France Wants EU Data Privacy Rules to ‘Balance’ U.S. Web Giants’ Power

Sam Schechner, WSJ Digits,  Monday, December 08, 2014

Speaking Monday at a conference in Paris organized by France’s data-protection agency, Mr. Valls said that France supports a tough new data-protection regulation currently being debated at a European level. The new regulation, which has been under consideration for years, is making progress toward a possible adoption next year. “We cannot let personal data-harvesting and exploitation develop in the absence of all rules,” Mr. Valls said. “Democratic values must prevail in the digital world. The law must apply.”

European Privacy Debate on Display in Paris

Mark Scott, New York Times,  Monday, December 08, 2014

European Union policy makers are demanding greater controls over how companies like Google and Facebook use personal information. At the same time, others would like to use those same laws to help European companies compete against their American rivals as a way to jump-start a sluggish economy.

European Action Focuses Debate On Right To Be Forgotten

John Simpson, Consumer Watchdog,  Friday, December 05, 2014

Recent action by the 28 privacy regulators in Europe is focusing new attention on the so-called “right to be forgotten.” The right is the topic this week at U.S. News and World Report’s Debate Club where I make the case that the right simply brings into the Digital Age the protections of privacy by obscurity.

Europe’s next privacy war is with websites silently tracking users

Samuel Gibbs, The Guardian,  Friday, November 28, 2014

The pan-European data regulator group Article 29 has issued new opinion on how websites and advertisers can track users and the permissions they require. The new opinion dictates that “device fingerprinting” – a process of silently collecting information about a user – requires the same level of consent as cookies that are used to track users across the internet. “Parties who wish to process device fingerprints which are generated through the gaining of access to, or the storing of, information on the user’s terminal device must first obtain the valid consent of the user (unless an exemption applies),” the Article 29 Working Party wrote.

As NSA reform dies, questions about Safe Harbour reform loom

Jonathan Brandon, Business Cloud News,  Thursday, November 20, 2014

The USA Freedom Act, which was proposed in a bid to end mass surveillance and give more transparency and oversight to how digital communications are monitored by the US intelligence community, died on the floor of the US Senate this week, falling just two votes shy of the 60 votes it needed to pass. Some analysts believe the result will stoke further debate around Safe Harbour and other data sharing agreements with the US.

Lawsuits for HIPAA Violations and Beyond: A Journey Down the Rabbit Hole

Daniel J. Solove by Daniel Solove, TeachPrivacy
Monday, November 17, 2014

At first blush, it seems impossible for a person to sue for a HIPAA violation. HIPAA lacks a private cause of action. So do many other privacy and data security laws, such as FERPA, the FTC Act, the Gramm-Leach-Bliley Act, among others. That means that these laws don’t provide people with a way to sue when their rights under these laws are violated. Instead, these laws are enforced by agencies. But wait! Stop the presses! A recent decision by the Connecticut Supreme Court has concluded that people really can sue for HIPAA violations. As I will explain later, this is not a radical conclusion ... though the implications of this conclusion could be quite radical and extend far beyond HIPAA.

What Every Business Owner Needs to Know About Data Sovereignty

Ajay Patel, SmartData Collective,  Monday, November 17, 2014

Sovereignty isn’t usually the first word that comes to mind when thinking about data. With all the recent data fiascos, privacy is what’s at the forefront of most consumers’ minds. But data sovereignty relates to data privacy, and businesses need to understand this concept when choosing where they store their digital information. Unfortunately, the laws and regulations protecting digital information can be extremely complex. They are dependent on different governments and jurisdictions, and data stored in certain countries may or may not be subject to subpoena by another country’s government (or even the host country’s government).

Privacy Protections Unite Carmakers

Joan Lowy, Associated Press ,  Friday, November 14, 2014

Nineteen automakers accounting for most of the passenger cars and trucks sold in the U.S. have signed onto a set of principles they say will protect motorists' privacy in an era when computerized cars pass along more information about their drivers than many motorists realize. The principles were delivered in a letter Wednesday to the Federal Trade Commission, which has the authority to force corporations to live up to their promises to consumers. Industry officials say they want to assure their customers that the information that their cars stream back to automakers or that is downloaded from the vehicle's computers won't be handed over to authorities without a court order, sold to insurance companies or used to bombard them with ads for pizza parlors, gas stations or other businesses they drive past, without their permission.

EU mulls conferring binding powers on body of data privacy regulators

Julia Fioretti, Reuters,  Friday, November 14, 2014

A new body of European data protection authorities could have the power to adopt legally binding decisions in cross-border disputes over a company's misuse of personal data, according to a draft document seen by Reuters. Under a mechanism originally proposed in reforms of Europe's data protection laws, businesses operating across the 28-nation European Union would have to deal only with the data protection authority in the country where they are headquartered - even if alleged mishandling of data affects citizens in another country. A new proposal by Italy, which holds the rotating European presidency, gives all concerned authorities the chance to intervene in all stages of the decision-making process.

Public Perceptions of Privacy and Security in the Post-Snowden Era

Mary Madden, Pew Research,  Wednesday, November 12, 2014

Privacy evokes a constellation of concepts for Americans—some of them tied to traditional notions of civil liberties and some of them driven by concerns about the surveillance of digital communications and the coming era of “big data.” While Americans’ associations with the topic of privacy are varied, the majority of adults in a new survey by the Pew Research Center feel that their privacy is being challenged along such core dimensions as the security of their personal information and their ability to retain confidentiality.