Personal Information

European Commission Releases White Paper on Regulation of AI and Communications on Digital and Data Strategies for Europe

Posted on February 20, 2020

On February 19, 2020, the European Commission released a suite of documents including its White Paper on Artificial Intelligence and two communications—it’s European strategy for data and a Digital Strategy document. …
Continue Reading

China Emphasizes Protection of Personal Data by Issuing a New Circular

Posted on February 18, 2020

Posted in International

On February 9, 2020, amidst the ongoing coronavirus outbreak in China, in order to protect personal information collected during the fight against coronavirus, such as the personal data of diagnosed patients, suspected patients and individuals who have been in close contact with diagnosed patients, the Cyberspace Administration of China issued a new circular to emphasize the protection of relevant personal data. …
Continue Reading

SEC Publishes Cybersecurity and Resiliency Observations

Posted on February 6, 2020

Posted in Cybersecurity, Financial Privacy, Information Security

The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations recently announced the publication of a report entitled “Cybersecurity and Resiliency Observations” that summarizes the observations gleaned from OCIE’s cybersecurity examinations of broker-dealers, investment advisers, clearing agencies, national securities exchanges and other SEC registrants.…
Continue Reading

Facebook Agrees to Landmark 550 Million Dollar Settlement in BIPA Class Action

Posted on January 30, 2020

Posted in Enforcement, Online Privacy, U.S. State Law

Facebook disclosed on January 29, 2020, that it has agreed to pay 550 million dollars to resolve a biometric privacy class action filed by Illinois users under the Biometric Information Privacy Act.…
Continue Reading

Mortgage Broker Settles FTC Privacy Charges That It Improperly Disclosed Consumer Information on Review Site

Posted on January 15, 2020

Posted in Enforcement, Online Privacy, U.S. Federal Law

As reported on our Hunton Retail Law Resource blog, on January 7, 2020, the Federal Trade Commission announced a settlement with Mortgage Solutions FCS, Inc., and its sole principal, Ramon Walker, to resolve allegations that the lender violated the FTC Act, the Fair Credit Reporting Act and the Gramm-Leach-Bliley Act, by improperly disseminating consumers’ personal information on Yelp in response to consumers’ negative reviews posted to that site.…
Continue Reading

South Korean Court Imposes Personal Liability on Privacy Officer for Data Breach

Posted on January 9, 2020

Posted in Enforcement, International

According to MLex, on January 6, 2020, the Seoul Eastern District Court found Kim Jin-Hwan, a privacy officer of the South Korean travel agency Hana Tour Service Inc., guilty of negligence in failing to prevent a 2017 data breach that affected over 465,000 customers of the agency and 29,000 Hana Tour employees.…
Continue Reading

ICO Publishes Draft Direct Marketing Code of Practice for Consultation

Posted on January 9, 2020

Posted in Behavioral Advertising, International, Marketing, Online Privacy

On January 8, 2020, the Information Commissioner’s Office (“ICO”) launched a consultation on its draft direct marketing code of practice (the “Draft Code”), as required by section 122 of the Data Protection Act 2018 (“DPA 18”). The Draft Code is open for public consultation until March 4, 2020.…
Continue Reading

Department of Education and Department of Health and Human Services Release First Update to Joint Guidance on FERPA and HIPAA Since 2008

Posted on December 23, 2019

Posted in U.S. Federal Law

The U.S. Department of Education and the U.S. Department of Health and Human Services released joint guidance on the application of the Family Educational Rights and Privacy Act and the Health Insurance Portability and Accountability Act of 1996 Privacy Rule to student records.…
Continue Reading

China Issues Updated Draft Amendments to Information Security Technology Specification

Posted on November 14, 2019

Posted in Information Security, International

On October 22, 2019, the drafting group of China’s National Information Security Standardization Technology Committee released a third draft amendment to the Information Security Technology – Personal Information Security Specification.…
Continue Reading

Facebook Reaches Settlement with ICO over £500,000 Data Protection Fine

Posted on November 5, 2019

Posted in Enforcement, International, Online Privacy

Facebook reached a settlement with the UK Information Commissioner’s Office, agreeing to pay a fine of 500,000 GBP in relation to the processing and sharing of its users’ personal data with Cambridge Analytica.…
Continue Reading

Privacy & Information Security Law Blog