(Sep 30, 2016) Peter Swire, CIPP/US, is a veteran of the privacy profession. He worked for the Clinton administration under the Office of Management and Budget, and was part of getting government agencies to draft privacy policies before privacy policies were commonplace. He was one of a very few privacy professionals in the government back in the day. In this episode of The Privacy Advisor Podcast, Swire discusses whether the Privacy Shield will survive in years to come, among other topics. Swire said if Euro... Read More
NY’s proposed cybersec regs have long reach
(Sep 30, 2016) New York state's long-awaited cybersecurity regulations for financial services companies, issued by the New York State Department of Financial Services on Sept. 13, will impose significant data and information security requirements on regulated financial institutions within its specific jurisdiction, but the regulations will affect more than just New York-based financial institutions. Richard Santalesa, CIPP/US, writes for Privacy Tracker that NYDFS' scope of regulated financial institutions is ... Read More
Video: Meeting the Challenges of the Cloud: Part one
(Sep 30, 2016) The dramatic growth in the use of cloud computing services by enterprises of all sizes and industries has created new challenges for corporate privacy and security officers. The economic and strategic benefits of the cloud are too great to forego. However, entrusting critical applications and sensitive data to third-party services requires careful review of vendor compliance with laws, regulations and standards. Balancing the benefits of the cloud with the fundamental requirements of privacy and... Read More
Irish DPC releases explanatory memo on Schrems case
(Sep 30, 2016) The Data Protection Commissioner of Ireland has released an explanatory memo on the ongoing litigation between Max Schrems and Facebook. “The purpose of this note is to explain the background to the case, the reasons why the DPC has taken the case and the current position in the High Court as of September 2016,” the memo states. “While the DPC does not seek any specific relief against Mr. Schrems or Facebook Ireland Limited, both of those parties were joined to the proceedings because the outcom... Read More
FTC denies LabMD’s appeal for a stay of agency’s final order
(Sep 30, 2016) The Federal Trade Commission has denied LabMD’s application for a stay of the agency’s final order, saying the company’s data security practices were “unreasonable and constitute an unfair act or practice that violates Section 5 of the Federal Trade Commission Act,” DataBreaches.net reports. While explaining its denial, the FTC pointed to four factors, including “(1) ‘the likelihood of the applicant’s success on appeal’; (2) ‘whether the applicant will suffer irreparable harm if a stay is not gr... Read More
Denham: UK should still adopt GDPR, despite Brexit results
(Sep 30, 2016) U.K. Information Commissioner Elizabeth Denham said the country should still adopt the General Data Protection Regulation, even after the results of Brexit, BBC News reports. Denham said, “I don’t think Brexit should mean Brexit when it comes to standards of data protection.” She continued, "The U.K. is going to want to continue to do business with Europe … In order for British businesses to share information and provide services for EU consumers, the law has to be equivalent. The U.K. was very ... Read More
Salesforce asks EU regulators to oppose Microsoft-LinkedIn deal, will work with regulators
(Sep 30, 2016) ZDNet reports Salesforce has made a request to the European Union to stop Microsoft’s acquisition of LinkedIn. The company argues the deal is anticompetitive, creates data privacy issues, and would give Microsoft an unfair advantage. “By gaining ownership of LinkedIn's unique dataset of over 450 million professionals in more than 200 countries, Microsoft will be able to deny competitors access to that data, and in doing so obtain an unfair competitive advantage,” said Salesforce’s Chief Legal Of... Read More
CNIL announces new cookie compliance inspections
(Sep 30, 2016) French data protection authority, the CNIL, announced in late July it would conduct a new series of inspections to ensure companies are complying with cookies laws, Bird & Bird reports. The next wave of inspections will look at the partners of publishers, including advertisers, social media networks, and audience measurement companies. The CNIL also said publishers cannot shoulder total responsibility for data protection and cookie compliance when the details of processing are created by the... Read More
