On October 27, 2013, the South Korean Ministry of Security and Public Administration indicated that the government will begin issuing certifications to private and public organizations that meet certain Personal Information Protection Act requirements. Organizations may apply for certification starting on November 28, 2013.… Continue Reading
On October 25, 2013, the Standing Committee of the National People's Congress of the People's Republic of China passed an amendment to the Law on the Protection of Consumer Rights and Interests, which will take effect on March 15, 2014. The amendment adds numerous provisions designed to improve protections for consumer personal information.… Continue Reading
On July 12, 2013, Illinois Attorney General Lisa Madigan announced that she sent letters to operators of eight popular health-related websites requesting information about their online data collection practices.… Continue Reading
The Federal Trade Commission’s changes to the Children’s Online Privacy Protection Rule come into effect today. This post summarizes key changes affecting businesses subject to the amended Rule.… Continue Reading
The Bavarian data protection authority recently updated its compliance initiative aimed at online tracking tools to include information and guidance regarding Adobe’s online tracking product.… Continue Reading
On April 30, 2013, the regional court of Berlin enjoined Apple Sales International, which is based in Ireland, from relying on eight of its existing standard data protection clauses in contracts with customers based in Germany. The court also prohibited Apple’s future use of such clauses.… Continue Reading
On April 25, 2013, the Federal Trade Commission released an updated version of its frequently asked questions regarding the Children’s Online Privacy Protection Act of 1998 that provide general information on COPPA’s requirements and also include new guidance on the recent amendments to the Children’s Online Privacy Protection Rule. … Continue Reading
On February 4, 2013, the German Federal Office for Information Security published a paper providing an overview of risks and risk-management strategies related to the growing trend of employees making personal use of employer IT systems and using their personal IT devices for work purposes. … Continue Reading
On February 1, 2013, the Federal Trade Commission issued a new report on mobile app privacy issues and announced an $800,000 settlement with a social networking service for privacy violations related to its mobile app.… Continue Reading
On January 10, 2013, Jan Philipp Albrecht presented his draft report on the EU Parliament’s proposed amendments to the European Commission’s proposed General Data Protection Regulation. This blog post outlines key elements of the draft report, which includes detailed changes to the European Commission’s proposed Regulation.… Continue Reading
On December 5, 2012, the Federal Trade Commission announced that the online advertising company Epic Marketplace, Inc. agreed to settle charges that it engaged in "history sniffing" to secretly and illegally collect information about consumers' interest in sensitive medical and financial issues.… Continue Reading
On November 27, 2012, the International Chamber of Commerce of the United Kingdom (“ICC UK”) released the second edition of its cookie guidance (the “Guidance”). The ICC UK released the first edition of the Guidance in April of this year, and has produced this latest version to take into account updated guidance released by the … Continue Reading
In late October 2012, California Attorney General Kamala D. Harris began sending letters to mobile app operators, informing them that they are not in compliance with the California Online Privacy Protection Act.… Continue Reading
On June 26, 2012, the Federal Trade Commission announced that it had filed suit against Wyndham Worldwide Corporation and three of its subsidiaries (“Wyndham”) alleging failures to maintain reasonable security that led to three separate data breaches involving hackers accessing sensitive consumer data. The FTC’s complaint claims that Wyndham violated the FTC Act by posting … Continue Reading
Today the National Telecommunications and Information Administration announced that it will convene its first multistakeholder meeting on July 12, 2012, to begin the process of developing a code of conduct that promotes transparency in the mobile application context.… Continue Reading
On May 8, 2012, the Federal Trade Commission announced a settlement agreement with Myspace following allegations that the company made deceptive statements regarding its information sharing practices and falsely claimed to comply with the U.S.-EU Safe Harbor framework.… Continue Reading
On March 27, 2012, the Federal Trade Commission announced that RockYou, Inc., would pay a $250,000 fine to settle allegations that it violated multiple provisions of the Children’s Online Privacy Protection Act Rule when it collected information from approximately 179,000 children.… Continue Reading
On November 8, 2011, the FTC announced that the operator of skidekids.com, a social networking website that advertises itself as the “Facebook and Myspace for Kids,” has agreed to settle charges that he violated the COPPA Rule by collecting personal information from approximately 5,600 children without parental consent.… Continue Reading
On September 15, 2011, the data protection authority of the German federal state of Hamburg published a press release confirming that Google has significantly improved compliance with respect to the implementation of Google Analytics in Germany.
… Continue Reading
On August 24, 2011, India's Ministry of Communications & Information Technology issued a clarification regarding India's new privacy regulations, indicating that outsourcing service providers in India will not need to obtain consent from individuals before processing their data.
… Continue Reading
On June 13, 2011, Representative Mary Bono Mack released a discussion draft of of the Secure and Fortify Data Act, which would establish federal data security and breach notification requirements.
… Continue Reading