Biometric Information Privacy Act: Lawsuits on the horizon?

Slowly but surely, tech companies are diversifying by moving into new and emerging markets, including the financial services. And, if legal departments are not involved at the get-go this could easily create some regulatory headaches. Could a new EU copyright law be the harbinger of a wave of lawsuits?

In January, the Supreme Court of Illinois held that a violation of the state’s Biometric Information Privacy Act (BIPA), is sufficient to confer standing - even without concrete evidence of harm.

Read More
SMBs fret about the cost of data privacy compliance

Will new U.S. data privacy laws prove to be too costly for small businesses?

Owners of small and medium sized businesses are deeply apprehensive about the true cost of compliance with new data privacy regulations, according to a recent survey.

Concerns range from a lack of budget to implement operational changes, and the impact on business growth, to the inability of start-ups to take off due to regulatory burdens.

If you are one of the 30 million+ businesses with fewer than 500 employees, that make a massive contribution to the U.S. economy, this article is for you.

Read More
New York: Amendment to Disclose Data to Law Enforcement

Facebook, Google and other big tech giants are about to face a 'reckoning,' state attorneys general warn

It would seem that the gloves are off, as some of America's most prolific attorneys general indicate their willingness to take on super-size tech companies, including Google and Facebook, as fears grow concerning mass collection of consumers' personal information.

Law enforcement officials across the U.S. agree that way too much personal data is being harvested and used in ways that increasingly puts peoples' privacy at risk and undermines competition.

Read More
Court reveals Facebook knew of data mining earlier than reported

According to a recent court filing by the Washington DC Attorney General, Facebook already had knowledge of Cambridge Analytica’s “improper data-gathering practices” several months before the Guardian newspaper first reported on them, back in December 2015.

The AG made the allegation while arguing against Facebook’s insistence that a document in the case be kept under seal. The social network argued that the document should be sealed because it contained commercially sensitive information.

Read More
Federal Privacy Law: Congress seeks answers on location tracking consent

At a Committee on the Judiciary hearing on March 12, lawmakers were seeking answers from witnesses on how companies profit from users' personal data. They also want to know whether consumers should be given more choice in the matter, as Congress considers a future federal privacy law.

One of the highlights of the hearing was when Google’s senior privacy counsel, Will DeVries crossed swords with Senator Josh Hawley, R-Mo, over whether users are fully aware of the extent of Google’s use of location tracking.

Read More
California: Can Facebook really become a privacy-friendly platform?

Would be naive to believe that Mark Zuckerberg built a social network that somehow morphed into what is basically a surveillance system?

Now, Zuckerberg has plans to reshape the company to provide messaging services that serve as “fortresses of privacy”.

Rather than simply being a network that connects people who want to ‘share’ their lives with the multitude, Facebook is aiming to get smaller groups of users to engage in encrypted conversations that cannot be read by Facebook, nor any other outsider.

But is this merely part of an effort to distract government regulators?

Read More
CFPB director faces scrutiny of privacy practices

Last Tuesday, March 12, the privacy practices of the Consumer Financial Protection Bureau (“CFPB”) came under the spotlight at a U.S. Senate hearing.

Probing questions were being asked about the CFPB’s structure and authority, as regulators and lawmakers focus their attention on consumer privacy and data security, both in the U.S. and further afield.

Suggestions that the Trump-appointed leadership is attempting to undermine the agency’s mission came to a head as Maxine Waters, who chaired a previous hearing, claimed the Trump Administration has “undertaken a sustained effort to destroy the agency”

Read More
Smart Cities in North America: How can Informed Consent work? (Part 2)

Part Two: The emergence of new technologies is promising to help local government better manage urban environments, as well as deliver services in more efficient and effective ways. But what of the cost of making these communities more sustainable, comfortable, and fair?

Living in a digitally connected “smart city” inevitably involves the collection and processing of large amounts of data - including citizens’ personal information. How will this impact the privacy of its residents?

In this second part, we look at how smart cities affect citizens’ privacy - and what can be done to minimize the risks to personal privacy.

Read More
Smart cities in North America: How will Informed Consent work? (part 1)

The emergence of new technologies is promising to help local government better manage urban environments, as well as deliver services in more efficient and effective ways. But about the cost of making these communities more sustainable, comfortable, and fair? 

Living in a digitally connected “Smart city” inevitably involves the collection and processing of large amounts of data - including citizens’ personal information.

So, what exactly is a Smart City? And how can it impact the privacy of its residents?

Read More
House Hearing dismisses GDPR and CCPA as models for Federal Data Privacy

As lawmakers consider the way forward for federal data privacy legislation, the sense of urgency appears to be ramping up, as states like California and Colorado prepare to launch home-grown consumer privacy laws in 2020.

Moreover, the rise in data breaches and privacy violations by big tech companies is refocusing the conversation in government circles, on the need to protect the personal information of U.S. citizens. Rather ironic, when you consider who knows more about individuals than any other organization.

Nonetheless, Congress continues to discuss and debate how to protect the population from corporate misuse of data and increasing privacy violations, with federal laws and enforcement.

