Archives: Data Privacy

Subscribe to Data Privacy RSS Feed

State of Connecticut Provides Guidance on Changes to Education Records of Transgender Students

The Connecticut State Department of Education (DOE) recently published guidance on implementing civil rights protections for transgender students. The guidance, in part, provides information on issues related to requests that a school change a student’s education records to be consistent with their chosen name and gender identity. Notably, the guidance recognized tension that may arise … Continue Reading

Federal Tax Treatment of Employer-Provided Identity Protection Services

In the wake of several recent high-profile security breaches, employers are increasingly viewing identity theft protection as an essential employee benefit for employees. According to Willis Towers Watson’s 2016 voluntary benefits and services (VBS) survey, identity theft protection, offered by 35 percent of employers in 2015, could double to nearly 70 percent by 2018. Recognizing … Continue Reading

To Travel With My Laptop …or Not!

Tricky decision to make if you are among the millions that travel for work…. how safe is it? Will the new “laptop travel ban” affect me? What airports am I connecting through that are of concern?  Is public Wi-Fi secure? Did that person just look over my shoulder (a.k.a. Shoulder Surfing) while I was opening … Continue Reading

Twitter Updates its Privacy Policy

Twitter recently announced updates to its Privacy Policy. The updates are effective on June 18, 2017. By using the social media platform on or after that date, Twitter users will be deemed to have agreed to these updates. The updates enable Twitter to collect more user data, including about a user’s visits from Twitter to … Continue Reading

Misconfigured Backup Server Exposes 7,000+ Medical Records

A misconfigured backup server hosted by medical records technology vendor iHealth Solutions resulted in exposure of over 7,000 medical records, some containing sensitive information. The records, involving patients seen at Bronx-Lebanon Hospital Center in New York, New York, between 2014 – 2017, include patients’ names, addresses, HIV status, mental health diagnoses and addiction histories, as … Continue Reading

Repeal of FCC Privacy Rules Sparks Concern in U.S. and Europe

The Federal Communications Commission (FCC) privacy rules required providers such as Comcast Corp. and AT&T Inc. to get subscribers’ permission before collecting and sharing their personal data. On April 4, 2017, President Donald Trump signed a congressional resolution rescinding those rules and sparking major concern both in the U.S. and Europe. Indeed, according to a … Continue Reading

Virtual Private Network (VPN) Providers: How Private Are They?

By Executive Order, the Trump Administration recently reversed an Obama Administration order aimed at protecting consumer’s personal information from use by their Internet Service Provider (ISP). ISPrior to the Trump’s EO, ISPs were required to get customer’s consent before using or selling their browsing habits, online shopping habits, financial information, etc. The reversal of Obama’s … Continue Reading

FCC Broadband Privacy Regulations Rescinded; States Consider Adopting Measures

As was expected, President Trump signed into law the rescinding of the broadband privacy regulations adopted in 2016 by the Obama administration’s Federal Communications Commission (FCC). The now rescinded regulations would have required internet service providers (ISPs) to obtain consent from a customer before using or selling the customer’s Web browsing history, app usage history, … Continue Reading

Congress, FCC Weigh Measures to Repeal ISP Privacy Rules

Last October, the Federal Communications Commission (FCC) approved new privacy rules governing how Internet Service Providers (ISPs) are permitted to use and share its customers’ personal information. The rules have been fiercely contested by telecom companies that contend they are being unfairly held to more stringent regulations than so-called edge providers (Google, Facebook, etc.), which … Continue Reading

House Bill Would Allow Employers to Require and Access Genetic Testing Results

House bill HR 1313, introduced by Representative Virginia Foxx (R-N.C.), proposes to allow companies to require employees to undergo genetic testing, then allow employers to see the results, and impose financial penalties on any employees who request to opt out of the requirement. The bill, which was before the House Committee on Education and the … Continue Reading

DOE and DOJ Withdrawl of “Dear Colleague” Letter Leaves FERPA’s Guidance Unresolved

On February 22, 2017, the Department of Justice (DOJ) and Department of Education (DOE) withdrew their May 13, 2016 “Dear Colleague” letter that provided guidance on steps to protect transgender students under Title IX of the Educational Amendments of 1972 (Title IX) as well as the Family Educational Rights and Privacy Act (FERPA). Although the … Continue Reading

Supreme Court Nominee Neil Gorsuch on Data Privacy

Last month, the President announced his nomination of Judge Neil M. Gorsuch—a federal appeals court judge—to the Supreme Court. Gorsuch must still go through Senate confirmation hearings before officially becoming the ninth justice in our nation’s highest court, but some are already discussing Gorsuch’s potential impact on cybersecurity, technology and privacy law. Gorsuch is better … Continue Reading

Los Angeles Community College Pays Ransomware to Retrieve Data

On December 30, 2016, the Los Angeles Community College computer network was kidnapped by cyber criminals requesting a ransom for its return. The ransomware encrypted the college’s entire network system, including email and voice mail systems. Rather than attempt to restore all of the data days before classes were to resume, on January 4, 2017, … Continue Reading

501(c)(3) Public Charities Subject to New Donor Disclosure Requirements in New York

Since 1958, when the Supreme Court held that the State of Alabama’s attempt to compel the NAACP to disclose its membership lists infringed on the members’ constitutional rights to freedom of speech and assembly, charities and donors have expected donor information to remain confidential. However, recent developments in New York have thrown that expectation into … Continue Reading

Global Privacy and Data Security in 2016 and 2017

In 2016, new privacy, cybersecurity and/or data security legislation passed or became effective in a number of countries, some adopting data security measures for the first time. Several countries adopted cybersecurity focused measures with criminal penalties, hoping to more effectively combat cyber-attacks. Other countries implemented or strengthened regulations on the collection and handling of their … Continue Reading

Top Ten Education Developments, Breaches, and Settlements of 2016

This year has been a busy year for education law in the area of data privacy. Educational institutions continue to be a rich target for hackers. Additionally, there were some important developments in the interpretation of Family Educational Rights and Privacy Act (FERPA) and the Telephone Consumer Protection Act (TCPA) as it applies to educational … Continue Reading

Report Urges Policymakers to Increase Protections for Consumer Data Collected through Wearable Devices

A 122-page report was published this week by American University and the Center for Digital Democracy that examines features, key players and trends that are emerging in consumer-wearable and connected-health devices–this includes watches, fitness bands, clothing and other products that are linked to app through mobile devices for management of heart rate, sleep patterns and … Continue Reading

Blippar App: Introducing Facial-Recognition Software for your Smartphone

Blippar, an augmented reality app, recently released its facial-recognition software which allows users to scan faces with their smartphones. The Blippar app makes it possible for people to scan faces (from print, TV or in real life) and learn the person’s name and other information. Co-Founder and CEO of Blippar, Ambarish Mitra, says, “Our facial … Continue Reading

Who Owns a Noise – Should Data Collected in a Public Space by a Private Company be Generally Accessible to the Public?

While law enforcement have access to new technology owned by third parties that assist them with protecting the public, questions arise as to who should own the data gathered by that technology. Sometimes, it is the technology provider itself which blocks public access to the data. For example, many police departments have contracted with ShotSpotter, … Continue Reading
LexBlog