Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Christopher Wolf

Posts by Christopher Wolf
Posted in International/EU Privacy

Why the U.S. Is Held to a Higher Data Protection Standard Than France

In a recent column for The New York Times, Nils Muiznieks, the top human rights official for the Council of Europe, warned that recent surveillance laws in Europe undermine fundamental rights for European citizens. Plus, an October 29, 2015, resolution of the European Parliament complains of an “obvious downward spiral” resulting from mass surveillance laws in the U.S. and Europe. That certain European countries have laws permitting mass surveillance is not news to lawyers who follow the matter. In a 2012 whitepaper, we highlighted the broad and sometimes unsupervised powers of intelligence agencies of certain European governments. As Muiznieks’s column states, intelligence agencies are getting more surveillance power, not less. France’s July 2015 surveillance law permits intelligence agencies to scan metadata of all citizens in order to detect suspicious patterns. Other European countries are also broadening surveillance powers to protect against terrorism.

Posted in Consumer Privacy

The Auto Industry Is Serious About Connected Car Privacy

An issue that has started to appear on the privacy agenda is privacy and the “connected car.” Automakers here in the United States have taken the lead on privacy, and have answers to many of the inevitable privacy questions. Late last year the major automakers voluntarily agreed to a set of privacy and data security principles that will regulate how automakers collect, use, and share information. No other industry in the “Internet of Things” ecosystem of which connected cars are a part has done as much or has gone as far as automakers. The automakers understand that without the trust of consumers, new technologies will not be as readily embraced. The Privacy Principles provide a strong basis for such trust.

Posted in Consumer Privacy

The Hidden Mini-Dissents in the Data Broker Report of Federal Trade Commissioner Wright

On May 27, the Federal Trade Commission issued a report on the data broker industry that found data brokers operate with a ”fundamental lack of transparency.” The commission unanimously recommended that Congress consider enacting legislation to make data broker practices more visible to consumers and to give consumers greater control over the immense amounts of personal information about them that are collected and shared by data brokers. Not well-recognized at the time were a number of concerns, mini-dissents if you will, expressed by Federal Trade Commissioner Josh Wright. I recently asked Commissioner Wright some questions about his “dissent by footnotes.”

Posted in Consumer Privacy, International/EU Privacy, News & Events

Commerce Department General Counsel Pushes Back Against EU Attacks on US Privacy

The US privacy framework is under attack from officials in the EU following revelations about NSA surveillance.  Yesterday, US Department of Commerce General Counsel Cameron Kerry delivered his valedictory address before his departure from his position next week, and focused both on the progress made by the Obama Administration in privacy and offered the strongest […]

Posted in International/EU Privacy, News & Events

EU VP Reding Uses PRISM as Lever to Push Enactment of Regulation and Questions EU-US Safe Harbor

Earlier today, in a brisk memo (reproduced in its entirety below), EU Vice President Viviane Reding called EU data protection reform “the answer to PRISM” and called PRISM a “wake-up call.”  She itemized the need for broad jurisdiction and enforcement, and stated that governments collecting data on EU citizens outside their territory never should obtain it directly from […]

Posted in Consumer Privacy

FTC Report Indicates That Almost One in Five Consumer Complaints Involves Identity Theft

This week, the Federal Trade Commission released its 2012 Annual Report of consumer complaints.  For the thirteenth year in a row, identity theft was the number one complaint category, underscoring consumers’ continued focus on identity theft concerns.  Identity theft complaints accounted for 18% of the overall complaints and far more than any other complaint category. […]

Posted in International/EU Privacy

European Commission Explains: “Where There is EU-wide Impact,” National DPAs May Be Superseded

The European Commission’s DG Justice recently issued an explanation of how the proposed “consistency mechanism”  in the General Data Protection Regulation will work, explaining that “the main innovations of the proposed [] Regulation relate to the institutional system it creates rather than to the substance of data protection law.”   In summary, the Commission explained that ” […]

Posted in Consumer Privacy

The FTC Revised COPPA Rule: Reflections After a Night to Sleep on It

Yesterday saw dozens of instant summaries of the Federal Trade Commission’s long- awaited revision to the Children’s Online Privacy Protection Act (COPPA) Rule, which becomes effective on July 1, 2013.  We took a night “to sleep on it,” in order provide not just a summary, but some focused comments about the impact of yesterday’s rule […]

Posted in International/EU Privacy

German Privacy Publication Features Hogan Lovells Piece on Proposed Data Protection Regulation

The German publication, Zeitschrift fur Datenschutz, has just published a piece authored by Christopher Wolf, director of the global Privacy and Information Management practice, entitled “A Critical Time for the EU Data Protection Regulation.” The article highlights issues that have been raised about the proposed Regulation, described as “real and substantial.”  The point of the piece is […]

Posted in International/EU Privacy, News & Events

US Government Tells EU: “We Are Adequate”

