fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " US "

FTC Takes Action Against Companies Misrepresenting Compliance with the EU-U.S. Privacy Shield 

The Federal Trade Commission announced that it has taken action against a number of companies that allegedly misrepresented their compliance with the EU-U.S., as well as Swiss-U.S. Privacy Shield frameworks and other international privacy agreements.

FTC and SecurTest, Inc. reached a settlement agreement over allegations that SecurTest falsely claimed to participate in the Privacy Shield. The FTC also reported that it sent warning letters to 13 companies for claiming to participate in the U.S.-EU and U.S.-Swiss Safe Harbor frameworks and to two companies for falsely claiming to participate in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules system.

Source: FTC Takes Action Against Companies Misrepresenting Compliance with the EU-U.S. Privacy Shield and Other International Privacy Agreements

Privacy Shield and Standard Contractual Clauses will be assessed by European Courts

On the first and second of the July, the General Court of the European Union (which is part of the Court of Justice of the European Union (CJEU)) will hear a case against the EU-U.S. Privacy Shield brought by three French NGOs, La Quadrature du Net, French Data Network and Fédération FDN.

A week later, on 9 July, the CJEU will hear arguments in Schrems II, in which the Irish High Court has referred 11 questions relating to whether the European Commission’s Standard Contractual Clauses (SCCs) provide an adequate level of protection for personal data which is transferred to the US.

Judgments in these cases are expected towards the end of 2019 or beginning of 2020. there is high probability that either or both the Privacy Shield and SCCs will be invalidated as a mechanism for transferring personal data outside the EU, in a similar manner to the invalidation of Safe Harbor in 2015.

Source: Transfers on Trial: Privacy Shield and Standard Contractual Clauses go before the European Courts

New tool helps travelers avoid airlines that use facial recognition technology

A new tool launched by privacy activists offers to help travelers avoid increasingly invasive facial recognition technologies in airports.

Activist groups Fight for the Future, Demand Progress and Credo on Wednesday unveiled a new website called AirlinePrivacy.com, which shows users what airlines use facial recognition to verify the identity of passengers before boarding. The site also helps customers to directly book flights with airlines that don’t use facial recognition technologies.

Source: New tool helps travelers avoid airlines that use facial recognition technology

Privacy Shield complaint to be heard by Europe’s top court in July

A legal challenge to the EU-US Privacy Shield, a mechanism used by thousands of companies to authorize data transfers from the European Union to the US, will be heard by Europe’s top court this summer.

The General Court of the EU has set a date of July 1 and 2 to hear the complaint brought by French digital rights group, La Quadrature du Net, against the European Commission’s renegotiated data transfer agreement which argues the arrangement is still incompatible with EU law on account of US government mass surveillance practices.

Source: EU-US Privacy Shield complaint to be heard by Europe’s top court in July

US data privacy law talks break down

Debate to create uniform data privacy law across the US has broken down due to senators failing to decide how hard-line the new rules should be.

Politicians in America are in disagreement over the wording of key aspects of the new bill. After months of discussion in the Senate Commerce Committee, the bill is still not ready for publication. Insiders say talks between Democrats and Republicans have ground to a halt.

Tech firms, however, hope for the bill to be passed before the end of 2019, when the California Consumer Privacy Act (CCPA) will also come into being.

Source: US data privacy law talks break down

Nevada, New York and other states follow California’s CCPA

The US privacy law landscape continues to shift and evolve as state and federal privacy legislative proposals continue to be debated and become enacted.

While CCPA-like bills in Washington and Texas failed to pass, Nevada passed its online privacy amendment and proposals in New York and Washington, DC appear to be gaining momentum.

Read more: Nevada, New York and other states follow California’s CCPA

Facebook ordered by U.S. judge to turn over data privacy records

A U.S. judge ordered Facebook Inc to give shareholders emails and other records concerning how the social media company handles data privacy, after data for 87 million users was accessed by the British political consulting firm Cambridge Analytica.

Shareholders sued Facebook last September to obtain records related to Cambridge Analytica and other breaches, and said that upon finding wrongdoing, they might sue company officers and directors through a so-called derivative lawsuit.

Source: Facebook ordered by U.S. judge to turn over data privacy records – Reuters

Supreme Court dismisses Facebook appeal over transfer of user personal data to the US

Ireland’s Supreme Court has dismissed Facebook’s appeal over a High Court decision to refer key issues concerning the validity of European Commission decisions approving EU-US data transfer channels to the Court of Justice of the EU.

The referral was made by the High Court in proceedings by the Data Protection Commissioner (DPC) arising from complaints by Austrian lawyer Max Schrems the transfer of his personal data by Facebook to the US breached his data privacy rights as an EU citizen.

Source: Supreme Court dismisses Facebook appeal over transfer of user personal data to the US – Independent.ie

1 year into GDPR, ad industry braces for more fines

Complacency is a dangerous mistress. But it’s a trap many companies are in danger of falling into when it comes to the General Data Protection Regulation, according to advertising sources.

The temptation to do as little as possible, so as to maintain ad revenues, is high. And with no seriously worrying fines levied yet at businesses, several publishers that had taken a strict approach to consent, have started to loosen their terms in order not to feel punished by falling ad revenues while their rivals flourish.

Full article: ‘We’ve only just started’: 1 year into GDPR, ad industry braces for more fines – Digiday

Caught between data protection and trade sanctions?

The rapid evolution of the economic sanctions environment constitutes a compliance challenge for multinationals and financial institutions in particular.

A significant emphasis is already placed on the use of technology for facilitating sanctions screening and filtering of listed individuals. While the technology will definitely improve sanctions compliance strategies, one might question to what extent these processing operations will be compatible with data protection rules?

Full article: Caught between data protection and trade sanctions? – CITIP blog

>