On August 25, 2016, WhatsApp announced in a blog post that the popular mobile messaging platform has updated its Terms of Service and Privacy Policy to permit certain information sharing with Facebook. … Continue Reading
On July 20, 2016, the French Data Protection Authority announced that it issued a formal notice to Microsoft Corporation ordering the company to address several alleged violations of the French Data Protection Act concerning the Windows 10 operating system.… Continue Reading
On June 25, 2016, the Cyberspace Administration of China published its new Administrative Provisions on Internet Information Search Services. These provisions will come into effect on August 1, 2016.… Continue Reading
In a recently published decision, the Belgian Court of Cassation confirmed the broad interpretation given to the "right to be forgotten" by a Belgian Court of Appeal. … Continue Reading
On May 23, 2016, half of the EU Member States sent a letter to the European Commission and the Netherlands (which holds the rotating presidency), seeking the removal of barriers to the free flow of data both within and outside the EU to benefit the EU from new data-driven technologies.… Continue Reading
After four years of drafting and negotiations, the long awaited EU General Data Protection Regulation has been adopted at the EU level. This blog entry highlights key aspects of the Regulation.… Continue Reading
On April 6, 2016, the Federal Trade Commission endorsed the Organization for Economic Cooperation and Development’s updated guidelines on consumer protection in e-commerce. This blog entry provides highlights on the OECD’s new recommendations. … Continue Reading
On March 22, 2016, the Ministry of Commerce of the People’s Republic of China published drafts of its proposed (1) Specifications for Business Services in Mobile E-commerce and (2) Specifications for Business Services in Cross-border E-commerce. Public comments on the drafts will be accepted until May 31, 2016.… Continue Reading
On February 16, 2016, California Attorney General Kamala D. Harris released the California Data Breach Report 2012-2015 which, among other things, provides (1) an overview of businesses’ responsibilities regarding protecting personal information and reporting data breaches and (2) a series of recommendations for businesses and state policy makers to follow to help safeguard personal information. … Continue Reading
On January 13, 2016, the Russian Data Protection Authority (Roscommandzor) released its plan for audits this year to assess compliance with Russia’s data localization law, which became effective on September 1, 2015.… Continue Reading
On January 12, 2016, the European Court of Human Rights ruled in Bărbulescu v. Romania that companies can monitor their employees’ online communications in certain circumstances. … Continue Reading
Recently, the People's Bank of China published Administrative Measures for Online Payment Business of Non-bank Payment Institutions. These measures were enacted to provide further details on the regulation of the online payment business in supplement to earlier measures published on June 14, 2010.… Continue Reading
On November 20, 2015, Markus Heyder, Vice President of the Centre for Information Policy Leadership at Hunton & Williams LLP, discussed how “transparency is increasingly understood as a core component of addressing the challenges of the modern information economy” and a key catalyst for a productive and innovative information economy in an article entitled Transparency and the Future of Driverless Privacy published by the International Association of Privacy Professionals. … Continue Reading
On November 5, 2015, the White House released the proposed text of the Trans-Pacific Partnership Agreement that would commit participating countries to implement legal frameworks to protect personal information processed in connection with electronic commerce. … Continue Reading
On November 2, 2015, Federal Communications Commission Chairman, Tom Wheeler, indicated in an interview that the agency would take on the issue of broadband privacy within the next several months, most likely in the form of a notice of proposed rulemaking. … Continue Reading
On August 20, 2015, the Bavarian Data Protection Authority issued a press release stating that it imposed a significant fine on a data controller for failing to adequately specify the security controls protecting personal data in a data processing agreement with a data processor.… Continue Reading
On September 2, 2015, the Information Commissioner’s Office announced an investigation into the data sharing practices of charities in the United Kingdom. The announcement follows the publication of an article in a UK newspaper highlighting the data sharing and marketing practices of certain charities.… Continue Reading
On September 2, 2015, the French Data Protection Authority published the results of a sweep of 54 sites visited by children and teenagers. The sweep was conducted in May 2015 to assess whether websites that are directed toward, frequently used by or popular among children comply with French data protection law.… Continue Reading
On August 11, 2015, the Online Trust Alliance, a nonprofit group whose goal is to increase online trust and promote the vitality of the Internet, released a framework for best practices in privacy and data security for the Internet of Things. … Continue Reading
Delaware Governor Jack Markell recently signed four bills into law concerning online privacy. The bills, drafted by the Delaware Attorney General, focus on protecting the privacy of website and mobile app users, children, students and crime victims.… Continue Reading
Recently, the Privacy and Big Data Institute at Ryerson University in Canada announced that it is offering a Privacy by Design Certification.… Continue Reading
On July 28, 2015, the UK Supreme Court announced its decision to grant permission in part for Google to appeal the England and Wales Court of Appeal’s decision in Google Inc. v Vidal-Hall and Others. … Continue Reading
Recent class actions filed against Facebook and Shutterfly are the first cases to test an Illinois law that requires consent before biometric information may be captured for commercial purposes. Although the cases focus on biometric capture activities primarily in the social-media realm, these cases and the Illinois law at issue have ramifications for any business … Continue Reading
On June 30, 2015, the French Data Protection Authority summarized the results of the cookie inspections it conducted at the end of 2014.… Continue Reading
