The fourth annual Global Privacy Enforcement Network sweep, which focused on Internet of Things devices, found that privacy communications in relation to such devices were generally poor and companies demonstrating good practice were in the minority. Here, we summarize and explore the key findings of the fourth annual GPEN sweep .
Part 4 of Future-Proofing Privacy: Justifying Data Uses – From Consent to Legitimate Interests. Currently, under the Data Protection Directive, each instance of data processing requires a legal justification – a “ground for processing”. This fundamental feature of EU data protection law will remain unchanged under the Regulation. However, the bar for showing the existence of certain grounds for processing will be set higher. This is especially true with regards to consent.
The Federal Trade Commission yesterday released its staff report on the Internet of Things. The report summarizes the FTC’s November 2013 workshop, “The Internet of Things: Privacy and Security in a Connected World,” and provides FTC staff recommendations in this area. Notably, the report also describes best practices for data security and data minimization, and reaffirms the FTC’s commitment to notice and choice principles. We provide below an overview of the staff’s recommendations and the concurring and dissenting views of Commissioners Ohlhausen and Wright.
On May 1, the Presidential Council of Advisors on Science and Technology released Big Data: A Technological Perspective. The report is billed as a technical accompaniment to the 90-day Big Data review performed by Presidential Counselor John Podesta and addresses “the nature of current technologies for managing and analyzing big data and for preserving privacy” and the evolving nature of those technologies. While the PCAST report, released to coincide with Counselor Podesta’s review, has received less media attention than the Podesta report, its findings may influence the Administration’s information-governance expectations of businesses.
The FTC today released a long-awaited but preliminary Staff Report that examines the status of privacy law and enforcement by the agency and proposes a framework for a greater consumer privacy protections in the products and services developed by businesses. The Report continues an examination of current privacy protections and raises a series of specific questions on which public input is requested.
A federal court in Hawaii is allowing a tort claim to proceed against a videogame maker for not warning a user that he could become addicted to the videogame and be a “joystick junkie”, notwithstanding the limitation of liability contained in the End User Licensing Agreement. This entry explores the implications of such a tort claim in the context of privacy notices and suggests a way to thwart such claims and at the same time better inform consumers.
With much of the privacy regulatory and policy world on vacation, Hogan Lovells partner and privacy group leader Chris Wolf took a few days outside of Washington to hear what people are thinking about where privacy law is going. This blog entry gives a brief overview of pii2010 in Seattle.