Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: privacy

Posted in Consumer Privacy

FTC Reminds Broadband Providers of their Data Privacy and Security Obligations

The Federal Trade Commission recently submitted comments to the Federal Communications Commission in which it reminded broadband Internet service providers that they are subject to several data privacy and security laws enforced by the FTC. The FTC’s comments underscore why broadband providers – as well as their vendors and business partners – must keep a close watch on both FCC and FTC developments in the privacy and security space.

Posted in International/EU Privacy

EU Data Protection Supervisor’s Workshop Examines Role of Privacy in Merger Reviews and Competition Investigations

In a recent client alert, Hogan Lovells partners from the firm’s London and Washington, D.C. offices highlighted key takeaways for businesses following the European Data Protection Supervisor’s Workshop on Privacy, Consumers, Competition, and Big Data. The workshop, hosted by EDPS in the European Parliament in Brussels on 2 June 2014, discussed the technological advances and market for ‘big data’ analytics and the policy implications for the fields of data protection, competition and consumer protection of the rapidly expanding digital economy in the EU and in other regions, particularly the in US. Around 70 experts attended, including representatives from the European regulators and the US Federal Trade Commission.

Posted in Cybersecurity & Data Breaches, News & Events

Hogan Lovells Partner Testifies in US House of Representatives on Cybersecurity and Privacy

On April 25, Hogan Lovells partner Harriet Pearson testified before the US House of Representatives on the relationship between cybersecurity and privacy in business. The Subcommittee on Cybersecurity, Infrastructure Protection, and Security Technologies of the House Committee on Homeland Security held a hearing on “Striking the Right Balance: Protecting our Nation’s Critical Infrastructure from Cyber Attack and Ensuring Privacy and Civil Liberties” to examine existing privacy protections and learn more about potential improvements. Pearson first outlined several cybersecurity-related measures that may require access to personal information, and thus potentially implicate privacy concerns. Pearson then offered her views on steps business and government can take to incorporate respect for privacy into enhanced cybersecurity.

Posted in Privacy & Security Litigation

Limiting Litigation Risks from Privacy and Data Security Missteps

In Bloomberg BNA’s Privacy and Security Law Report, Hogan Lovells attorneys Des Hogan, Michelle Kisloff, and Chris Wolf have published an article addressing the increased litigation and regulatory risks that companies must address in the evolving privacy and data security landscape. After summarizing recent developments involving class actions and regulatory activities, the article offers guidance on how companies can reduce their financial and reputational exposure.

Posted in Consumer Privacy, News & Events, Social Media

FTC Releases Mobile Privacy Report and Announces Settlement with Mobile App Operator

Today the FTC released Mobile Privacy Disclosures: Building Trust Through Transparency, a report containing recommendations for the mobile industry.  The report encourages mobile app platforms to play a significant role in providing consumers with privacy-related information, devoting more pages to recommendations for platforms than it does for developers, ad networks, third-party service providers, and trade [...]

Posted in Employment Privacy, International/EU Privacy

The Spanish Constitutional Court Backs the Possibility of Accessing Private On-Line Conversations of Employees

The Spanish Constitutional Court has ruled against two company employees who claimed an infringement of their privacy right and their right to secrecy of communications, in a recent judgement from 17 December 2012, published in the States’ Official Gazette on 22 January 2013. The Constitutional Courts’ Decision 241/2012 (the “Decision“), is available (in Spanish) here: [...]

Posted in International/EU Privacy

French report recommends privacy tax

The French government released on January 18, 2013 a 200-page study prepared by Pierre Collin and Nicolas Colin proposing changes to international tax rules to take better account of value creation by digital firms. As a shorter term step, the report proposes that France create a tax that would affect all firms that create value [...]

Posted in Cybersecurity & Data Breaches, International/EU Privacy

French CNIL Publishes English Language Compliance Guides

France’s data protection authority, the Commission Nationale de l’Informatique et des Libertés (CNIL), released on November 14, 2012 English-language versions of its compliance guides for businesses. The first guide, “Methodology for Privacy Risk Management”, provides a step-by-step guide for identifying risks and prioritising remedial actions. The second guide, “Measures for the Privacy Risk Treatment“, provides practical guidance on [...]

Posted in International/EU Privacy

Blogging from Brussels: Key European Officials Discuss Changes to EU Text

Prominent European government officials provided up-to-the-minute perspectives on the proposed European data privacy regulation at this week’s IAPP Europe Data Protection Congress  in Brussels. The officials’ comments — summarized below –indicate how the proposal might evolve for the next steps in the policy process, which include the issuance of the European Parliament’s formal report on [...]

