Data Law Insights

Data Law Insights

Legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery

Lisa Weinert

Subscribe to all posts by Lisa Weinert

Privacy & Cybersecurity Weekly News Update – Week of October 3

Posted in Cybersecurity / Data Security
FCC broadband privacy proposal; Potential challenge to FTC privacy enforcement power FCC to consider broadband privacy proposal On October 6, the Chairman of the Federal Communications Commission (FCC) issued proposed rules that would impose on broadband providers privacy regulations similar to those implemented and enforced by the Federal Trade Commission (FTC).  The proposal calls for… Continue Reading

Privacy & Cybersecurity Weekly News Update

Posted in Cybersecurity / Data Security, Health IT, Privacy
Hamburg DPA orders WhatsApp to stop sharing data with Facebook; GAO: HHS Needs to Improve is Digital Health Protection Rules; Notice and Choice Becoming Par for the Course for Interest-Based-Ads in Apps German Data Protection Authority of Hamburg orders WhatsApp to stop sharing data with Facebook On September 27, 2016, the Hamburg Commissioner for Data… Continue Reading

Privacy & Cybersecurity Weekly News Update

Posted in Cybersecurity / Data Security, Privacy
NHTSA Issues Voluntary Driverless Car Guidelines; European Privacy Supervisor proposes Digital Clearing House for coherent handling of Big Data cases; Facebook and Power Ventures Battle Over the Scope of the CFAA; Arizona Supreme Court: Police Cannot Search Unlocked, Unattended Phone; German consumer group urges Whatsapp to stop sharing data with Facebook; German DPA issues guidelines… Continue Reading

Privacy & Cybersecurity Weekly News Update

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Privacy
Privacy law meets antitrust – EU Commissioner Vestager on data in competition law; ECJ to rule on admissibility of Privacy class actions; Northern District of California Sends Yelp Privacy Suit to the Jury; EU Advocate General finds EU-Canadian PNR pact unlawful; New York Unveils New Cyber Security Rules for Financial Services Organizations; New Jersey Senate… Continue Reading

Privacy & Cybersecurity Weekly News Update – Week of September 12

Posted in Cybersecurity / Data Security, Privacy
    HHS Jumps on the Cybersecurity Information Sharing Bandwagon; Third Circuit on Economic Loss as a basis for Negligence Claim; FTC workshop on Ransomware; German draft implementing law for GDPR revealed. HHS Jumps on the Cybersecurity Information Sharing Bandwagon Because of recent news reports confirming that cyberattacks against healthcare agencies have increased 125 %… Continue Reading

Privacy & Cybersecurity Weekly News Update – Week of August 28

Posted in Cybersecurity / Data Security, Privacy
Bavarian DPA: fines under GDPR to be calculated based on revenues of whole company group; ICO publishes report on data security incident trends. Bavarian DPA: fines under GDPR to be calculated based on revenues of whole company group On September 01, 2016, the German Data Protection Authority of Bavaria (BayLDA) has announced that according to… Continue Reading

Privacy & Cybersecurity Weekly News Update – Week of August 21

Posted in Cybersecurity / Data Security, Privacy
ICO investigating into Facebook and WhatsApp Data Sharing Plans; Germany and France publish joint action plan against encryption; PrivacyShield now covering 200 U.S. companies. UK DPA investigating into Facebook and WhatsApp Data Sharing Plans The United Kingdom’s Information Commissioner (‘ICO’) is taking a closer look into WhatsApp’s plan to share more user data with parent… Continue Reading

Privacy & Cybersecurity Weekly News Update – Week of August 14

Posted in Privacy
First self-certifications accepted under Privacy Shield; EU Commission considers extension of telecommunication rules to apps. U.S. Department of Commerce accepts first bunch of self-certifications under Privacy Shield About 2 weeks after the announced start of the certification procedure under the “EU-U.S. Privacy Shield” (‘Privacy Shield’) on August 1, 2016, the U.S. Department of Commerce (‘DoC’)… Continue Reading

