PDPC Call Center Manager Discusses DNC, 2014 Provisions

(Jul 30, 2015) In an interview with DPO Connect, Calvin Lam, the Personal Data Protection Commission’s call center manager, discusses the two-year-old organization’s most common questions while clearing up misconceptions. The Do Not Call (DNC) registry sparks the most confusion, he explains, as folks erroneously “thought that their telephone numbers would be automatically registered on the DNC Registry.” Lam also touches on the 2014 Provisions. “Some organizations think that the appointment of a DPO is optiona... Read More

EDPS Weighs In on Trilogue Negotiations

(Jul 27, 2015) Not long after the Article 29 Working Party (WP29) let their feelings be known on the trilogue negotiations about the future of the EU’s proposed General Data Protection Regulation (GDPR), the European Data Protection Supervisor (EDPS), itself a full member of the WP29, has done them one better. Not only has the EDPS weighed in with its opinion on how the final draft of the GDPR should read, it has also released a downloadable app that expresses its opinion alongside redlined drafts of the GDPR ... Read More

Global News Roundup—July 20-27, 2015

(Jul 27, 2015) This week’s Privacy Tracker roundup highlights a controversial new antiterrorism law in Kuwait that would see mandatory DNA collection from all citizens, residents and visitors to the country. Also, Russia has passed a right-to-be-forgotten law, and Ireland is expected to pass a new law giving adopted individuals access to their birth certificates. In the U.S., another student privacy bill has been introduced while senators that have already proposed student privacy bills hope to work together to push a single bill forward. Also, there’s a new bill aiming to reform FISMA. The courts have also been busy deciding on Neiman Marcus, butt-dialing, a Florida healthcare privacy law and Facebook denying search warrants. Read More

25-Year-Old Sentenced to 13 Years in Court Ventures Breach

(Jul 16, 2015) A Vietnamese man has been sentenced to 13 years in prison for his role in a breach involving 200 million personal records from Court Ventures, a subsidiary of credit-monitoring firm Experian, IDG News Service reports. The Department of Justice said Hieu Minh Ngo, 25, was sentenced this week in the U.S. District Court of New Hampshire on charges including wire fraud and identity fraud. Ngo “tricked Court Ventures into giving him access to a personal records database by posing as a private investi... Read More

Do Not Track 2.0

(Jul 16, 2015) Earlier this week, the World Wide Web Consortium (W3C) announced another major milestone in the standardization of Do Not Track. Most notably, the technical mechanism will soon be certified for widespread implementation. While this progress is noteworthy, it’s also important to recognize that the W3C’s Do-Not-Track work has changed a lot in recent years. Originally, the goal was to get broad consensus between industry and advocates on a regime for limiting cross-site tracking at a user’s reques... Read More

Cooper: FTC Overreached in Nomi Case

(Jul 14, 2015) The Federal Trade Commission (FTC) case against Nomi Technologies is based on presumption and apples-to-oranges reasoning, George Mason University School of Law's James Cooper writes for The Hill. After Nomi failed to ensure that the tenets of its privacy policy and in-store marketing campaigns extended to its retailers, the FTC stepped in, using its “Policy Statement on Deception” (PSD) as its legislative rationalization, Cooper explains, writing, “Unfortunately … the commission appears to assu... Read More

Hospital Employees Charged Under PHIPA

(Jul 10, 2015) Three hospital employees have been charged under Ontario’s Personal Health Information Protection Act (PHIPA) “for snooping into former mayor Rob Ford’s medical records after he was diagnosed with cancer,” The Toronto Star reports. PHIPA came into force more than 10 years ago, the report states, noting if the employees are convicted, it will mark the first successful prosecution under the act. Court documents state Caroline Goodridge, Mohammad Rahman and Debbie Davison “all face charges under PH... Read More

ICO Investigations Announced

(Jul 9, 2015) The Information Commissioner’s Office (ICO) has launched multiple investigations, including one “into claims that charities are breaking data protection and privacy rules by targeting vulnerable people for cash and ignoring so-called ‘do-not-call’ lists,” The Telegraph reports. Information Commissioner Christopher Graham said, “These seem to be very serious allegations and it looks as if something has seriously gone wrong,” adding, “The question of interest for us is, are charities trading in li... Read More

Google Updates Privacy Policy After DPA Threatens Fine

(Jul 9, 2015) The Dutch Data Protection Authority (DPA) has announced Google “has improved its privacy policy” after the DPA threatened the company with a 15-million-euro fine, NL Times reports. According to the DPA, Google has “updated the information on its privacy policy and now also asks new users’ permission to combine their personal data throughout Google services,” the report states. The DPA has not required Google to pay the fine, but it “may still face a fine of up to five million euros if it does no... Read More

ICO Annual Report Discusses Increased Powers

(Jul 2, 2015) The Information Commissioner’s Office has released its annual report, and Information Commissioner Christopher Graham is reflecting on “the strengthening of his regulatory powers to show how the legislation continues to develop” toward greater data security as well as the impact of the now 10-year-old Freedom of Information Act. The Register reports that the total of fines issued by the ICO “has halved compared with last year—despite the watchdog receiving roughly the same number of compla... Read More