The Article 29 Working Party issued an Opinion on data processing at work, which complements the Working Party’s previous guidance on the processing of personal data in the employment context and on the surveillance of electronic communications in the workplace. This blog entry provides highlights on the Opinion.
Continue Reading Article 29 Working Party Releases Opinion on Data Processing at Work

On October 27, 2015, the Ninth Circuit held in EEOC v. McLane Co., Inc. that the EEOC has broad subpoena powers to obtain nationwide private personnel information, including Social Security numbers.
Continue Reading Ninth Circuit Holds that the EEOC Has Broad Access to Personal Information, Including Social Security Numbers

On October 2, 2015, California Attorney General Kamala D. Harris announced that her office settled a lawsuit against an online home design company, Houzz Inc., stemming from allegations that the company impermissibly recorded phone calls without appropriately notifying the parties to the calls.
Continue Reading California Attorney General’s Settlement with Houzz Inc. Requires Company to Hire CPO

The Office of Compliance, Inspections and Examinations at the U.S. Securities and Exchange Commission recently issued a Risk Alert outlining its latest cybersecurity examination priorities for SEC-registered broker-dealers and investment advisers.
Continue Reading SEC Issues Top Cybersecurity Priorities for Broker-Dealers and Investment Advisers

On January 6, 2015, the French data protection authority (CNIL) published a decision adopting a new Simplified Norm NS 47 that addresses the processing of personal data in connection with monitoring and recording employee telephone calls in the workplace.
Continue Reading French Data Protection Authority Issues New Decision on Monitoring and Recording Telephone Calls in the Workplace

On June 28, 2013, the Swiss Federal Data Protection and Information Commissioner issued its annual report highlighting activities during the period from April 2012 to March 2013. This blog post provides an overview of information from the report that is relevant for international businesses with operations in Switzerland.
Continue Reading Swiss DPA Issues Its 20th Annual Report

On November 30, 2011, the French Court of Cassation upheld a decision excluding the application of the French Data Protection Act to an investigation by the French Competition Authority.
Continue Reading French Court of Cassation Excludes Application of Data Protection Act to Competition Authority’s Investigation

On November 16, 2011, the French Data Protection Authority published its Annual Activity Report for 2010. The Report highlights the CNIL’s major accomplishments from 2010 and its priorities for 2011, and includes recommendations for the revision of the EU data protection framework.
Continue Reading French Data Protection Authority Unveils 2010 Annual Activity Report