Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: marketing

Posted in Consumer Privacy

IAB Soliciting Comments on Draft Compliance Framework for Programmatic Advertising under the CCPA

On October 22, the Interactive Advertising Bureau, a media and marketing industry trade group, released for public comment the California Consumer Privacy Act Compliance Framework for Publishers and Technology Companies and accompanying technical specifications to implement the Framework. The draft Framework is designed to help Framework participants (including publishers and intermediaries) comply with the California Consumer Privacy Act by: (1) establishing a digital signal that Framework participants can use to communicate consumer requests to opt out of “sales” of personal information associated with digital advertising; and (2) supporting that signal with a standard contract designed to create service provider relationships between publishers and advertising companies after a consumer registers an opt out. The IAB is requesting comments, which can be sent to privacy@iab.com, by November 5, 2019.

Posted in International/EU Privacy

Dutch DPA: Banks May Not Use Payment Data for Marketing Purposes

In the wake of a recent announcement by a major Dutch bank that it would start providing its customers with personalized advertisements based on their spending patterns, the Dutch Data Protection Authority (DPA) has sent a letter to all Dutch banks urging them to thoroughly review their direct marketing practices. The DPA specifically asked any bank contemplating the use of transaction data for direct marketing to reconsider. In its analysis, the DPA may have introduced a very onerous obligation to re-collect personal data for every single use.

Posted in Cybersecurity & Data Breaches, Health Privacy/HIPAA

HHS Issues New HITECH/HIPAA Rule: Top Ten Changes

In the most significant change to HIPAA since the law was enacted, the Department of Health and Human Services issued an omnibus HIPAA regulation, which will require substantial operational changes for HIPAA covered entities and their business associates.  Ten important changes are: Changes to the data breach rule will make more incidents reportable. Business associates are […]

Posted in Consumer Privacy

Supreme Court Takes Up Driver’s Privacy Protection Act Issue

The Supreme Court has granted review in a case under the federal Driver’s Privacy Protection Act (DPPA) where plaintiffs’ lawyers used a state FOIA statute to obtain targets for solicitation to become plaintiffs in a case against car dealers for allegedly excessive fees. The case presents a conflict between the prohibition against obtaining drivers’ records for marketing and the statutory permission to use the records in connection with litigation.

Posted in International/EU Privacy

UK’s ICO Issues Code of Practice on Online Privacy

The UK’s data protection authority, the ICO, has issued a code of practice for online privacy. Although only advisory in nature, the code contains excellent information on what are viewed as “best practices” in the protection of personal privacy online. It should be of particular interest to businesses engaged in behavioural advertising, online sales and cloud computing. This blog entry summarizes and links to the code.

Posted in Consumer Privacy

Ninth Circuit Rules on CAN-SPAM Standing Requirements

The U.S. Court of Appeals for the Ninth Circuit held on August 6, 2009 that standing for private plaintiffs under the CAN-SPAM Act is limited.  Judge Richard Tallman, who authored the court’s opinion in Gordon v. Virtumundo, Inc., No. 07-35487 (Aug. 6, 2009, 9th Cir.), noted that this was the first case in which the […]