Posted in News & Events

Duke Law School Upcoming Protected-Privacy Data Conference to Feature Hogan Lovells Partner

Duke Law School is hosting the Protected-Privacy Data Conference on November 29–30, 2012, addressing a range of privacy issues including especially U.S. litigation conflicts between discovery and foreign privacy protections, secrecy, and blocking laws. The event is part of The Duke Conference: Bench-Bar-Academy Distinguished Lawyers’ Series. Hogan Lovells partner Chris Wolf will participate on two panels [...]

Posted in Consumer Privacy

California AG Sends Enforcement Letter to Developers of Popular Mobile Apps

On Tuesday, October 30, the California Attorney General Kamala Harris announced that her office has begun “formally notifying” mobile device application (“app”) operators that they are out of compliance with the notice provisions of the California Online Privacy Protection Act of 2003 (“CalOPPA”). The letters are a reminder that app developers and their partners should review their app data privacy and security practices and ensure that any apps collecting PII comply with the CalOPPA requirements, as well as other applicable Federal and state laws.

Posted in News & Events

Live Blogging from the 34th Annual Conference of DPAs and Privacy Commissioners: Prepared Remarks of Hogan Lovells’ Christopher Wolf at Opening Plenary Session

This blog entry contains the prepared remarks of Hogan Lovells Privacy and Information Management practice director Christopher Wolf on “Privacy and Technology in Balance” to be delivered at the opening plenary session of the 34th Annual Conference of Data Protection Authorities and Privacy Commissioners in Punta del Este, Uruguay.

Posted in Consumer Privacy, Cybersecurity & Data Breaches, International/EU Privacy, News & Events

Right To Be Forgotten and Data Security Featured in Research Conference on Communication, Information and Internet Policy

On September 22, scholars gathered at George Mason University to present research papers on the right to be forgotten, HTTPS security, accessing data in the cloud, and “option value” as applied to privacy choices. This blog entry summarizes the program and links to the insightful papers.

Posted in Consumer Privacy

Hogan Lovells Article in Inside Counsel Magazine: “The Risks of Neglecting Privacy”

Hogan Lovells privacy leader Chris Wolf has authored an article in Inside Counsel magazine, a journal providing insights for law department leaders. The piece is entitled “The Risks of Neglecting Privacy” and explains how privacy concerns likely will result in a stricter legal and regulatory framework, meaning that companies should act now to bolster consumer protection. This blog entry contains excerpts from and a link to the full article.

Posted in Consumer Privacy, Cybersecurity & Data Breaches

FTC Provides Guidance to (All) Mobile App Developers

Following up on a public workshop held earlier this year, today the Federal Trade Commission (FTC) issued a set of truth-in-advertising and privacy guidelines for mobile device application (app) developers. Titled “Marketing Your Mobile App: Get it Right From the Start,” the guidelines provide an overview of key issues for all app developers to consider.

Posted in Consumer Privacy, Cybersecurity & Data Breaches, Employment Privacy, Health Privacy/HIPAA

What the States Did on Their “Summer Vacation”: Enact New Privacy Laws

This summer, several states have enacted legislation addressing a broad range of privacy issues including data breach notification, health care privacy, employer access to employees’ and applicants’ social networking accounts, the collection of Social Security numbers, and telemarketing. We provide an overview of the recent privacy regulation developments in Vermont, Connecticut, Hawaii, New York, and Illinois.

Posted in International/EU Privacy

Hong Kong’s Privacy Commissioner Publishes Guidance Note on Personal Data Erasure and Anonymisation

Organisations in Hong Kong are required under the Personal Data (Privacy) Ordinance to erase personal data when the data is no longer required for the purpose for which it was collected.
The Hong Kong Privacy Commissioner for Personal Data recently has published a Guidance Note, entitled “Guidance on Personal Data Erasure and Anonymisation,” which is relevant to compliance under the Ordinance.

Posted in International/EU Privacy

CNIL Cloud Guidelines Address Controller vs. Processor Issues

The French CNIL’s new guidelines on cloud computing revisit the tricky question of whether a cloud provider is a data processor or a data controller under French data protection law. The CNIL’s guidelines contain seven recommendations for cloud customers, and a list of recommended contractual clauses. The CNIL points out that when the cloud provider is located in a non-European country “local government authorities can send requests to the provider to have access to the data.”