On February 6, 2018, the Federal Trade Commission (“FTC”) released its agenda for PrivacyCon 2018, which will take place on February 28. Following recent FTC trends, PrivacyCon 2018 will focus on privacy and data security considerations associated with emerging technologies, including the Internet of Things, artificial intelligence and virtual reality. The event will feature four panel presentations by over 20 researchers, including (1) collection, exfiltration and leakage of private information; (2) consumer preferences, expectations and behaviors; (3) economics, markets and experiments and (4) tools and ratings for privacy management. The FTC’s press release emphasizes the event’s focus on the economics of privacy, including “how to quantify the harms that result when companies fail to secure consumer information, and how to balance the costs and benefits of privacy-protective technologies and practices.” Continue Reading FTC Releases PrivacyCon 2018 Agenda
On January 18, 2018, Hunton & Williams LLP’s retail industry lawyers, composed of more than 100 lawyers across practices, released their annual Retail Year in Review publication. The Retail Year in Review includes several articles authored by our Global Privacy and Cybersecurity lawyers, and touches on many topics of interest including blockchain, ransomware, cyber insurance and the Internet of Things.
On January 8, 2018, the FTC announced an agreement with electronic toy manufacturer, VTech Electronics Limited and its U.S. subsidiary, settling charges that VTech violated the Children’s Online Privacy Protection Act (“COPPA”) by collecting personal information from hundreds of thousands of children without providing direct notice or obtaining their parent’s consent, and failing to take reasonable steps to secure the data it collected. Under the agreement, VTech will (1) pay a $650,000 civil penalty; (2) implement a comprehensive data security program, subject to independent audits for 20 years; and (3) comply with COPPA. This is the FTC’s first COPPA case involving connected toys and the Internet of Things.
On October 13, 2017, the Federal Trade Commission published the twelfth and final blog post in its “Stick with Security” series (the “Series”). The Series focused on the 10 principles outlined in the FTC’s Start with Security Guide for Businesses and sought to provide insights and lessons learned on data security from recent FTC cases, closed investigations and questions and comments received from businesses. The final post, entitled Stick with Security: FTC resources for your business, outlines the resources available to businesses to put the principles detailed in the Series into practice. These can be found on the FTC’s Data Security page.
On July 25, 2016, the Article 29 Working Party (the “Working Party”) and the European Data Protection Supervisor (“EDPS”) released their respective Opinions regarding the review of Directive 2002/58/EC on privacy and electronic communications (the “ePrivacy Directive”). Both the Working Party and the EDPS stressed that new rules should complement the protections available under the EU General Data Protection Regulation (“GDPR”). Continue Reading Article 29 Working Party and EDPS Release Opinions on the ePrivacy Directive
On April 12, 2016, the French Data Protection Authority (“CNIL”) announced that it will participate in a coordinated online audit to analyze the impact of everyday connected devices on privacy. The audit will be coordinated by the Global Privacy Enforcement Network (“GPEN”), a global network of approximately 50 data protection authorities (“DPAs”) from around the world. Continue Reading CNIL and GPEN Analyze Impact of Connected Devices on Privacy During Internet Sweep
On March 23, 2016, the Chairwoman of the French Data Protection Authority (“CNIL”) opened proceedings that will lead to the release of a compliance pack on connected vehicles.
The CNIL announced that the compliance pack will contain guidelines regarding the responsible use of personal data for the next generation of vehicles. It will assist various stakeholders in the industry prepare for the General Data Protection Regulation.
On November 20, 2015, Markus Heyder, Vice President of the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP, discussed how “transparency is increasingly understood as a core component of addressing the challenges of the modern information economy” and a key catalyst for a productive and innovative information economy in an article entitled Transparency and the Future of Driverless Privacy published by the International Association of Privacy Professionals.
Hunton & Williams welcomes Phyllis H. Marcus as counsel to the firm’s privacy and competition teams. Phyllis joins the firm from the Federal Trade Commission, where she held a number of leadership positions, most recently as Chief of Staff of the Division of Advertising Practices. Phyllis led the FTC’s children’s online privacy program, including bringing a number of enforcement actions and overhauling the Children’s Online Privacy Protection Act (“COPPA”) Rule. She offers the privacy team a keen understanding of the complexities of the revised regulations, as well as broader issues relating to student privacy, mobile applications and the Internet of Things.
On October 27, 2015, Hunton & Williams LLP’s Centre for Information Policy Leadership (“CIPL”) will conduct a joint workshop with Nymity on Bridging Disparate Privacy Regimes through Organizational Accountability. As a side event to the 37th International Privacy Conference in Amsterdam during the week of October 26, the workshop is specifically designed to support and further explore the theme of global “Privacy Bridges” that will be discussed at the International Privacy Conference. Organizational accountability is one of the proposed bridges in the Privacy Bridges Report which the international expert group released earlier this week.