I’ve long been an advocate for fewer restraints on how the private sector responds to hacking attacks. If the government can’t stop and can’t punish such attacks, in my view the least it could do is not threaten the victims with felony prosecution for taking reasonable measures in self-defense.
HIPAA is an arguably well-intentioned privacy law that seems to yield nothing but “unintended” consequences. I put “unintended” in quotes because the consequences are often remarkably convenient, at least for those with power. I’m not sure you can call something that convenient “unintended.”
On July 23, 2014, the Massachusetts Attorney General announced a consent judgment with Women & Infant’s Hospital of Rhode Island (“WIH”) to resolve allegations that it violated federal and state information security laws when it lost backup tapes.
Businesses that think they know what privacy issues are on the minds of the state attorneys general (AGs) should be aware that AGs are being urged to take action, either on their own, or in concert with the FTC, on key cutting edge privacy issues. At a major meeting of state AGs this week at the Conference of Western Attorneys General, FTC Commissioner Julie Brill, one of the highlighted speakers at the event, emphasized the importance of the AGs’ role in privacy regulation, and encouraged AGs to collaborate and cooperate on privacy investigations consistent with FTC efforts.
In April, the Court of Justice of the European Union (‘Court’) declared Directive 2006/24/EC on the Retention of Data to be invalid, creating uncertainty for telecommunications operators across the region. In a controversial move by the UK Government, the Data Retention and Investigatory Powers Act 2014 (‘Act’) has been passed using emergency procedures.
In June, Facebook came under public scrutiny after it was revealed that the company carried out research in 2012 that manipulated the News Feeds of 689,000 users. Several regulators are now poised to investigate Facebook’s conduct.
Parents who are in conflict about issues relating to their children often raise the issue of access to records of the children’s mental health treatment. The New Hampshire Supreme Court has held that children have a right to privacy in their medical records and communications, and that mature minors may assert the privilege even against their parents.
Over the past decade, the EU has made significant technological and legal strides toward the widespread adoption of electronic identification cards. An electronic ID card, or e-ID, serves as a form of secure identification for online transactions – in other words, it provides sufficient verification of an individual’s identity to allow that person to electronically sign and submit sensitive documents such as tax returns and voting ballots over the Internet.
Consumers frequently reveal personal information about themselves through a variety of daily online and offline activities. For fashion designers and retailers, this consumer information represents a valuable tool to identify, target, and expand customer advertising and messaging.