Employers receive last-minute reprieve from the most onerous CCPA compliance obligations

(Sep 17, 2019) Just hours before California’s 2019 legislative session ended Sept. 13, the California Assembly approved Assembly Bill 25 that, if enacted, would substantially narrow the application of the California Consumer Privacy Act to employers. Understanding the contours of these limitations is critical for employers as they prepare to comply with the CCPA before it goes into effect Jan. 1, 2020. What personal information does AB 25 exclude from most aspects of the CCPA? The CCPA generally applies to a... Read More

Recently approved AB 25 narrows application of CCPA to employers

(Sep 17, 2019) Just hours before California’s 2019 legislative session ended Sept. 13, the California Assembly approved Assembly Bill 25 that, if enacted, would substantially narrow the application of the California Consumer Privacy Act to employers. Understanding the contours of these limitations is critical for employers as they prepare to comply with the CCPA before it goes into effect Jan. 1, 2020. In a piece for Privacy Tracker, Littler Mendelson Shareholders Philip Gordon, Kwabena Appenteng, CIPP/E, CIPP... Read More

Gujarat installs facial-recognition tech in 40K schools

(Sep 12, 2019) The Hindu reports Gujarat, India, has added facial-recognition technology in 40,000 schools for attendance monitoring. Chief Minister Vijay Rupani said the technology will be used to help limit teacher absenteeism and is likely to be installed with other government agencies soon to do the same for government employees. Teachers are concerned about the tech's privacy, but Education Secretary Vinod Rao denied that any data collection would be shared with other government agencies or third parties.... Read More

Trump administration appeals privacy ruling that affects 21.5M federal employees

(Sep 10, 2019) The U.S. Department of Justice is appealing a ruling by the Court of Appeals for the District of Columbia Circuit that could potentially provide payments to 21.5 million federal employees as a result of a data breach, The Washington Post reports. The breach occurred at the Office of Personnel Management and affected federal employees, as well as anyone who has undergone a background check since 2000. The breach was first revealed in June 2015. The court found the “OPM had failed to protect the d... Read More

ICO clears ex-MPS officers in personal data case

(Sep 5, 2019) The U.K. Information Commissioner’s Office cleared two former Metropolitan Police Service officers of charges of unlawfully retaining and disclosing personal data. The investigation launched after the ICO received a referral from the MPS, and after it received advice from its external legal counsel, the agency announced it would not take formal regulatory action. The ICO investigation took place under the Data Protection Act 1998. The ICO advises organizations that hold any form of personal info... Read More

Release of CCTV footage stirs privacy concerns in Pakistan

(Sep 5, 2019) A Pakistani cinema is receiving backlash for releasing sensitive closed-circuit TV surveillance footage of customers, Samaa Digital reports. Such invasions of privacy have allegedly taken place in the past, but this is the first instance of citizens speaking out against the improper practices. Privacy advocates are suggesting various actions should be taken to ensure privacy, including adding non-disclosure agreements to tickets or improving general Pakistani privacy rights. "[There is] no accou... Read More

Calif. Supreme Court expands rules on police officer disclosures

(Aug 27, 2019) Police officers will see their right to privacy lose weight in court cases following a decision by the California Supreme Court, CBS San Francisco reports. Justices overruled a lower court decision that the Los Angeles County Sheriff’s Department was prohibited from giving prosecutors the names of deputies accused of improper conduct. California has previously been tight on officer privacy, but a new law requires more public disclosure of police misconduct. Law enforcement unions have been unsuc... Read More

Yukon privacy commissioner rules PSC correctly handled access-to-info request

(Aug 16, 2019) Yukon Information and Privacy Commissioner Diane McLeod-McKay ruled the Public Service Commission correctly handled an access-to-information request, Yukon News reports. An applicant sought information about a PSC employee from between Nov. 20, 2017, and June 30, 2018. The PSC refused to confirm or deny the existence of the records under Section 13(2)(c) of the Access to Information and Protection of Privacy Act, a decision McLeod-McKay found to be the correct one. “Looking at the [ATIPP Act] as... Read More

Two arrested for Revenu Québec employee data breach

(Aug 9, 2019) A pair of individuals have been arrested after it was discovered one of them transferred the information of 23,000 past and current Revenu Québec employees outside of the organization, CBC News reports. An employee who had access to the information sent the data, however, the agency said it was not used for malicious purposes, nor was it sold to third-parties. The compromised information included names, social insurance numbers, dates of birth and salary data. Revenu Québec said personal data wi... Read More

Greek DPA issues 150K euro fine for GDPR violations

(Jul 31, 2019) The Hellenic Data Protection Authority fined PricewaterhouseCoopers 150,000 euros for alleged violations of the EU General Data Protection Regulation. The DPA found PwC did not process the data of its employees in a compliant manner. PwC managed to obtain consent in order to process its employees’ information; however, the DPA determined it was not freely given by the staff members as it was “intended to carry out acts directly linked to the performance of employment contracts.” The agency has g... Read More