Read More
California: New bill places restrictions on social media companies

A new Bill, introduced on 28 January 2019, will impose liability on social media companies to provide the option for users of their platforms to have all their Personally Identifiable Information (“PII”) permanently deleted from the company’s databases. Consumers’ PII must also be excluded from sale, once the user has closed their account.

The Bill supplements the California Consumer Privacy Act of 2018 (CCPA) but does not change existing obligations under the CCPA. Social Media companies are advised to pay close attention to the Bill as it progresses.

Read More
AG Announces $935,000 Settlement over Personal Information Breach

California’s Attorney General, Xavier Becerra, has recently announced a $935,000 settlement with health insurance company Aetna (“The Company”). In July 2017, the Connecticut-based company mailed out letters to 1,991 Californians, visibly revealing that the recipients were taking medication for HIV.

According to a news release issued by the Attorney General’s Office, the “incredibly sensitive information” was visible through an enlarged window on envelopes containing the confidential letters.

Read More
New York employer faces lawsuit over covert filming of medical examinations

The Port Authority of New York and New Jersey is accused of secretly filming employees' private medical examinations without their consent or knowledge.

A senior administration employee filed a class action lawsuit, alleging that she was secretly videotaped during a medical examination and, consequently her personal privacy was violated. The incident occurred in August 2016. The employee is suing for unspecified damages.

The video camera was reportedly fixed to the wall or ceiling in the room, suggesting that the recording was carried out with the full knowledge and approval of the employer. (evidently, the employer provided the employee with the recordings.)

Read More
Government watchdog finds weak enforcement of US privacy regulations

While some states work on developing local data privacy laws, politicians and lawmakers push for a federal regulation. According to a report published in this month (February 209), data privacy is not under government control. In the report, by the Government Accountability Office (GOA), a recommendation is made for the implementation of a federal internet privacy law, with serious consequences for companies that fail to comply.

Read More
Germany Orders Facebook to Cut Back its Data Collection Activities

As one of the biggest and most prolific U.S. tech companies, Facebook has certainly gained a lot of global attention during the past year or two, but not necessarily for the best reasons.

Germany has just ordered Facebook Inc. to pull back on its data gathering practices in Germany following a landmark ruling that the social network giant abused its market position to collect information about users without their consent.

Privacy concerns run deep in Germany, which is at the forefront of the global backlash against Facebook, stoked up by the Cambridge Analytica scandal last year, in which tens of millions of Facebook profiles were harvested without their users' consent

Read More
CCPA: Congress’ Model for Data Privacy - or Oblivion?

How often do lawmakers of both sides of the house, businesses and tech industry lobbies totally agree with each other? Well, they certainly appear to be united in their views that this session of Congress could be the best chance in years of passing effective data privacy legislation.

…but that’s not to say it has the best chance of success.

It is widely acknowledged that California’s development of a data privacy law, based on the European Union’s GDPR, has propelled members of Congress forward, to create a federal privacy protection regulation. And certainly, various scandals involving some of Silicon Valley’s biggest tech firms and the misuse of social media during the 2016 election, has given lawmakers the cover to take on tech giants.

Read More
Colorado Consumer Data Protection Law: Stronger and more challenging for businesses

In January 2018, lawmakers in Colorado introduced a radical new bill that requires “reasonable security procedures and practices” for the protection of Personal Identifying Information.

The legislation places a time limit for notifying the Attorney General and affected Colorado data subjects, in the event of a data breach. Last year, Colorado Governor John Hickenlooper signed the bill into law. In so doing, Colorado has joined California as a frontrunner in the race to strengthen existing data protection laws. The new law took effect as of September 1, 2018, introducing significant implications for Colorado based businesses and organizations.

Read More
CCPA Compliance: Maintaining security to combat increasing threats to privacy

It is widely acknowledged that 2019 will be a significant year for data privacy. Companies have less than 12 months to meet the new California Consumer Privacy Act (CCPA). There have already been record financial penalties issued, including the €50 million ($57 million) fine imposed on Google, under the General Data Protection Regulation (GDPR). Feedback from numerous businesses indicate they are taking data privacy laws extremely seriously. The latest Google example drives home the point that noncompliance means punitive fines and unwanted publicity

Read More
Peter BornerComment
California CCPA: New Rules Governing Businesses with California-based Employees

Is your company located in California? No? Then the California Consumer Privacy Act (CCPA) doesn’t affect you, right? Wrong. CCPA requirements will impact businesses both inside and outside of California.

Continuing our review of the California Consumer Privacy Act, we look at the effect of the CCPA on businesses that employ people who live in California.

The California Consumer Privacy Act was signed into law in June of last year and comes into effect in 2020.

Read More
More U.S. probes into Facebook’s data privacy practices

Facebook Inc. is once again the target of more state investigations into the alleged mishandling of consumers’ data, increasing the number of government agency investigations into alleged privacy violations against the company, according to a group of people familiar with the matter.

Facebook and other tech giants have been under pressure for over a year after it was revealed that British consultancy Cambridge Analytical acquired data on millions of U.S. users to target election advertising. That led to heads of several tech companies testifying before Congress last year.

Read More