In the age of web-connected vehicles, the consumer’s relationship with the vehicle’s manufacturer takes on a whole new meaning. Not only does the relationship exist for the purpose of vehicle maintenance or future repairs, but the consumer also serves as a rolling information bank to the manufacturer. Indeed, nearly every new vehicle is by default … Continue Reading
As the myriad of Family Educational Rights and Privacy Act (FERPA) interpretation issues continues to cloud many educators’ understanding of what is permissible and not permissible under the statute, some assistance was recently provided by the U.S. Department of Education. The Family Policy Compliance Office (FPCO) advises that as with any other “education record,” a photo or video of a student … Continue Reading
Businesses are understandably focused this week on the looming effective date for the European Union’s General Data Protection Regulation (GDPR). For U.S. businesses, however, a proposed law closer to home would raise similar compliance burdens and create potential litigation risks. This November, voters in California will likely vote on whether to pass a ballot initiative, … Continue Reading
Facebook and the English data analytics firm Cambridge Analytica (CA) are facing intense scrutiny in response to numerous reports about the possible misuse of data of 50 million Facebook accounts. The data was originally collected through a third party personality test app and later reportedly improperly transferred to CA and/or its parent company Strategic Communications … Continue Reading
On March 16, David Carroll, a New York based American professor sued Cambridge Analytica (CA) in the U.K. courts, after the data analytics firm allegedly failed to respond to his request made pursuant to the U.K. Data Protection Act for his file of personal data held by CA, CA’s purpose for processing his data, and … Continue Reading
All privacy professionals, whether in the EU or the U.S., need to have an understanding of the implications of General Data Privacy Regulation (GDPR) compliance, particularly since the fines and penalties that could be imposed for non-compliance are intimidating. GDPR goes into effect on May 25, 2018, and many companies are struggling to become compliant … Continue Reading
The Federal Trade Commission (FTC) has approved its proposed settlement with Lenovo, Inc. over the installation of pre-installed advertising software called VisualDiscovery onto Lenovo laptops. According to the FTC, the pre-installed software “interfered with how a user’s browser interacted with websites and created serious security vulnerabilities.” The settlement requires Lenovo to not misrepresent the features … Continue Reading
On March 1, 2017, New York’s Cybersecurity Regulation (23 NYCRR Part 500)[1] became effective. The regulation is the first of its kind in the nation and requires certain companies, including banks, insurance companies and other financial services institutions regulated by the Department of Financial Services (“Covered Entities”), to have: a cybersecurity program designed to protect … Continue Reading
Last Thursday, the United States Supreme Court heard arguments in Carpenter v. United States. At issue was whether the FBI violated the Fourth Amendment when it obtained the cellphone location records of Timothy Carpenter. The FBI used these records to establish Mr. Carpenter’s whereabouts during time periods in which certain armed robberies occurred. The government … Continue Reading
The Federal Communications Commission’s (FCC) potential reversal of the Obama Administration’s ‘Net Neutrality’ rules have been a constant headline lately. Most media coverage goes to the core principals of net neutrality, including blocking, throttling and pay for priority of internet content; however, privacy is also a factor. Primarily, the FCC issued broadband privacy rules in … Continue Reading
As we approach calendar year end, traditionally the busiest period of the year for mergers and acquisitions, it is worth revisiting whether our existing competition law framework can and does properly assess the market power of big data. This spring, The Economist magazine joined the ranks of some antitrust regulators, particularly from the EU, in … Continue Reading
Every day it seems a new data security breach has occurred, a new “cyber hack” is in the news…making us run to our phones, computers, bank accounts, you name it, to see if we could be the “one” affected. As a result, more and more online transactions, websites, financial institutions, for work or personal, require … Continue Reading
Stating the obvious, college is one of the most important and expensive investments Americans make. In addition to tuition costs, from a consumer perspective, other factors should be important in deciding on a college, including graduate employment prospects, average student loan debt, and average number of semesters taken to complete a degree. If you were … Continue Reading
The Connecticut State Department of Education (DOE) recently published guidance on implementing civil rights protections for transgender students. The guidance, in part, provides information on issues related to requests that a school change a student’s education records to be consistent with their chosen name and gender identity. Notably, the guidance recognized tension that may arise … Continue Reading
On August 1, 2017, 32M, located in Wisconsin, is offering its employees the ability to have RFID chips implanted into their hands to make purchases at the company break rooms, open doors, use the copy machine and log on to their company computer. On top of that, the employer issued chip can store medical and … Continue Reading
In the wake of several recent high-profile security breaches, employers are increasingly viewing identity theft protection as an essential employee benefit for employees. According to Willis Towers Watson’s 2016 voluntary benefits and services (VBS) survey, identity theft protection, offered by 35 percent of employers in 2015, could double to nearly 70 percent by 2018. Recognizing … Continue Reading
Back in 2015, DeepMind, a Google company, signed a deal with the Royal Free NHS Foundation Trust. The deal allowed DeepMind access to 1.6 million patients health information as well as the ability to develop an app called Streams. The Streams app focus was to monitor patients with kidney disease and alert the right clinician … Continue Reading
Tricky decision to make if you are among the millions that travel for work…. how safe is it? Will the new “laptop travel ban” affect me? What airports am I connecting through that are of concern? Is public Wi-Fi secure? Did that person just look over my shoulder (a.k.a. Shoulder Surfing) while I was opening … Continue Reading
Twitter recently announced updates to its Privacy Policy. The updates are effective on June 18, 2017. By using the social media platform on or after that date, Twitter users will be deemed to have agreed to these updates. The updates enable Twitter to collect more user data, including about a user’s visits from Twitter to … Continue Reading
A misconfigured backup server hosted by medical records technology vendor iHealth Solutions resulted in exposure of over 7,000 medical records, some containing sensitive information. The records, involving patients seen at Bronx-Lebanon Hospital Center in New York, New York, between 2014 – 2017, include patients’ names, addresses, HIV status, mental health diagnoses and addiction histories, as … Continue Reading
The Federal Communications Commission (FCC) privacy rules required providers such as Comcast Corp. and AT&T Inc. to get subscribers’ permission before collecting and sharing their personal data. On April 4, 2017, President Donald Trump signed a congressional resolution rescinding those rules and sparking major concern both in the U.S. and Europe. Indeed, according to a … Continue Reading
By Executive Order, the Trump Administration recently reversed an Obama Administration order aimed at protecting consumer’s personal information from use by their Internet Service Provider (ISP). ISPrior to the Trump’s EO, ISPs were required to get customer’s consent before using or selling their browsing habits, online shopping habits, financial information, etc. The reversal of Obama’s … Continue Reading
Facebook says that someday ‘the password’ will be a distant memory. But for now, passwords are certainly necessary. However, Facebook has released a beta version of its Delegated Account Recovery software –a new way for social networks to be the backup security key when online consumers forget their password on different, non-Facebook websites and services. … Continue Reading
Earlier this month, Axon, the company formerly known as Taser, announced that it will offer a one year free trial of its body cameras and cloud storage to every police department in the United States. While controversy about the use of body cameras is making the news now, controversy about cloud storage for the data … Continue Reading