Privacy & Cybersecurity Weekly News Update Week of August 7

Posted in Privacy
EU Commission publishes first results of consultation of e-Privacy Directive; Irish DPA issues Guidance on Location Data. European Commission publishes summary report on consultation of e-Privacy Directive On August 4, 2016, the European Commission has published a first summary report on the public consultation on the evaluation and review of the e-Privacy Directive (Directive 2002/58/EC… Continue Reading

Privacy & Cybersecurity Weekly News Update – Week of July 31

Posted in Cybersecurity / Data Security, Data Breach, Health IT, Privacy, Social Media
‘Privacy Shield’ certifications possible since August 1, 2016; Hamburg DPA aims to challenge ‘Privacy Shield’; EU Court rules on applicability of EU privacy laws to online companies; Pokémon Go violating EU Privacy Laws?; Norwegian DPA criticizes ‘Facebook at Work’; Advocate Health to Pay Largest HIPAA Settlement Ever; FTC Overrules LabMD Dismissal; Banner Health Cyberattack Affects… Continue Reading

Privacy & Cybersecurity Weekly News Update – Week of July 24

Posted in Cybersecurity / Data Security, Data Breach, Privacy
Russians Hack Clinton Campaign System; FTC: LabMD Liable in Data Security Suit; EU Member States issue statement on Privacy Shield; NIS Directive published – Implementation into national law by May 2018; EU Data Protection Supervisor: e-Privacy directive should meet GDPR-requirements. Clinton Campaign Data Breach brings data security into 2016 campaign yet again On July 29,… Continue Reading

Privacy & Cybersecurity Weekly News Update – Week of July 17

Posted in Accessibility, Criminal Law, Cybersecurity / Data Security, Privacy
DOJ Proposes Workaround to Microsoft Ruling; United States Joins Irish Facebook Case; St. Louis Cardinals Scouting Director Sentenced to 46 Months; EU’s Advocate General Okays National Data Retention Laws; Data Protection Authority of Hamburg Becomes “Completely Independent”; 9th Circuit Suggests Password Sharing is a Federal Crime DOJ Seeks Legislative Circumvention of 2nd Circuit’s Microsoft Ruling… Continue Reading

Privacy & Cybersecurity Weekly News Update- Week of July 9

Posted in Admissibility, Cybersecurity / Data Security, Government Agencies, Information Management, Privacy, Rules, Social Media, Transnational Discovery
“Pokémon Go” Developer feels the heat over data collection; 2nd Circuit Ruling limits government’s access to data stored overseas; 9th Circuit CFAA Ruling increases Facebook’s control over its Users’ Data; Dutch Study reveals tension between EU Trade Deals and Data Protection “Pokémon Go” Developer in Hot Water over Extensive Data Collection Practices In early July,… Continue Reading

Privacy & Cybersecurity Weekly News Update- Week of July 3

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Health IT, Privacy
Article 31 Committee approves Privacy Shield; House Cuts FCC Funding Over Attempted Broadband Privacy Regulations; No Charges for Clinton in Data Security Probe; European Commission launches public-privacy partnership on cybersecurity; European Parliament adopts NIS Directive; Privacy Code of Conduct for mHealth app providers finalized; French parliament about to make French Privacy act more severe; Russia… Continue Reading

Privacy & Cybersecurity Weekly News Update- Week of June 26

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Health IT, Privacy, Social Media
Adoption of Privacy Shield expected in early July; Federal Court limits VPPA liability; Belgian Court overturns Facebook fine; FTC robocall crackdown; A rare HIPAA criminal conviction; UK’s ICO fines Brexit campaigners for mass text messages; House report calls for national encryption commission. European Commission expects adoption of Privacy Shield for beginning of July European officials… Continue Reading

Privacy & Cybersecurity Weekly News Update- Week of June 20, 2016

Posted in Cybersecurity / Data Security, Data Breach, Health IT, Internet of Things, Privacy
Brexit effect on EU and UK Privacy rules; EU and U.S. to strengthen ‘Privacy Shield’; Ponemon Study on Healthcare Data Security; Mobile ad provider fined for deceptive conduct FTC comments on the Internet of Things Brexit – what does it mean for EU and UK Privacy rules? On June 23, 2016, the population of Great… Continue Reading

