In the wake of a recent announcement by a major Dutch bank that it would start providing its customers with personalized advertisements based on their spending patterns, the Dutch Data Protection Authority (DPA) has sent a letter to all Dutch banks urging them to thoroughly review their direct marketing practices. The DPA specifically asked any bank contemplating the use of transaction data for direct marketing to reconsider. In its analysis, the DPA may have introduced a very onerous obligation to re-collect personal data for every single use.
The Information Commissioner’s Office has issued a £70,000 fine against Flybe and a £13,000 fine against Honda Motor Europe Ltd for breaching Regulation 22 of the Privacy and Electronic Communications Regulations by sending emails requesting individuals to update their marketing preferences.
On September 11, 2015, the Federal Communications Commission Enforcement Bureau issued citations to F.N.B. Corporation and Lyft, Inc., a ride-sharing service, for Telephone Consumer Protect Act violations pertaining to the marketing rules.
In the most significant change to HIPAA since the law was enacted, the Department of Health and Human Services issued an omnibus HIPAA regulation, which will require substantial operational changes for HIPAA covered entities and their business associates. Ten important changes are: Changes to the data breach rule will make more incidents reportable. Business associates are […]
The Supreme Court has granted review in a case under the federal Driver’s Privacy Protection Act (DPPA) where plaintiffs’ lawyers used a state FOIA statute to obtain targets for solicitation to become plaintiffs in a case against car dealers for allegedly excessive fees. The case presents a conflict between the prohibition against obtaining drivers’ records for marketing and the statutory permission to use the records in connection with litigation.
The UK’s data protection authority, the ICO, has issued a code of practice for online privacy. Although only advisory in nature, the code contains excellent information on what are viewed as “best practices” in the protection of personal privacy online. It should be of particular interest to businesses engaged in behavioural advertising, online sales and cloud computing. This blog entry summarizes and links to the code.
Details regarding the FTC’s recently released agenda for the first of three privacy round tables it will hold over the course of the next few months.
The U.S. Court of Appeals for the Ninth Circuit held on August 6, 2009 that standing for private plaintiffs under the CAN-SPAM Act is limited. Judge Richard Tallman, who authored the court’s opinion in Gordon v. Virtumundo, Inc., No. 07-35487 (Aug. 6, 2009, 9th Cir.), noted that this was the first case in which the […]