On October 25, 2016, the UK Information Commissioner’s Office (ICO) issued a revised code of practice and checklist on privacy notices, transparency and control. The code helps organizations required by the Data Protection Act 1998 (DPA) to “collect information about people, whether directly or indirectly” to provide transparent and accessible “privacy notices” to data subjects. The […]
IANA stewardship functions transitioned to private sector when on October 1, 2016, the contract ICANN-U.S. Government ended The Internet Corporation for Assigned Names and Numbers (ICANN) is a nonprofit organization responsible for coordinating maintenance and procedures of several databases related to the namespaces of the Internet. Basically, it coordinates unique identifiers across the world (users’ addresses), allowing […]
The authors highlight the main innovations brought by Regulation (EU) 2016/679 (General Data Protection Regulation, “GDPR”) to Directive 95/46/EC. The full text is available at http://www.whitecase.com…
On September 23, 2016, the European Data Protection Supervisor (EDPS) announced the intention to set up a Digital Clearing House to promote a more coherent enforcement of EU privacy rules. With Opinion 8/2016, Coherent enforcement of fundamental rights in the age of big data, the EDPS drew attention to the “concentration of market power and […]
The ICO published a guidance to help data controllers fully understand their obligations and promote good practice for the case in which the user of the device is not the data controller. Bring your own device (BYOD) raises a number of data protection concerns. Therefore: It is crucial that the data controller ensures that all […]
On September 23, 2016, Ronald Schwartz, a New York resident, filed a case and sought class-action certification on behalf of himself and other users against defendant Yahoo. According to the complaint, the Company “failed to adequately protect its users or itself from data breach”. The claim was filed after, on September 22, 2016, Yahoo issued […]
On July 14, 2016, the Second Circuit held that U.S. law does not authorize a warrant against a U.S.-based service provider for the seizure of e-mails stored in Ireland. In December 2013, a New York district court issued a warrant ordering Microsoft to produce all emails and private information associated with a certain account hosted by […]
On September 20, 2016, NYU Center for Cybersecurity hosted Follow the Money: Fighting Cybercrime in the Digital Underworld. The program was very engaging and the panelists brought to the table expertise in different fields to discuss the reality of cybercrime. Their conclusion was that cyber-criminals remain individuals motivated by money, hence the title of the lecture. Deterring […]
On September 13, 2016, Governor Andrew Cuomo proposed a new Cybersecurity Regulation to Protect Consumers and Financial Institutions. The first-in-the-nation proposal aims to protect consumer data and financial systems from cyber-attacks of terrorist organizations and other criminal enterprises. The Regulation requires banks, insurance companies, and other financial services institutions to maintain a cybersecurity program […]
On August 25, 2016, WhatsApp issued a statement informing its users that the application’s terms and privacy policy was updated, which was also a consequence of WhatsApp’s joining Facebook. Allegedly WhatsApp wanted to modify the privacy policy to allow users to “communicate with businesses”. WhatsApp notified all users –with the latest supported versions of the […]