U.S.

Breach Settlement First To Award Plaintiffs Who Aren’t ID Theft Victims
Health coverage company AvMed last week reached a $3 million data breach settlement that allows plaintiffs who didn’t suffer identity theft to claim funds. A report from Becker’s Hospital Review notes that it is the first breach case to extend payments to plaintiffs who were not victims of identity theft. “Settlements for data breach class actions have traditionally not extended payments to class members who have not experienced any fraud or identity theft. Here, though, that is exactly what the sides agreed to, whereby payments will be made to all class members who purchased insurance, even absent any fraud or identity theft,” states Reed Smith’s Global Regulatory Enforcement Law Blog.

Franken and Heller Reintroduce Bill on Surveillance Transparency
Sens. Al Franken (D-MN) and Dean Heller (R-NV) have reintroduced the Surveillance Transparency Act of 2013, Broadcasting & Cable reports. A hearing on the bill, which aims to increase transparency when it comes to government surveillance, will be held November 13. "The American public is naturally suspicious of executive power, and when things are done secretly, they tend to think that power is being abused," said Franken. The bill follows a letter written by 60 Internet companies and advocacy groups pushing the president and congressional leaders for transparency when it comes to government surveillance. Meanwhile, a law enforcement official recently said scrutiny over government surveillance threatens police use of technology to solve crimes.
Full Story

NSA Reform Bill Expected; Feinstein Backs "Total Review"
House and Senate lawmakers plan Tuesday on introducing legislation to limit the NSA’s surveillance powers, The Hill reports. The USA FREEDOM Act, written by Sens. Patrick Leahy (D-VT) and James Sensenbrenner, Jr., (R-WI), would end the NSA’s bulk collection of phone records, increase curbs to monitoring Americans, require quicker data deletion in cases of accidental collection and create a special FISA court advocate. Sen. Diane Feinstein (D-CA), who has consistently been a staunch defender of the NSA’s programs, has called for a “total review” of all intelligence collection programs after news that the U.S. allegedly spied on national leaders of allied nations—most notably German Chancellor Angela Merkel. The White House has also said there needs to be additional “constraints” on U.S. intelligence gathering to “better balance our security needs and the security needs of our allies against the real privacy concerns that we all share.” The House Intelligence Committee will hold a rare open hearing today, which will include the NSA director and other top intelligence officials.
Full Story

Surveillance Constitutionality May Be Tested in Court
CNET reports U.S. federal prosecutors “intend to use information gathered through the government's warrantless surveillance program in a criminal trial, setting up a possible court test of the constitutionality of such eavesdropping.” In a notice released late Friday, the Justice Department announced it will use "information obtained or derived from acquisition of foreign intelligence information conducted pursuant to the Foreign Intelligence Surveillance Act" in a  case against an alleged terrorist. A deputy legal director with the American Civil Liberties Union has described the filing as a "big deal" that "will undoubtedly set up a constitutional challenge,” the report states.
Full Story

Lawmakers To Reintroduce Kids' Tracking Act
Sen. Ed Markey (D-MA) and Rep. Joe Barton (R-TX) have announced plans to reintroduce the Do Not Track Kids Act, which aims to prohibit targeted advertising to kids younger than 16 and create an “eraser button,” reports The Hill. The lawmakers point to a recent study from Commonsense Media showing an increase in the number of children accessing media through mobile devices as an indicator of need for the act. “The Do Not Track Kids legislation would update COPPA for this new Internet ecosystem, establish new protections for the personal information of children and teens and ensure that parents have the tools they need to protect their children’s privacy,” they said. COPPA was recently updated to prevent the tracking of kids under 13 years of age.
Full Story

