CIPL Comments on the Indonesian Draft Data Protection Regulation with New White Paper on Cross-Border Data Transfers Mechanism

On August 20, 2015, the Centre for Information Policy Leadership at Hunton & Williams (“CIPL”) filed comments to the Indonesian Draft Regulation proposed by the Minister of Communication and Information (RPM) of the Protection of Personal Data in Electronic Systems. The comments were limited to the issue of cross-border data transfers and were submitted in the form of a new CIPL white paper entitled Cross-Border Data Transfer Mechanisms.

Continue Reading

German DPA Fines Two Companies for the Unlawful Transfer of Customer Data as Part of an Asset Deal

On July 30, 2015, the Bavarian Data Protection Authority (“DPA”) issued a press release stating that it imposed a significant fine on both the seller and purchaser in an asset deal for unlawfully transferring customer personal data as part of the deal.

Continue Reading

Third Circuit Upholds FTC’s Authority to Regulate Companies’ Data Security Practices

On August 24, 2015, the United States Court of Appeals for the Third Circuit issued its opinion in Federal Trade Commission v. Wyndham Worldwide Corporation (“Wyndham”), affirming a district court holding that the Federal Trade Commission has the authority to regulate companies’ data security practices.

Continue Reading

Online Trust Alliance Releases Privacy and Data Security Framework for Internet of Things

On August 11, 2015, the Online Trust Alliance, a nonprofit group whose goal is to increase online trust and promote the vitality of the Internet, released a framework (the “Framework”) for best practices in privacy and data security for the Internet of Things. The Framework was developed by the Internet of Things Trustworthy Working Group, which the Online Trust Alliance created in January 2015 to address “the mounting concerns and collective impact of connected devices.”

Continue Reading

FTC Reaches Settlement with Thirteen Companies over Safe Harbor Misrepresentations

On August 17, 2015, the Federal Trade Commission announced proposed settlements with 13 companies over allegations that they misled consumers by falsely claiming to be Safe Harbor certified when their certifications had lapsed or they had never been certified at all.

Continue Reading

Delaware Governor Signs Set of Online Privacy Bills

On August 7, 2015, Delaware Governor Jack Markell signed four bills into law concerning online privacy. The bills, drafted by the Delaware Attorney General, focus on protecting the privacy of website and mobile app users, children, students and crime victims.

Continue Reading

Privacy by Design Certification offered by Ryerson University

On May 25, 2015, the Privacy and Big Data Institute at Ryerson University in Canada announced that it is offering a Privacy by Design Certification. Privacy by Design is a “framework that seeks to proactively embed privacy into the design specifications of information technologies” to obtain the most secure data protection possible. Organizations that attain the certification will be permitted to post a “Certification Shield” “to demonstrate to consumers that they have withstood the scrutiny of a rigorous third party assessment, assuring the public that their product or service reflects the viewpoint of today’s privacy conscious consumer.”

Continue Reading

Neiman Marcus Seeks En Banc Review

On August 3, 2015, Neiman Marcus requested en banc review of the Seventh Circuit’s recent decision in Remijas v. Neiman Marcus Group, LLC, No. 14-3122. As we previously reported, the Seventh Circuit found that members of a putative class alleged sufficient facts to establish standing to sue Neiman Marcus following a 2013 data breach. During that breach, hackers gained access to customers’ credit and debit card information.

Continue Reading

Google Granted Permission to Appeal to the UK Supreme Court

On July 28, 2015, the UK Supreme Court announced its decision to grant permission in part for Google Inc. (“Google”) to appeal the England and Wales Court of Appeal’s decision in Google Inc. v Vidal-Hall and Others.

Continue Reading

Hunton’s Privacy Law Blog Listed Among the Top-Ranked Legal Blogs

Hunton & Williams is pleased to announce the firm’s Privacy & Information Security Law Blog has been ranked the #1 privacy and data security blog and the #4 overall legal blog by LexBlog’s 2015 Am Law 200 Blog Benchmark Report. Recently released, the report catalogues all blogs published by Am Law 200 law firms and calculates the rankings based on (1) the amount of traffic each blog generates, (2) their technology infrastructures and (3) the ability of each blog to incorporate responsive design for multiple devices. Hunton & Williams’ Global Privacy and Cybersecurity team is a leader in its field and has been ranked by Computerworld magazine, Chambers and Partners and The Legal 500 as a top law firm globally for privacy and data security.