FTC reaches settlement with Vulcun over app installation

(Feb 5, 2016) Technology firm Vulcun has reached a settlement with the Federal Trade Commission under charges that it unfairly installed apps on users’ phones without permission, potentially putting consumers’ privacy at risk, according to an FTC press release. The founders of Vulcun purchased a popular Google Chrome browser extension game with 200,000 users. Vulcun then replaced the extension with its own, bypassed the permission process in the Android operating system, and bombarded users with advertisement... Read More

Study: Companies uneducated, unprepared for GDPR

(Feb 4, 2016) A Computing study of mid- to large-sized organizations discovered that “just over half” were familiar with the General Data Protection Regulation, while 20 percent felt “well prepared” for its forthcoming mandates, the publication reports. Furthermore, only “a total of 44 percent were unaware or only vaguely aware of the new rules,” the report states. Twenty five percent confessed that they would “need to invest in new infrastructure or software to comply with the new rules,” with 53 percent “un... Read More

Top 10 operational impacts of the GDPR: Part 7

(Feb 4, 2016) The new General Data Protection Regulation put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December, is set to replace the Data Protection Directive 95/46/ec. Although many companies have already adopted privacy processes and procedures consistent with the Directive, the GDPR contains a number of new protections for EU data subjects and threatens significant fines and penalties for non-compliant data controllers and process... Read More

FTC, DoC answer Privacy Shield questions

(Feb 4, 2016) The U.S. Department of Commerce and FTC Commissioner Julie Brill provided new details about the EU-U.S. Privacy Shield late Wednesday afternoon and Thursday morning. The DoC, in an interactive Q&A, took to Twitter to answer questions on its role in the potential agreement, while Brill discussed the FTC’s role in a webcast interview with Information Technology and Innovation Foundation President Robert Atkinson. Specifically, Brill said the FTC won’t change the way it enforces privacy cases,... Read More

The Privacy Shield now faces an uphill battle

(Feb 4, 2016) On Tuesday, Vice-President Andrus Ansip and Commissioner Vera Jourová announced that the EU Commission had approved a political agreement on what will henceforth be known as the “EU-US Privacy Shield.” Over the coming weeks they will have to draft a fresh EU Commission adequacy decision to replace the previous “Safe Harbor” decision, which the Court of Justice of the European Union found invalid in Schrems. There is already speculation that the validity of this new decision will itself be challe... Read More

The FTC Casebook

(Feb 4, 2016) The FTC Casebook collects and provides access to more than 180 privacy and data security enforcement actions—full-text searchable, tagged, indexed and annotated.... Read More

Top 10 operational impacts of the GDPR: Part 7 - Vendor Management

(Feb 4, 2016) The new General Data Protection Regulation (GDPR), put forth by the European Commission in 2012 and finally generally agreed upon by the European Parliament and Council in December 2015, is set to replace the Data Protection Directive 95/46/ec. Once the GDPR is formally adopted by the European Parliament and Council and printed in the Official Journal of the European Union sometime this spring, it will be directly applicable in each member state and lead to a greater degree of data protection ha... Read More

Podcast: Making Sense of the Privacy Shield

(Feb 3, 2016) On Tuesday, the European Commission and U.S. Department of Commerce jointly announced a new data-transfer framework, the EU-U.S. Privacy Shield, to replace the invalidated Safe Harbor agreement. The Privacy Shield includes a new Federal ombudsman to oversee intelligence access to EU citizen data, a multi-step complaint resolution mechanism for EU citizens, and a number of other new provisions. But what does it mean for European and American companies that just want to transfer data while complyi... Read More

How sturdy is the Privacy Shield?

(Feb 3, 2016) Is there anyone in Europe who doesn't work for @EU_Commission and has something positive to say about #PrivacyShield? Rigour people, rigour! — Eduardo Ustaran (@EUstaran) February 2, 2016 The EU Commission and the U.S. have agreed on a new framework for transatlantic data flows, igniting a flurry of #SafeHarbor tweets, many skeptical and some incredulous, and prompting every law firm that’s ever looked at a data protection case to send out a client alert. But the alerts were fairly v... Read More

EU DPAs respond to Privacy Shield; BCRs are a go, for now

(Feb 3, 2016) Though the future of transatlantic data transfers continues to hang in the balance, one more clue was offered Wednesday afternoon in Brussels, with official word from the EU’s collection of data protection authorities on their assessment of the newly proposed EU-U.S. Privacy Shield arrangement. The head of the Article 29 Working Party (WP29) said during a press conference that the group “welcomed” the agreement but needed further documentation to assess its legality. “It is still only words fro... Read More