(Oct 6, 2015) Without doubt, Tuesday’s historic decision by the Court of Justice of the European Union (CJEU) invalidating the EU-U.S. Safe Harbor Agreement has ruffled a lot of feathers in the business community, while reenergizing privacy advocates in the EU and abroad. Now that the main agreement allowing the transfer of personal data between the two regions is essentially dead, what should privacy professionals be thinking and doing? Should privacy officers expect a knock on the door from a European data ... Read More

The Privacy Advisor

ECJ: Safe Harbor “Invalid”

(Oct 6, 2015) In a much-anticipated decision, the European Court of Justice (ECJ) was very straightforward in announcing that it has sided with Austrian law student Max Schrems, agreeing with his argument that the U.S. National Security Agency’s PRISM mass surveillance program, unveiled by Edward Snowden, makes the European Commission’s finding of U.S. adequacy for personal data transfer with the Safe Harbor mechanism “invalid.” Immediately, the privacy community began to react—including Schrems himself. “Truly, the ECJ could not have been more clear,” IAPP Publications Director Sam Pfeifle writes in this exclusive for The Privacy Advisor, which examines where the ECJ’s ruling leaves other Commission-generated findings for data transfer and what’s next. Read More

Daily Dashboard

What’s Next for the Schrems Case?

(Oct 6, 2015) So the Court of Justice of the EU has ruled Safe Harbor invalid. But what does this mean for the Schrems case now? In this report for The Privacy Advisor, Denis Kelleher says it’s possible the case will go back to the Irish High Court to hear arguments in the case, or, alternatively, the case could be settled following an investigation by Irish Data Protection Commissioner (DPC) Helen Dixon. But whatever happens, it’s sure to be complicated. “This investigation will face many challenges, not least that of trying to arrange for the amicable resolution of Schrems’ complaint against Facebook,” Kelleher writes. And, he notes, there’s also the possibility that laws will change before a DPC investigation is complete. Read More

Daily Dashboard

Baker, Cohn Interview Schneier at P.S.R. 15

(Oct 6, 2015) Last week during the IAPP and CSA Privacy. Security. Risk. 2015 conference in Las Vegas, NV, Steptoe & Johnson’s Stewart Baker and Alan Cohn interviewed security guru Bruce Schneier and delved into the latest developments and trends in the data protection realm. In addition to examining Advocate General Yves Bot’s opinion on the EU-U.S. Safe Harbor Framework, the three discussed Internet-of-Things security, the value of open source, the latest on China, the U.S. Office of Personnel Management hacks and the unique vulnerability found in biometric authenticators. Lawfare has more of the details and the complete podcast of this wide-ranging talk. Read More

Daily Dashboard

Apple Acquires Privacy-Sensitive AI Start-Up

(Oct 6, 2015) Bloomberg Business reports that Apple has acquired artificial intelligence (AI) start-up Perceptio, a company known for building AI systems on smartphones without having to share large quantities of user data. According to the report, Perceptio aims to run AI image-classification systems on mobile devices without the assistance of external data, fitting in with Apple’s goal of limiting customer data usage. Apple’s Colin Johnson said, “Apple buys smaller technology companies from time to time, and we generally do not discuss our purpose or plans.” Last week Apple said it had acquired a UK-based start-up specializing in technology that allows “Siri-like personal assistants” to carry on longer conversations with users. Read More

Daily Dashboard

T-Mobile Reviewing Experian Affiliation

(Oct 6, 2015) Following Experian’s announcement of a breach affecting 15 million T-Mobile customers, T-Mobile CEO John Legere has said he will "institute a thorough review” of the company’s affiliation with Experian, reports. Experian was "contractually obligated to abide by stringent privacy and security practices," the report states, noting Legere has said he takes "customer and prospective customer privacy very seriously. This is no small issue for us.” Legere also said “neither T-Mobile’s syst... Read More

Daily Dashboard

Wireless Industry Issues New Privacy Commitments

(Oct 6, 2015) The Wireless Association, based in Washington, DC, has issued a set of voluntary antitheft commitments for device manufacturers with the intent to protect user data while limiting the theft of smartphones, ABC News reports. Nearly 20 wireless providers have now agreed to implement an antitheft tool, either preloaded or downloadable, to remotely wipe user data in cases of smartphone theft. The agreement also states that phones made after July 2016 will provide users with tools to disable the antitheft technology and use one of their choice. According to the report, smartphone thefts are down 20 percent, likely from password protection. Read More

Daily Dashboard