Tag Archives: data privacy

When is a Chair not a Chair? Big Data Algorithms, Disparate Impact, and Considerations of Modular Programming

The DESI VII Workshop titled “Using Advanced Data Analysis in eDiscovery & Related Disciplines to Identify and Protect Sensitive Information in Large Collections” was held on the Strand Campus of King’s College in London on June 12, 2017. DESI VII was particularly focused on privacy, and presented numerous papers that examined emerging protocols and novel … Continue Reading

FTC And ASUS Reach Settlement Over Risk To Consumer Privacy In ASUS-Branded Routers

To date, the U.S. Federal Trade Commission has brought over 60 enforcement actions regarding company data security practices, and 2016 is already no different. On February 23, 2016, the FTC and Taiwanese computer hardware manufacturer ASUSTeK Computer, Inc., settled the FTC’s charges that ASUS-branded wireless routers, which were manufactured for home use and allowed consumers … Continue Reading

Australia Introduces Draft Privacy Act Amendment Addressing Notification

In 2015, several countries introduced new data privacy regulations and approved new data protection regulators. As the year draws to a close, Australia joins the list of countries advancing new data privacy legislation with the Australian government’s recent release of a draft bill amending its Privacy Act to implement a new security incident notification framework. … Continue Reading

Trans-Pacific Partnership Would Promote Cross-Border Data Transfers and Restrict Data Localization

As U.S. and European regulators and businesses work toward solutions in the wake of last month’s decision by the Court of Justice of the European Union that invalidated the EU-U.S. Safe Harbor framework for cross-border data transfers – previously discussed here and here – the Trans-Pacific Partnership (TPP) trade agreement seeks to facilitate cross-border data … Continue Reading

2015 BakerHostetler Security Incident Response Report Provides Insight Beyond Technical Incidents

There is no longer a debate – security incidents are inevitable. Organizations are working to be better prepared to respond when the first sign of an incident is detected (often at 4:30 p.m. on a Friday). So what kind of incidents should they prepare for and how should they prepare? Annual reports from forensic investigation … Continue Reading

An Ounce of Prevention Is Better (and Cheaper) Than a Pound of Cure: It’s time for a data protection checkup.

We recently released the first BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our law firm advised on in 2014. The report shows that human error was the number one cause of data security incidents we worked on last year, with employee negligence responsible … Continue Reading

Data Security Risk Assessments

Editor’s Note: We recently launched a graphic illustrating our Cyber Risk Mitigation Services. This week, our attorneys will be writing about specific examples of those services. BakerHostetler lawyers have helped hundreds of businesses and other organizations respond to security incidents each year, many of which lead to regulatory investigations, class action lawsuits, or both. We see … Continue Reading

Congress Steps Up its Scrutiny of Data Brokers

In keeping with Congress’s heightened focus on privacy practices in the data broker industry, Senators Jay Rockefeller (D-W.Va.) and Ed Markey (D-Mass.) introduced a bill that would require increased transparency and accountability in the collection and sale of private consumer data.  Describing data brokers as operating a “shadow industry” with “very little scrutiny and oversight,” … Continue Reading

Massachusetts Follows California in Finding Retailers Vulnerable to Suit for Collecting Zip Codes in Credit Card Transactions

Earlier this month, the Massachusetts Supreme Court issued an opinion holding that zip codes “may well qualify” as personally identifiable information under the Massachusetts law controlling the treatment of PII in credit card transactions. The Massachusetts case echoes a 2011 ruling from the California Supreme Court which similarly held zip codes to be PII. Like the earlier California case, the … Continue Reading

International Compendium of Data Privacy Laws

Privacy and data protection issues confront all organizations—whether you handle employee information, credit card data, sensitive financial information or trade secrets. Securing data is a daunting task that is further complicated by cross-border transfer issues and the differences in privacy laws around the world. These laws are complex and can pose myriad and sometimes conflicting … Continue Reading

Congressional Update on Data Privacy & Security

The rumors of the death (or at least “dearth” — of activity) of the 112th Congress are somewhat exaggerated, to morph a phrase from Mark Twain; at least regarding the last couple weeks prior to the Independence Day recess. Not only did Congress pass major legislation related to the FDA, transportation programs and student loans … Continue Reading

Privacy Across Borders: Concerns Surfacing in Trans-Pacific Partnership

Opening markets and removing barriers to trade are touted by many in Washington, DC and well beyond as a cornerstone of economic expansion.  In the information age, ensuring the free flow of data across borders, and not simply goods and services, is increasingly important.  But just as problems can arise with differing foreign laws on … Continue Reading

SEC and CFTC Propose Identity Theft Prevention Rules

Reflective of an increased interest in data privacy concerns, on February 28, 2012, the Securities and Exchange and Commodity Futures Trading commissions jointly released proposed rules designed to protect investors from identity theft by mandating the creation of programs to detect potential security threats.  The proposed rules are meant to implement Title X of the … Continue Reading

White House Releases Consumer Online “Privacy Bill of Rights”

The Obama Administration today unveiled a report entitled Consumer Data Privacy in a Networked World:  A Framework for Protecting Privacy and Promoting Innovation in the Global Digital Economy.  A central component of the report, which is directed at improving online privacy protections, is a “Consumer Privacy Bill of Rights.”  The Consumer Privacy Bill of Rights … Continue Reading

Baker Hostetler Data Breach Emergency Response Team Launches Data Breach Hotline

After you learn of a potential data breach, the clock is ticking and potential liabilities are mounting. Quickly identifying the right team to guide your company through the complexities of the response is paramount. Baker Hostetler’s Privacy, Security & Social Media Emergency Response Team has launched a dedicated hotline so it can be reached at … Continue Reading

Focus on Behavioral Advertising, Part 2

Last week we reviewed recent tracking litigation.  As part of our ongoing focus on behavioral advertising, below is a summary of recent developments regarding Do Not Track legislation, industry self-regulatory efforts in the United States and abroad, and the FTC’s plan to update its Dot Com Disclosures guidelines.    FTC Commissioner J. Thomas Rosch, concerned with … Continue Reading

California Social Networking Privacy Act Stalls

California SB 242 (Social Networking Privacy Act), which we covered here, would require social networking websites to design default privacy settings that prevent information about a user from being displayed without affirmative consent from the user.  On May 27, 2011, the bill failed to receive enough votes to pass the California Senate.      The bill faced … Continue Reading

Kerry & McCain Release Commercial Privacy Bill of Rights

Senators John Kerry and John McCain introduced the Commercial Privacy Bill of Rights at a press conference today.  The stated purpose of the bill is to “establish rights to protect every American when it comes to the collection, use, and dissemination of their personally identifiable information (PII).”  According to a summary of the bill released by … Continue Reading

Catching Up on Cloud Computing

 If you are considering cloud computing and need to address related data privacy concerns, the articles discussed below provide an explanation of how cloud computing actually works to help you with your analysis.  The National Institute of Standards and Technology (NIST) recently revised its definition of cloud computing: “Cloud computing is a model for enabling … Continue Reading
LexBlog