fbpx

Free tools and resources for Data Protection Officers!

Tag Archives for " US "

Ahead of First Joint Review of Privacy Shield, Europeans Remain Skeptical as FTC Announces Enforcement Actions

On September 8, 2017, the Federal Trade Commission (FTC) announced enforcement actions against three companies alleged to have falsely claimed participation in the EU-U.S. Privacy Shield Framework. The move follows several months of uncertainty surrounding the Framework’s future as EU officials and privacy advocates have questioned its efficacy and validity in the run-up to the first annual joint review set to begin next week.

Source: Privacy Shield Update: Ahead of First Joint Review, Europeans Remain Skeptical as FTC Announces Enforcement Actions

What U.S. multinational employers must do to prepare for the impending GDPR

Because the GDPR was drafted with the primary intention of protecting consumers who participate in the “digital economy,” determining how the GDPR’s new requirements apply to HR data can be challenging. To assist in that effort, this insight describes 10 practical steps that U.S. multinationals can take to address the regulation’s provisions with the greatest impact on managing a global workforce.

Source: Ten steps: What U.S. multinational employers must do to prepare for the impending GDPR

Why do big hacks happen? Blame Big Data!

Equifax, one of the largest credit reporting agencies, revealed on Thursday that it was hacked back in May, exposing the personal data of up to 143 million people. The data accessed by hackers contains extremely sensitive information like social security numbers, birth data, consumer’s names, driver’s license numbers and credit card numbers.

Source: Why do big hacks happen? Blame Big Data | Jathan Sadowski | Opinion | The Guardian

Companies to Settle FTC Charges They Falsely Claimed Participation in Privacy Shield 

Three U.S. companies have agreed to settle Federal Trade Commission charges that they misled consumers about their participation in the European Union-United States Privacy Shield framework, which allows companies to transfer consumer data from EU member states to the United States in compliance with EU law.

Source: Three Companies Agree to Settle FTC Charges They Falsely Claimed Participation in EU-US Privacy Shield Framework | Federal Trade Commission

The Equifax breach, response, and fallout

Consumer credit reporting agency Equifax announced late Thursday hackers had breached some of its website application software, potentially affecting the sensitive personal information of approximately 143 million consumers. The data that was accessed included consumers’ names, Social Security numbers, birth dates, addresses, and, in some instances, driver’s license numbers. The incident may have also compromised credit card numbers for 209,000 U.S. consumers, as well as other “dispute documents” that contained identifying information for 182,000 consumers.

Source: The Equifax breach, response, and fallout

Lack of Injury Dooms Scottrade Data Breach Class Suit Appeal

US federal appeals court rejected class action over a 2013 data breach at that affected more than 4.6 million securities discount brokerage’s Scottrade Inc. customers on grounds that plaintiffs didn’t demonstrate they had suffered actual damages.

Source: Lack of Injury Dooms Scottrade Data Breach Class Suit Appeal | Bloomberg BNA

Driver’s license facial recognition tech leads to 4,000 arrests

The state of New York says its driver’s license facial recognition technology has led to the arrest of 4,000 people in connection to identify theft or fraud crimes. This number is likely to skyrocket in the wake of the state doubling the number of measurement points for photographs.

Source: Driver’s license facial recognition tech leads to 4,000 New York arrests | Ars Technica

Court attributes Google’s privacy violations to ‘browser architecture’

31 August 2017 The United States Court of Appeals for the Ninth Circuit (‘the Court of Appeals’) issued, on 22 August 2017, its ruling in Paloma Gaos et. al. v. Google, Inc., in which it held that the District Court for the Northern District of California had not abused its discretion by approving a class action settlement brought by users of the search engine, on grounds that Google had violated their privacy by disclosing their search terms to third parties.

Source: USA: Court of Appeals attributes Google’s privacy violations to ‘browser architecture’

>