Privacy & Cybersecurity Weekly News Update- Week of June 13

Posted in Cybersecurity / Data Security, Data Breach, Privacy
A victory for net neutrality; U.S. may join Irish Facebook Data-Transfer case; EU-U.S. Privacy Shield by early July?; French Data Protection Authority opens GDPR consultation; FTC addresses proposed TCPA changes; DOJ and DHS cybersecurity sharing guidelines. Federal appellate court upholds net neutrality The U.S. Court of Appeals for the D.C. Circuit upheld “net neutrality” rules… Continue Reading

Privacy & Cybersecurity Weekly News Update- Week of June 6

Posted in Cybersecurity / Data Security, Data Breach, Privacy
$1M Fine for Morgan Stanley Data Breach; German DPA Issues Data Transfer Fines; FTC Critiques FCC Privacy Proposal; New Contractor Cybersecurity Rules; Drone Operations Best Practices Morgan Stanley fined $1M for alleged failure to secure client data The U.S. Securities and Exchange Commission (“SEC”) and Morgan Stanley Smith Barney LLC (“Morgan Stanley”) reached a settlement… Continue Reading

Privacy & Cybersecurity Weekly News Update- Week of May 30, 2016

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Health IT, Privacy
EU-U.S. Agreement on Law Enforcement Data; European Data Protection Supervisor Criticizes Privacy Shield; House Members Criticize FCC Privacy Proposal; NHTSA Targets Automotive Cybersecurity; Yahoo Releases National Security Letters; CareFirst Data Breach Lawsuit Dismissed; FDA Guidance on Data Protection in Investigations EU and U.S. sign Umbrella Agreement on Law Enforcement Data On June 2, 2016, Vera… Continue Reading

Privacy & Cybersecurity News Update- 3 Week Summary

Posted in Cybersecurity / Data Security, Data Breach, Government Agencies, Internet of Things, Privacy
The Panama Papers Leak – An overview on histories’ biggest data leak; Article 29 Working Party about to release opinion on EU-U.S. Privacy Shield; EU: GDPR and PCJ DPD about to be approved next week – final consolidated text published by Council; US: New HIPAA Audit Protocol Released as a Guidance Tool for phase two… Continue Reading

EU DPAs Say Privacy Shield an Improvement but Needs Some Work

Posted in Government Agencies, Privacy
Uncertainty surrounding the U.S.-EU Safe Harbor (Safe Harbor) replacement, the EU-U.S. Privacy Shield (Privacy Shield), will remain for now. On April 13, 2016 the European Union (EU) Article 29 Working Party (WP29) comprised of all 28 EU member state data protection authorities (DPAs) announced its official but non-binding opinion on the European Commission’s (EC) draft… Continue Reading

Facebook Hit with French Data Protection Authority Action – Including a Safe Harbor Count

Posted in Cybersecurity / Data Security, Privacy, Sanctions
On February 8, 2016, the French Data Protection Authority (CNIL) publicly issued a formal notice to Facebook, following a joint investigation with four other EU regulators, asking the U.S. social network provider to comply with the French Data Protection Act within three months’ time. The notice (unofficial English translation available here), outlined several alleged violations… Continue Reading

EU Member States to Investigate EU-U.S. Transfers That Rely Solely on Invalidated Safe Harbor: Starting Now

Posted in Cybersecurity / Data Security, Government Agencies, Privacy, Sanctions
Certain European Union (EU) Member States’ data protection authorities (DPAs) have already started to announce investigations and or “prudential measures” for data transfers solely relying on the invalidated “U.S.-EU Safe Harbor Framework” (Safe Harbor). In the aftermath of the announcement of the “EU-U.S. Privacy Shield” (Privacy Shield), the Article 29 Working Party (WP29), comprised of… Continue Reading