States Take Action Where Federal Gov't Hasn't           
State legislatures around the country have rushed to propose a new series of privacy laws, The New York Times reports. More than two dozen privacy laws have been passed this year in more than 10 states, incited by increasing privacy concerns about personal data and a lack of action by the federal government. State Rep. Jonathan Stickland (R-District 92) said, “Congress is obviously not interested in updating those things or protecting privacy. If they’re not going to do it, states have to do it.” State AGs concurred recently at the IAIPP Privacy Academy. The flurry of laws can be burdensome for tech companies trying to comply; however, federal law prevents states from interfering with interstate commerce, the report states. (Registration may be required to access this story.)
Full Story

Netflix Plaintiffs Say Settlement Doesn't Help Them
Netflix users are asking the Ninth Circuit Court of Appeals to vacate a settlement that would see the company donating millions of dollars to nonprofits, MediaPost reports. The users say the settlement doesn’t benefit them, stating they were affected by a privacy glitch in which Netflix allegedly held on to subscriber names after they had cancelled their memberships, a violation of the Video Privacy Protection Act of 1998. Netflix has denied violating the law but agreed to destroy the personal information and says the $9 million settlement is in line with privacy settlements by Facebook and Google. Editor’s Note:
Full Story

EU

Regulation Implementation May Come Sooner Than 2015 After All
EurActiv reports that the European Commission is prepared to ignore attempts to delay implementation of the proposed data protection regulation. Instead, the commission plans to push toward implementing the regulation by spring of 2014, despite conclusions adopted at the summit last week suggesting the regulation be introduced by 2015. Financial Times reports the vote’s delay until at least next year, should that come to pass, is an “important victory” for U.S. tech giants who will need the time to bolster their case for a watered-down version of the reforms while the heated climate surrounding U.S. surveillance revelations cools down.
Full Story

Message-Sender Successfully Appeals 300,000 GBP Fine
Christopher Niebel has successfully appealed a 300,000 GBP fine for sending spam text messages after challenging “whether the Information Commissioner's Office (ICO) was right to issue him with a fine for his part in what the ICO considered was a serious breach of UK privacy laws,” Out-Law.com reports. Niebel and fellow Tetrus Telecoms co-owner Gary McNeish were fined a combined 440,000 GBP by the ICO last year “for breaching the UK's Privacy and Electronic Communications Regulations (PECR) for engaging in unsolicited direct marketing activities.” However, an Information Rights Tribunal upheld Niebel’s appeal, ruling “insufficient damage or distress had been caused to recipients to merit the penalty being imposed,” the report states.
Full Story

ELSEWHERE

China Amends Consumer Protection Law
The Standing Committee of the National People’s Congress of the People’s Republic of China passed an amendment to the P.R.C. Law on the Protection of Consumer Rights and Interests, reports Hunton & Williams’ Privacy and Information Security Law Blog. The amendments will take effect on March 15 and include increased penalties for violations of consumer rights, a new rule on punitive damages and a ban of unauthorized disclosures of consumer personal information, among others.

Canadian Minister: Province To Address Gap
Saskatchewan Justice Minister Gord Wyant has said the government must address a "gap" in privacy protection for private-sector employees, The Regina Leader-Post reports. “We, like Ontario and the eastern provinces, have relied on the federal legislation with respect to privacy matters in the private sector," Wyant said. Referencing calls for change by Saskatchewan Information and Privacy Commissioner Gary Dickson, Wyant added “there's a little bit of a gap when it comes to that area.” To address the issues, he said, “We've consolidated all the labour legislation into one piece, and we think that there's a possibility of perhaps bringing some regulations forward under the employment act to cover off that issue.”
Full Story

Brazil To Consider Online Privacy Bill
Politico reports Brazil will take up an online privacy protections bill that business groups fear will stymie the free flow of data. The bill, to be considered by Brazil’s Chamber of Deputies this week, would create restrictions on how Internet service providers use Brazilians’ personal data and would require companies to build local data centers in order to do business in Brazil. “Global data flows rely on data centers dispersed all over the world,” wrote a group of 47 industry reps from the U.S., Brazil, Europe and Japan to Brazil’s National Congress. “Thus, in-country data storage requirements would detrimentally impact all economic activity that depends on data flows.” A vote could take place Monday.
Full Story