the industry’s attempt to appease consumer privacy concerns in the face of the growth of online advertising. The DAA represents over 400 advertising and technology companies.

Continue reading…

Tags: , , ,

White House Announces Its Highly Anticipated Consumer Privacy Bill of Rights

Posted on February 23, 2012 by Hunton & Williams LLP

The White House today released its long-awaited report outlining a framework for U.S. data protection and privacy policy. As expected, “Consumer Data Privacy in a Networked World: A Framework for Protecting Privacy and Promoting Global Innovation in the Global Digital Economy” articulates a Consumer Privacy Bill of Rights based on the individual’s right to exercise control over what personal data companies collect from the individual and how companies use the data. The Consumer Privacy Bill of Rights, which reflects principles of fair information practices and applies to personal data, sets forth individual rights for consumers and corresponding obligations of companies in connection with personal data. It also provides for the consumer’s right to:

  • transparent privacy and data security practices;
  • expect that companies will collect, use and disclose data in a manner consistent with the context in which it was collected;
  • have their data handled in a secure manner;
  • access and correct personal data;
  • set reasonable limits on the personal data that companies collect and retain; and
  • have personal data handled by companies with appropriate measures in place to assure they adhere to the Consumer Privacy Bill of Rights.

Continue reading…

Tags: , , , , , , , ,

Senators Introduce Cybersecurity Act of 2012

Posted on February 22, 2012 by Hunton & Williams LLP

On February 14, 2012, a joint U.S. congressional committee, including Senators Joseph Lieberman (I-CT), Susan Collins (R-ME), Jay Rockefeller (D-WV) and Dianne Feinstein (D-CA), introduced the Cybersecurity Act of 2012 (the “Act”). Although the legislation appears to have strong bipartisan support, during a February 15 hearing before the Homeland Security and Governmental Affairs Committee, Senator John McCain (R-AZ) indicated that he and six Republican colleagues would propose their own cybersecurity legislation in March.

Continue reading…

Tags: , , , , ,

European Court of Justice Sets Criteria for Balancing Privacy Rights and Copyrights in the Social Networking Context

Posted on February 17, 2012 by Hunton & Williams LLP

On February 16, 2012, the European Court of Justice held in the SABAM vs. Netlog case (C-360/10) that imposing an obligation on social networks to install a “general filtering system” to prevent all users from sharing copyrighted music is disproportionate to the extent that such filters may infringe on user privacy rights or block lawful communications. SABAM, a Belgian copyright association, had filed an injunction against social network provider Netlog that would have required Netlog to install filtering systems to prevent copyright infringements by Netlog users. The Belgian court deciding on the injunction requested a preliminary ruling from the ECJ.

Continue reading…

Tags: , ,

Hong Kong Privacy Commissioner Offers Guidance for Complying with Data Privacy Ordinance

Posted on February 16, 2012 by Hunton & Williams LLP

Since October 2011, the Hong Kong Office of the Privacy Commissioner for Personal Data has published three “Guidance Notes” to help data users comply with the Personal Data (Privacy) Ordinance (the “Ordinance”). These Notes are not legally binding, nor are they intended to serve as an exhaustive guide to the application of the Ordinance, but they provide good, practical examples and tips that the Commissioner has developed as it has implemented the Ordinance.

Continue reading…

Tags: ,

FTC Settles with Alleged Stealth Behavioral Advertising Targeter

Posted on January 9, 2012 by Hunton & Williams LLP

On January 5, 2012, the Federal Trade Commission announced a proposed settlement with Upromise, Inc., a membership reward service that gives cash rebates for college savings accounts to members who purchase products and services from its partner merchants. The FTC alleged that the “Personalized Offers” feature on the Upromise TurboSaver Toolbar (1) collected far more information about users’ browsing behavior than was disclosed at the time of installation, and (2) contrary to representations in the company’s privacy notice, transmitted that information, which included data such as Social Security numbers and financial account numbers, in clear text.

Continue reading…

Tags: , , , , ,

FTC Seeks Public Comments on Facial Recognition Technology

Posted on January 1, 2012 by Hunton & Williams LLP

On December 23, 2011, the Federal Trade Commission announced that it is seeking public comments on the privacy and security implications raised by the use of facial recognition technology. The FTC recently held a public workshop entitled “Face Facts: A Forum on Facial Recognition Technology,” that discussed the current and future commercial applications of facial recognition technologies and the associated privacy and security concerns.

Continue reading…

Tags: , ,

UK ICO Releases Updated Cookie Compliance Guidance

Posted on December 29, 2011 by Hunton & Williams LLP

On December 13, 2011, the Information Commissioner issued updated guidance on compliance with recent changes to UK law governing the use of cookies (The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011 (“Regulations”)). Organizations were given a twelve-month grace period to comply with the new law. Initial guidance on the Regulations was released on May 9, 2011, but the Information Commissioner characterized that guidance as merely a “starting point for getting compliant rather than a definitive guide,” signaling that further advice would follow if appropriate. The release of the updated guidance coincides with the Information Commissioner’s interim report on organizations’ attempts to achieve compliance in which he concluded that organizations “must try harder” with their cookie compliance efforts.

Continue reading…

Tags: , , , ,

Netflix Litigation Ordered to Mediation as House Passes VPPA Amendment

Posted on December 15, 2011 by Hunton & Williams LLP

On December 1, 2011, a consolidated litigation against Netflix was ordered to private mediation pursuant to an agreement between the parties. As we previously reported, the plaintiffs allege that Netflix’s practice of maintaining customer movie rental history and recommendations after their subscriptions are cancelled violates the federal Video Privacy Protection Act (“VPPA”). In August 2011, several similar cases against Netflix were consolidated by a federal court in California.

News of the mediation order comes as a significant amendment to the VPPA awaits Senate approval. On December 6, 2011, the House of Representatives passed House Bill 2471 (“H.B. 2471”), which would allow video tape service providers to obtain consumers’ informed, written consent to disclose their personally identifiable information “[i]n advance for a set period of time or until consent is withdrawn.” H.B. 2471 also provides that “informed written consent” may be obtained electronically over the Internet. As we reported earlier this year, concerns regarding potential VPPA violations prompted Netflix to delay the U.S. launch of an integrated service with Facebook that would allow subscribers to share their television and movie viewing information. In July 2011, Netflix’s CEO criticized the VPPA as being “ambiguous” and “poorly drafted.” Discussing H.B. 2471 on the Netflix Blog, the company called on its customers to email Congress “to urge them to pass this modernizing legislation.”

Tags: , , , , , , , ,