The UK Information Commissioner's Office announces new rules for website cookies, which will normally require explicit user consent.
Dave, Scott and I recently spoke with Nymity about the Commercial Privacy Bill of Rights Act of 2011 introduced by Senators John Kerry (D-MA) and John McCain (R-AZ) last Tuesday. You can read the interview here. We provide a general summary of the bill and identify some of the key challenges organizations will face if the bill becomes law.
As we have previously reported on our blog, 2011 has seen a whirlwind of privacy enforcement activity. The FTC, NLRB, EEOC, HHS and FINRA have all taken privacy enforcement actions this year. This March, the FTC has announced privacy settlements with Chitika and Twitter.
On December 1, 2010, the Federal Trade Commission issued a preliminary report entitled "Protecting Consumer Privacy in an Era of Rapid Change, A Proposed Framework for Businesses and Policymakers". The report proposes a framework to balance the privacy interests of consumers with innovation that relies on consumer information to develop beneficial new products and services.
This post is Part Two in my review and discussion of some of the comments submitted in the response to the Boucher Bill privacy and data security legislation discussion draft. As in Part One, Part Two will describe and summarize at a high level some (but not all) of the issues identified by the commenters. Part Two covers comments submitted by American Business Media (ABM), which focuses on the Business-to-Business online information market; the Association of National Advertisers (ANA); the Marketing Research Association (MRA), an association of the survey and opinion research profession; the National Retail Federation and Shop.org (collectively, NRF); and the U.S. Chamber of Commerce.
As previously reported, in early May Reps. Rick Boucher (D-Va.) and Cliff Stearns (R-Fla.) introduced a discussion draft of proposed federal privacy and data security legislation. Reps. Boucher and Stearns sought comments on the discussion draft, setting a deadline of last Friday, June 4, 2010. Numerous organizations have submitted comments. This multi-part post will describe and summarize, at a high level, some (but not all) of the issues identified by the commenters.
Social networking entails some risks and responsibilities. It may implicate privacy and labor law, confidentiality and nondisclosure agreements, advertising regulations, defamation, and other legal regimes, across borders in a global medium. Users, and their employers, need to be aware of these risks and responsibilities in deciding how to make best use of social media.
In early May, Reps. Rick Boucher (D-Va.) and Cliff Stearns (R-Fla.) introduced a long anticipated "discussion draft" of a bill "[t]o require notice to and consent of an individual prior to the collection and disclosure of certain personal information relating to that individual." You have probably heard that industry and consumer groups alike are not happy with the discussion draft. What exactly is the Boucher Bill and what would it mean for almost every company engaged in the collection, use or disclosure of personal information (not just companies engaged in online behavioral advertising)? Following is a FAQ. Comments on the draft legislation are due June 4 (mark your calendars).
As some of you know, I tweeted my notes from the IAPP Global Privacy Summit 2010 yesterday and today (@Forsheit for those of you on Twitter). Since many of our readers are not on Twitter, I thought I would provide you with those notes here (minus the usual Twitter hashtags and abbreviations). Please note that there were multiple sessions, and this reflects only those I was able to attend, and only the information I could quickly record, putting virtual pen to paper. These are not direct quotes, unless specifically designated as such. Overall, I think it was a great conference, a wonderful opportunity to reconnect with other lawyers and privacy professionals, and to meet students, lawyers, and others looking to learn more about this constantly evolving legal and compliance space. For me, the conference highlight was Viktor Mayer-Schonberger's keynote this morning on The Virtue of Forgetting in the Digital Age. Without further ado, here are my notes. Would love to hear your thoughts/reactions.
This week, I will be providing short updates from the IAPP Global Privacy Summit in Washington, DC. The conference will be in full swing tomorrow, and I will report on various panels and topics of interest. In the meantime, as I prepare to see old and new friends at the Welcome Reception this evening, a few thoughts on what I expect to see and hear a lot over the next few days.
In honor of Data Privacy Day and its spirit of education, I thought it might be appropriate (and fun) to celebrate some (but certainly not all) of the A, B, Cs of Data Privacy. Would love to see your contributions, too!
Today's New York Times Media Decoder Blog features an "on-the-record" discussion with Federal Trade Commission chairman Jon Leibowitz and Bureau of Consumer Protection chief David Vladeck. The question presented: "Has Internet Gone Beyond Privacy Policies?" The FTC (and Congress, for that matter) continue to signal that change may be imminent in the world of online privacy policies and traditional notions of opt-out consent.