On May 18, 2016, the European American Chamber of Commerce sponsored a discussion the EU-U.S. Privacy Shield Framework (Safe Harbor 2.0). The panel discussed the steps that brought to the agreement between the EU Commission and US Government. More information to this regard is available at http://www.technethics.com… The panel then discussed the key contents of the Privacy Shield. […]
On May 16, 2016, the Commission on Enhancing National Cybersecurity (“Cybersecurity Commission’) held an open meeting. The primary purpose of the meeting was to discuss the challenges and opportunities facing the finance and insurance sectors as the Commission develops detailed recommendations to strengthen cybersecurity in both the public and private sectors while protecting privacy, ensuring public safety […]
The Network and Information security (NIS) Directive – which was put forward in 2013 by the Commission and aims at increasing cooperation between member states and laying down security obligations for operators of essential services and digital service providers – still awaits for the European Parliament second reading. An informal agreement on the proposal was reached […]
On April 11, 2016, the European Commission opened a public consultation on the current text of the ePrivacy Directive (EU Directive 2002/58/EC on privacy and electronic communications). According to the EU Commission, following the adoption of the General Data Protection Regulation (GDPR, see here), the ePrivacy rules will also need to be reviewed. The Commission […]
Tennessee has modified its data breach statute. See here .Three important points: 1) the definition of data breach requiring notification now includes loss of encrypted data (not only unencrypted as before). Tennessee is first jurisdiction to provide this way; 2) the notification must be given to residents of Tennessee within a specific time limit: 45 […]
After the October 6, 2015, European Court of Justice’s annulment of the Safe Harbor decision of adequacy (Maximilian Schrems v. Data Protection Commissioner), the European Data Protection Authorities (DPAs) gave businesses until January 31, 2016, for the start of enforcement of the Schrems’ decision (see here). The Safe Harbor Scheme had been used for almost 15 years as the […]
On March 2, 2016, the Consumer Financial Protection Bureau (CFPB) brought its first data security enforcement action, acting as federal data security regulator to ensure that financial companies and service providers adequately secure consumers’ information. The CFPB, a federal agency – whose creation was authorized by the Dodd–Frank Wall Street Reform and Consumer Protection Act in […]
The Department of Justice has accessed the iphone of San Bernardino attacker Syed Rizwan Farook and therefore no longer needs Apple’s assistance to unblock the phone. In the San Bernardino attack, fourteen people were killed and 22 injured. The attackers died in a police shooting; their personal phones were destroyed, but Farook’s work phone survived. […]
According to a source, the Federal Bureau of Investigation (FBI) has revised its privacy rules on dealing with data that it receives from the National Security Agency (NSA) regarding Americans’ international communications (international emails, texts and phone calls). This is the so called “Section 702 data” because it is collected by the NSA under the […]
On March 10, 2016, the Federal Communications Commission (FCC) Chairman Tom Wheeler circulated a Notice of Proposed Rulemaking (NPRM) regulating how broadband Internet service providers can use and share customer data. According to a Fact sheet that the FCC released and that summarizes the NPRM, the proposed rules deal specifically with consent to use/sharing of data, breach notification […]