Australia passes controversial encryption law

(Dec 6, 2018) On Thursday, Australia's Parliament passed a bill mandating that technology companies assist the nation's law enforcement to bypass encryption in private messaging apps, Fortune reports. The Assistance and Access Bill will force companies to build so-called backdoors, "but only if the backdoors don't constitute 'systemic weaknesses' in the service's security," the report states. The bill will need royal assent, which, according to the report, is expected before Christmas. The Labor party had tri... Read More

Thune, Markey unveil stricter robocall legislation

(Nov 19, 2018) Sens. John Thune, R-S.D., and Ed Markey, D-Mass., have unveiled legislation aimed to crack down on robocalls, Reuters reports. The bill would give the U.S. Federal Communications Commission the power to impose fines up to $10,000 per call for any company found to have intentionally violated telemarketing rules. Carriers would also be required to install technology designed to verify whether incoming calls are legitimate before they reach citizens’ phones. “Existing civil penalty rules were desig... Read More

UK ICO updates investigation into use of data analytics in political campaigns

(Nov 6, 2018) The U.K. Information Commissioner's Office has issued an update to its long-running investigation into the use of data analytics in political campaigns and a report to Parliament. The scope of the investigation, which ICO Commissioner Elizabeth Denham told a U.K. Parliamentary committee was "unprecedented," has extended to 30 organizations and includes a forensic analysis of 700 terabytes of information. "Throughout our enquiries we found a disturbing disregard for voters’ personal privacy by pl... Read More

Pai urges telecommunication companies to stop 'robocalls'

(Nov 6, 2018) U.S. Federal Communications Commission Chairman Ajit Pai wrote a letter to 13 telecommunication companies about their efforts to stop “robocalls,” Reuters reports. Pai urges the companies to develop a system to stop the automated phone calls by 2019. The chairman called upon the companies to do so back in May, and his letter states the FCC seeks answers on those efforts by Nov. 19. The letter was sent to companies such as Verizon, T-Mobile, Alphabet, Sprint, CenturyLink and Charter Communication... Read More

Perspective: What Congress can learn from the GDPR and CCPA

(Oct 22, 2018) Congress recently held a brief series of hearings on consumer privacy, one with industry leaders and the other with privacy advocates and a European data protection authority. Part of those hearings examined lessons that could be learned from the EU General Data Protection Regulation and the California Consumer Privacy Act of 2018. Though these "laws constitute a sincere effort on the part of policymakers to empower consumers and update law for the digital age," MediaMath Vice President for Glob... Read More

Lessons from the GDPR and CCPA for Congress

(Oct 22, 2018) The United States Senate Commerce Committee, as part of a series of public hearings it is holding on privacy, heard the call for a new national data protection and privacy law from industry a few weeks ago. It heard it again more recently from privacy advocates. The conversation now is about the shape that law should take.  To inform that goal, the committee’s hearing with consumer advocates examined lessons learned from the EU General Data Protection Regulation and the new California Consumer... Read More

From PSR: Consent is major ePrivacy sticking point for EU bodies

(Oct 19, 2018) Only a few minutes into his breakout session yesterday, WilmerHale Cybersecurity and Privacy Practice Group Co-Chair Reed Freeman, CIPP/US, did not mince words on the current status of the ePrivacy Regulation. "The ePrivacy Regulation is a giant mess, it’s a bigger mess than the [California Consumer Privacy Act of 2018]," he said. "There is so much uncertainty about whether it is needed, what is required, and what is the process for all of this. Nevertheless, it is out there, and it might happen... Read More

Consent remains major ePrivacy sticking point for EU bodies

(Oct 18, 2018) Only a few minutes into his session at the IAPP Privacy. Security. Risk. conference in Austin, Texas, WilmerHale Cybersecurity and Privacy Practice Group Co-Chair Reed Freeman, CIPP/US, did not mince words on the current status of the ePrivacy Regulation. "The ePrivacy Regulation is a giant mess, it’s a bigger mess than the [California Consumer Privacy Act of 2018]," he said. "There is so much uncertainty about whether it is needed, what is required and what is the process for all of this. Neve... Read More

Therrien urges wireless providers to help fix SS7 vulnerabilities

(Oct 5, 2018) Within his Annual Report to Parliament, Privacy Commissioner of Canada Daniel Therrien calls for wireless network providers to help fix security vulnerabilities related to the SS7 system, CBC News reports. Therrien cited a report conducted by the CBC and Radio Canada where a hacker was able to exploit flaws within SS7 to intercept calls from a federal MP and track his location. Therrien notes European countries have already taken steps to address these issues, adding he has received “encouraging... Read More

Latest CJEU opinion may illuminate personal data risks

(Oct 3, 2018) The Court of Justice of the European Union ruled Oct. 2, 2018, that national authorities may access certain types of personal data from electronic communication providers in the course of a criminal investigation because it does not amount to a “sufficiently serious” interference with fundamental rights. The personal data at issue included surnames, forenames, and addresses. Collecting this personal information amounted to interference with fundamental rights enshrined in the Charter of Fundame... Read More