The Spanish data protection authority, the AEPD, has issued the first European cookie fine for the violation of Article 22.2 of Spain’s Information Society Services and Electronic Communications Law 34/2002 (Spanish E-Commerce Act), as amended by Royal Decree Law 13/2012 which implements the e-Privacy Directive (Directive 2002/58).
The ‘Future of the Cookie Working Group’, established by the International Advertising Bureau (IAB) in 2012, has published a white paper titled ‘Privacy and Tracking in a Post-Cookie World’, which addresses the limitations of the traditional cookie.
The ICO has had a busy January with some key updates to note for the start of 2014.
Triple-S, an insurance holding company and subsidiary of Triple-S Management Corporation, was notified by the Puerto Rican Health Insurance Administration (“HIA”) that HIA would pursue penalties against Triple-S for its alleged failure to properly respond to a breach of protected health information (“PHI”) involving 13,336 Dual Eligible Medicare enrollees (enrollees also eligible for Medicaid).
According to a Law360 report, Sony Units Denied Coverage For Suits Tied To Cyber Attack (subscription required), a New York state judge ruled last Friday in the Zurich v. Sony insurance litigation that the stealing of consumer information through a cyber attack did not constitute “personal injury” under a commercial general liability policy because third-party hackers and not the insured committed the offense.