U.S. Ambassador to the European Union William E. Kennard spoke yesterday at Forum Europe’s 3rd Annual European Data Protection and Privacy Conference and called for a finding by the EU that the privacy protections in the United States are “adequate,” thus allowing cross-border transfers of personal data without separate legal mechanisms.  Canada, Uruguay and Israel are among the […]

Posted in International/EU Privacy

Video Interview: Discussing the International Conference of Data Protection & Privacy Commissioners with LXBN TV

Upon my return from Uruguay and the International Conference of Data Protection & Privacy Commissioners, I had the opportunity to speak with Colin O’Keefe of LXBN regarding the event. In the brief interview, I offer thoughts on how close the EU and US are when it comes to privacy law and other important subjects I saw covered […]

Posted in News & Events

Live Blogging from “The Public Voice” in Uruguay: WP 29 Chair Says Proposed EU Regulation is Not Tough Enough

At a meeting of civil society in Uruguay today, Article 29 Working Party Chair Jacob Konstamm decried the “fierce lobbying” by the US government and IT companies on the pending EU Regulation and spoke directly to the issue of the explicit consent requirement in the proposed Regulation; the definition of personal data; and the issue of purpose limitation.

Posted in Consumer Privacy

Supreme Court Takes Up Driver’s Privacy Protection Act Issue

The Supreme Court has granted review in a case under the federal Driver’s Privacy Protection Act (DPPA) where plaintiffs’ lawyers used a state FOIA statute to obtain targets for solicitation to become plaintiffs in a case against car dealers for allegedly excessive fees. The case presents a conflict between the prohibition against obtaining drivers’ records for marketing and the statutory permission to use the records in connection with litigation.

Posted in Consumer Privacy

Is There a Breach in the Dam Holding Back Damage Actions for Alleged Privacy Breaches?

Two recent federal cases alleging privacy violations in the mobile context have been allowed to proceed based on novel damages allegations. The long-standing presumption that mere exposure of personal data is insufficient for standing and damage actions may become irrelevant if plaintiffs are able to link the exposure to increased costs of device usage.

Posted in International/EU Privacy

Hogan Lovells Submits Comments on Proposed EU Regulation to UK Ministry of Justice

The United Kingdom Ministry of Justice is engaged in a consultation on the impact of the proposal of the European Commission for a Data Protection Regulation to replace the EU Directive and implementing legislation, and solicited submissions by 6 March. On 29 February 2012, Hogan Lovells held a session in London for clients where we sought and obtained views on the impact of the proposals made by the European Commission for a new Data Protection Regulation. Yesterday, the firm made a submission to the Ministry of Justice on the proposed Regulation. This document contains a distillation of our own observations and comments made to us by clients.

Posted in News & Events

Hogan Lovells to Moderate March 1 IAPP White House Privacy Framework Web Conference

The IAPP is presenting a webinar this Thursday, March 1 from 1 to 2:30 PM EST on the just-announced White House privacy framework. Speakers include one of the architects of the framework, Daniel Weitzner, Associate Administrator for Policy at the National Telecommunications and Information Administration in the Department of Commerce. Hogan Lovells’ Chris Wolf will moderate.

Posted in News & Events

Full Text of Administration Privacy Proposal Released; DAA Makes Browser Do Not Track Announcement

This blog entry contains a link to the full text of the Administration’s privacy proposal to be more fully unveiled later today at a White House event to which Hogan Lovells has been invited. Also here is news of the Digital Advertising Alliance announcement of a major Do Not Track initiative under which advertising networks will respect browser-based Do Not Track instructions.

Posted in News & Events

Firm Privacy Leader Testifies in US Senate on Video Privacy

Chris Wolf, co-chair of the Hogan Lovells Privacy and Information Management Practice today testified before the United States Senate Judiciary Subcomittee on Privacy, Technology and the Law at a hearing on “The Video Privacy Protection Act: Protecting Viewer Privacy in the 21st Century.” His spoken testimony is in this blog entry, and a copy of his written testimony is available through this post.

Posted in Consumer Privacy

Supreme Court Decision in Warrantless GPS Tracking Case Offers Little Guidance in Consumer Privacy Context

Sometimes Fourth Amendment cases (which by definition arise in a governmental context) have implications for consumer privacy law since the “reasonable expectation of privacy” analysis can be employed in both areas. Yesterday’s U.S. Supreme Court 9-0 ruling in United States v. Jones that the warrantless attachment of a GPS device to a car for monitoring purposes violated the Fourth Amendment offers little guidance in the consumer privacy context because the opinion for the Court did not rely on an “expectation of privacy” analysis.

Posted in International/EU Privacy

Announcement from European Commission on Comprehensive Data Protection Reform Coming Wednesday

Despite rumors of delay, the formal announcement of a proposed comprehensive reform of the data protection framework in the European Union is now set for this Wednesday, January 25 at 12:30 CET (6:30 AM EST). This blog entry contains a link to the videostream of the announcement, as well as a synopsis and link to a video of a speech on Saturday by EU Justice Vice-President Viviene Reding. The Commission’s Data Privacy Day video on personal responsibility to protect privacy also is linked to.