Hungary’s data protection authority, the National Authority for Data Protection and Freedom of Information (NAIH), recently issued a decision fining PepsiCo €5,000 for a data breach.
Can Employers Use Employee’s Posts to Social Media As Basis for Employment Decisions or Would This Violate an Employee’s Right to Privacy?
Generally, employees have a privacy expectation in their personnel files, contact information, and work related information. However, this expectation of privacy is not limitless, especially when the employee publically airs his or her work experiences on social media sites for the public to see.
At the end of 2013, the Federal Financial Institutions Examination Council (FFIEC) became the latest regulator to weigh in on social media and offered their final social media guidance. The proposed regulation was released last January (mentioned in our post here.)
COPPA: “Knowledge-Based Authentication” Method Approved by Federal Trade Commission for Child Privacy Law
The FTC has announced (press release) that it has unanimously approved the knowledge-based authentication method proposed by Imperium, LLC (“Imperium”) as a COPPA-compliant method of obtaining verifiable parental consent (“VPC”).
European Courts of Justice Rules Exceptions to Obligation to Notify Data Subjects of Processing Are Optional
The European Courts of Justice (ECJ) ruled in the case of Institut professionel des agents immobiliers (IPI) v. Englebert, E.C.J No. C 473/12, 11/07/13) that EU member states have the option, but not an obligation, to transpose the list of exceptions provided under Article 13 of the EU Data Protection Directive 95/46/EC, which allows for the collection and processing of personal data without notifying the data subject in the following limited necessary circumstances.
New Utah Attorney General Appointed and Sworn into Office
HHS Announces Settlement with Dermatology Practice for Potential HIPAA Privacy, Security and Breach Notification Rule Violations
On December 26, 2013, the Department of Health and Human Services (“HHS”) announced a resolution agreement and $150,000 settlement with Adult & Pediatric Dermatology, P.C. (“APDerm”), a private dermatology practice based in Massachusetts, following a security breach that affected approximately 2,200 individuals.
The Australian data protection authority, the Office of the Australian Information Commissioner (OAIC), has issued two sets of guidelines further to our previous blog analysing earlier guidelines issued on the Australian Privacy Principles (APPS) that will provide the framework for Australia’s Privacy Amendment (Enhancing Privacy Protection) Act 2012 scheduled to take effect beginning 12 March 2014.
Maybe its time for Americans to start taking sides on the issue of what their government ought to be spying on. While I have been no fan of Edward Snowden, I have also become no fan of the NSA.
The Privacy (Giving Privacy Commissioner Necessary Tools) Amendment Bill that would have given greater powers of control to the New Zealand data protection authority, the Office of the Privacy Commissioner (the DPA), has been blocked by a negative vote in New Zealand Parliament.