Proposed Law

Officials from both the Federal Trade Commission (FTC) and European Union (EU) recently called for enhancements to the Obama administration’s proposed Consumer Privacy Bill of Rights.

The White House’s
Continue Reading FTC and EU Are Critical of the White House’s Consumer Privacy Bill of Rights

It is midway through 2014 and there have been updates to four existing, and one new, state breach notification laws. Iowa and Florida have substantively amended their current breach notification laws, both of which went into effect on July 1, 2014, and Kentucky has become the 47th state to implement a breach notification law, which went into effect on July 14, 2014.
Continue Reading Updates on State Breach Notification Laws in First Half of 2014

In what amounts to a potential, unprecedented victory for consumers’ right to know how their personal information is used by businesses, the “Right to Know Act of 2013” (AB 1291) made further headway by being re-read and amended a second time on Monday, April 1st. As reported by Ars Technica, the Right to Know Act, which was introduced by California Assembly Member Bonnie Lowenthal, was the result of significant lobbying by the Electronic Frontier Foundation and the American Civil Liberties Union of Northern California.
Continue Reading California Legislature Advances Groundbreaking Privacy “Right to Know Act”

A standing room meeting organized by the Federal Trade Commission (FTC) in Washington on Monday, December 7th, highlighted a crucial divide in the discussion over the regulation of online privacy. The New York Times provides an excellent summary of the mainstream newsworthy aspects of the meeting.

While the take away may be that the FTC is taking a more serious look at online privacy and net neutrality, the reality is that any oversight is not going to happen anytime soon. Not anytime soon as in years, if ever. Policy making as the solution is not going to address any immediate concerns or problems.

What may be of more interest is the deep divide between the parties with a vested interest in the outcome of the discussion, namely, the consumer/consumer advocates and parties making money from information that may one day be regulated.
Continue Reading Online Privacy Regulation Comes Front and Center at FTC, and Will Quickly Fade

Governor Schwarzenegger vetoed the update to California´s landmark privacy protection law (AB 700), known as SB 20, which California’s State Legislature previously approved and we reported about here. SB 20 was proposed by State Senator Joe Simitian (D-Palo Alto).

The Office of Consumer Affairs and Business Regulations (OCABR) proposed revisions to the Massachusetts’ identity theft regulations, which would take effect on March 1, 2010. Citing a desire to undertake data security as “a risk-based approach that is especially important to small businesses that may not handle a lot of personal information about customers,” the OCABR emphasized that a business should assess the size and nature of the business, the kinds of records maintained and the risk of the business as an identity theft target when deciding its policies and procedures to handle personal information.
Continue Reading Identity Theft Regulations in Massachusetts May Get Small Business Friendly

The U.S. House of Representatives, referred to the House Committee on Energy and Commerce on April 30, 2009, continues to debate, revise and take testimony on a major piece of proposed federal legislation regarding privacy, the Data Accountability and Trust Act (H.R. 2221) (“DATA”).
Continue Reading Data Accountability and Trust Act: Federal Breach Notification, Data Security Policies and File Access Addressed