Until very recently, it was considered matter of course in a services agreement for any data disclosure or loss, regardless of cause, to be excluded from any and all limitations of the vendor’s liability. However, as data...more
As already stated in a previous blog post, on May 13, 2015, the Belgian Data Protection Authority issued a recommendation in which it expressed its concern about Facebook tracking users, non-users and logged-out users without...more
Even the French Data Protection Authority (CNIL – Commission Nationale de l’Information et des Libertés) can be sued for the violation of its own recommendations. Following is its recommendation regarding the anonymization of...more
One, of course, recalls the May 13, 2014 decision of the Court of Justice of the European Union (CJEU) on the “right to be forgotten”. As a result, the French Data Protection Authority (CNIL – Commission Nationale de...more
6/17/2015
/ CNIL ,
Data Protection ,
Data Protection Authority ,
Delisting ,
Domain Names ,
EU ,
France ,
Google ,
Notice of Intent ,
Right to Be Forgotten ,
Sanctions ,
Search Engines
More details continue to emerge about the cyber attack and data breach disclosed last week of the U.S. federal government’s Office of Personnel Management (OPM), and those details continue to get worse. While original reports...more
A few weeks ago, your humble blogger looked into how difficult it was for someone to crack encryption in light of debates on Capitol Hill about whether policies should be put in place to limit its strength. In March and May,...more
The redesigned account page does not offer any additional privacy or security options over those previously offered. Instead, it consolidates all of Google’s privacy and security settings, thus making it easier for a customer...more
This week, the social networking service Facebook quietly announced that it will begin making PGP encryption available for communications from Facebook to its users. While this step, in itself, is a small one not likely to...more
Earlier this month, fitness-tracking company Fitbit, Inc. filed a Form S-1 Registration Statement for an IPO of up to $100 million that exhaustively disclosed potential cybersecurity risks with respect to the personal data...more
A recent leaked draft proposal reveals the position of the E.U. Council as regards to the fines system that will come into force under the proposed new General Data Protection Regulation in the E.U. member states. The huge...more
Fast approaching is the June 1 expiration of certain provisions of the Patriot Act, including § 215 (codified as 50 U.S.C § 1861), which is the basis for the National Security Agency’s (NSA) bulk telephone metadata collection...more
BREAKING NEWS: Health insurer CareFirst BlueCross BlueShield disclosed today that hackers gained access to one of its databases, exposing personally identifiable information for approximately 1.1 million people....more
5/21/2015
/ Blue Cross ,
Blue Shield ,
CareFirst ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Insurance ,
Healthcare ,
Identity Theft ,
Information Technology
The U.S. Securities and Exchange Commission’s (“SEC”) Division of Investment Management (“Division”) recently released a Guidance Update (“Guidance”) highlighting the importance of cybersecurity for registered investment...more
Whether it’s in discussions of public policy or discussions of best practices, encryption is all the rage right now. ...more
The Information Technology Subcommittee of the Committee on Government Oversight and Reform of the US of House of Representatives last Wednesday held a hearing on encryption technology and potential US policy responses....more
Last week, in conjunction with the Criminal Division’s Cybersecurity Industry Roundtable, the U.S. Department of Justice released its “Best Practices” guide for preparing for and responding to a cyber incident....more
The English Court of Appeal has recently handed down a landmark decision confirming that an individual can recover damages under the UK’s Data Protection Act 1998 (the “Act”) for non-financial losses....more
The Federal Trade Commission (FTC) recently announced formation of its Office of Technology Research and Investigation (OTRI), an office meant to “ensure that consumers enjoy the benefits of technological progress without...more
While others were waiting for spring to arrive, community bank officers and directors were waiting for the Federal Financial Institutions Examination Council (FFIEC) to provide additional guidance on its cybersecurity...more
On March 23, 2015, Virginia Gov. Terry McAuliffe approved a social media password privacy bill (H.B. 2081) that limits employers access to employees’ and job applicants’ personal social media accounts....more
Shareholders are increasingly raising social and environmental issues in meetings. Nearly 40 percent of all shareholder proposals submitted in the first half of meetings in 2014 were related to social and environmental...more
NextEra recently acquired Hawaiian Electric Industries (“HEI”) in a transaction valued at $4.3 billion, subject to Hawaii Public Utilities Commission approval and approval by HEI shareholders. HEI shareholders will receive a...more