DATA PROTECTION Archives – Page 23 of 85

New York passed first cybersecurity legislation for banks and financial institution

Date 03/08/2017.

On March 1, 2017, the new Cybersecurity Regulation to Protect Consumers and Financial Institutions proposed by Governor Andrew Cuomo took effect . This first-in-the-nation piece of legislation aims at protecting consumer data and financial systems from cyber-attacks of terrorist organizations and other criminal enterprises. The Regulation requires banks, insurance companies, and other financial services institutions […]

FCC partially stays Consumer Broadband Privacy Rules

Date 03/07/2017.

On March 1, 2017, the Federal Communications Commission (FCC) granted a Stay Petition in part, and ordered a “stay on an interim basis” of certain aspects of the 2016 order “Protecting the Privacy of Customers of Broadband and Other Telecommunications Services” (the “Privacy Order”). The Privacy Order containing broadband privacy rules was published on November 2016. […]

Update on the Irish High Court’s proceeding to decide request for ECJ’s preliminary ruling on Model Clauses

Date 03/06/2017.

According to the Irish Data Protection Authority (DPA) the hearing before the Irish High Court brought by the DPA against Facebook Ireland Ltd and Mr Schrems over EU-US data transfers will possibly take another additional week (or two addition weeks) to conclude. More information on the case is available here. According to the available sources (see […]

Oracle posits that Consumer Broadband Privacy Rules grant Google unfair competitive advantage

Date 03/06/2017.

On December 21, 2016, Oracle asked the Federal Communications Commission (FCC) to reconsider its decision and order “Protecting the Privacy of Customers of Broadband and Other Telecommunications Services” (“Order”) published on November 2016. See here. At the beginning of 2017, several Internet Service Providers (ISPs) and cable associations filed Petitions for Reconsideration requesting the FCC to significantly […]

Italian judge blocks Italian access to US-hosted website for privacy violation

Date 03/03/2017.

According to this source, in February 2017, an Italian judge for the preliminary investigations (usually referred as “GIP”, from Giudice per le Indagini Preliminari) ordered to obscure a website hosted in the US allegedly violating the privacy of an Italian citizen. The latter had found that his personal data had been published on the website […]

Understanding colored padlocks in websites

Date 03/02/2017.

You might have noticed that browsers have recently started to place symbols (colored padlocks) to grade the level of safety of the websites. Look at the web address: on the left, you will find symbols indicating the safety status. There are three types of symbols. Small green padlocks stand for secured websites, information or grey […]

Privacy Assistant for Android smartphones, an app helping to protect privacy online

Date 03/02/2017.

Carnegie Mellon University (CMU) developed Privacy Assistant, an app that uses machine learning to help users control the information that can be collected and used by mobile apps they install on their Android smartphones. It asks users a number of questions before recommending some possible changes to the permission settings. Privacy Assistant is available here. Follow […]

Conflict of interest under the recently issued WP29’s opinion on DPO

Date 02/22/2017.

Francesca Giannoni-Crystal and Cristina Vicarelli In Section 3.5 of Article 29 Working Party (WP29)’s Guidelines on Data Protection Officer (“DPOs”) (“Opinion”), the WP29 discusses the issue of conflict of interest for DPO. See here for more information on this opinion. The WP29 points out that while Article 38(6) GDPR allows a DPO to perform “other tasks and duties”, […]

Data Breach Class Actions dismissed for lack of injury-in-fact requirement

Date 02/22/2017.

On February 6, 2017, the Court of Appeals for the Fourth Circuit affirmed a district court judgement’s dismissal of two data breach class actions for lack of subject-matter jurisdiction: Plaintiffs failed to establish a non-speculative, imminent injury-in-fact identity theft after a 2013 and 2014 data breach. This was a consolidated appeal of veterans against William Jennings Bryan […]

Who should you appoint as a DPO? The legal/tech/organizational savvy unicorn?

Date 02/13/2017.

Article 37(5) General Data Protection Regulation (GDPR) does not list with particularity the professional skills that should be considered when designating the Data Protection Officer (“DPO”). It provides: The data protection officer shall be designated on the basis of professional qualities and, in particular, expert knowledge of data protection law and practices and the ability […]

DATA PROTECTION

Training