Privacy & Data Security

By Mark Young & Sam Jungyun Choi on June 25, 2019

On June 20, 2019, Keith Krach was confirmed by the U.S. Senate to become the Trump administration’s first permanent Privacy Shield Ombudsperson at the State Department. The role of the Privacy Shield Ombudsperson is to act as an additional redress avenue for all EU data subjects whose data is transferred from the EU or Switzerland to the U.S. under the EU-U.S. and the Swiss-U.S. Privacy Shield Framework, respectively. As Ombudsperson, Krach will be responsible for…

Data Protection Report

NT Analyzer Blog Series: Why So Many Cookie Policies Are Broken, Part I – HTML5 LocalStorage

By Steve Roosa (US) on June 25, 2019

Cookies Are One Piece of a Larger Puzzle There has been an odd preoccupation with cookies for some time now—to the exclusion of other forms of browser tracking, some of which are much more flexible and more robust in their data collection capabilities than cookies. Despite this fact, these other, non-cookie tracking technologies are often not referenced in privacy policies and cookie policies, even though they are used to “store information” and / or “gain…

Eye On Privacy

Texas Breach Law Will Change in 2020, To Require Attorney General Notification

By Liisa Thomas & Elfin Noce on June 25, 2019

New requirements to the Texas data breach statute, including a requirement to notify the Texas attorney general of a breach, are set to go into effect January 1, 2020. The legislation, signed by Texas Governor, Greg Abbot, on June 14, 2019, requires that the Texas attorney general be notified of a breach within 60 days. The AG notification is required only if 250 or more Texas residents are affected. The notification to the attorney…

Socially Aware Blog

Legislators Propose Narrowing § 230’s Protections, the Law that Gave us the Modern Internet

By Aaron Rubin on June 25, 2019

As we have frequently noted on Socially Aware, Section 230 of the Communications Decency Act protects social media sites and other online platforms from liability for user-generated content. Sometimes referred to as “the law that gave us the modern Internet,” Section 230 has provided robust immunity for website operators since it was enacted in 1996. As we have also written previously, however, the historically broad Section 230 immunity has come under pressure…

HL Chronicle of Data Protection

Now Available: Webinar – Operationalizing the California Consumer Privacy Act – Key Decisions and Compliance Strategies

By HL Chronicle of Data Protection on June 25, 2019

We have extensively covered the California Consumer Privacy Act, the first U.S. law comprehensively regulating the collection, use, and disclosure of general consumers’ personal information in the U.S. This important legislation poses significant compliance challenges for organizations that engage with residents of California, the world’s fifth largest economy.…

Privacy & Information Security Law Blog

European Commission Publishes Results of Surveys on One Year of GDPR Application

By Hunton Andrews Kurth LLP on June 25, 2019

To mark the GDPR’s one-year anniversary, the European Commission recently published the results of two surveys meant to illuminate the public’s awareness of the GDPR and its practical applications.…

Data Protection Report

ICO’s update report into adtech and real time bidding – a sobering read for participants in the adtech industry

By Lara White (UK) on June 25, 2019

Norton Rose Fulbright - Data Protection Report blog — Group of people using mobile devices with a mixture of mobile phones and digital tablets. There are a mixture of cultural and ethnic backgrounds. Close up with shallow focus.

On 20 June, the UK’s Information Commissioner (the ICO) published a report setting out its views on adtech, specifically the use of personal data in “real time bidding”, and the key privacy compliance challenges arising from it. In its report, which is a status update rather than formal guidance, the ICO acknowledges that this is a very complex area and that online advertising is key to the economic models of many online content providers. It…

Privacy & Information Security Law Blog

Senate Confirms Keith Krach; Will Serve as Ombudsperson for EU-U.S. Privacy Shield

By Hunton Andrews Kurth LLP on June 24, 2019

On June 20, 2019, the Senate confirmed Keith Krach as Under Secretary of State for Economic Growth, Energy, and Environment. The former DocuSign and Ariba CEO, nominated by President Trump in January of 2019, will function as the permanent ombudsperson for the EU-U.S. Privacy Shield agreement as part of his role, addressing complaints related to U.S. protection of EU data.…

Privacy Compliance & Data Security

Gizmodo on What the Hong Kong Protests Say About the Future of Privacy

By Odia Kagan on June 24, 2019

“The loss of privacy often seems like no big deal, a small price to pay for the convenience of the digital world. This is an all-too-common misunderstanding that can have grave consequences, as privacy invasions are often invisible, harms frequently only happen in the future, and they always affect some people more than others.” “In an increasingly datafied world, we need to future-proof the devices, services, and infrastructures we rely on to make sure they…

Steptoe Cyberblog

Episode 269: A McLaughlin Group for cybersecurity

By Stewart Baker on June 24, 2019

Our interview guests are Dick Clarke and Rob Knake, who have just finished their second joint book on cybersecurity, The Fifth Domain. We talk about what they got right and wrong in their original book. There are surprising flashes of optimism from Clarke and Knake about the state of cybersecurity, and the book itself is an up-to-date survey of the policy environment. Best of all, they have the courage to propose actual…