Privacy Law Blog

Category Archives: Uncategorized

Subscribe to Uncategorized RSS Feed

A German DPA Questions the Validity of the Use of Consent and Model Contractual Clauses to Transfer Personal Data to the U.S., and its peers seem to agree

Just one week after the milestone decision rendered by the CJEU ( to invalidate the Safe Harbor program established 15 years ago between the U.S. and the EU to facilitate the transfer of personal data from the EU to the U.S., a German data protection authority (DPA) of the state of Schleswig-Holstein (one of the … Continue Reading

No Class: Hulu Users Lose Certification Motion

After a decision denying class certification last week, claims by Hulu users that their personal information was improperly disclosed to Facebook are limited to the individual named plaintiffs (at least for now, as the decision was without prejudice). The plaintiffs alleged Hulu violated the federal Video Privacy Protection Act by configuring its website to include a … Continue Reading

Article 29 Working Party Provides Guidance on Obtaining Valid Cookie Consent in the EU

This past month, the European Union’s Article 29 Data Protection Working Party (the “Working Party”) issued the Working Document 02/2013 providing new guidance on obtaining consent for cookies (“Working Document”). The Working Document sets forth various mechanisms which can be utilized by websites to obtain consent for the use of cookies in compliance with all … Continue Reading

Ninth Circuit Reverses Class Action Coupon Settlement Because Attorneys Were Awarded Fees Based on Hours Worked Rather Than Coupon Value

On May 15 a Ninth Circuit panel reversed the district court’s approval of a class action settlement, holding that attorney’s fees awarded in connection with a coupon for the class members must be tied to actual redemption of the coupons rather than the time the attorneys spent working toward the coupon settlement. (In re HP … Continue Reading

The SEC and CFTC Adopt Identity Theft Red Flag Rules

The Securities and Exchange Commission (the “SEC”) and Commodity Futures Trading Commission (the “CFTC”) recently adopted rules requiring entities subject to their respective enforcement authorities to adopt and implement programs to detect and respond to indicators of possible identity theft, as required by the Dodd-Frank Wall Street Reform and Consumer Protection Act of 2010 (the … Continue Reading

HHS Announces New Patient Privacy and Security Protections

On January 17, 2013, U.S. Department of Health and Human Services Secretary Kathleen Sebelius announced the final omnibus rule that among other things (1) increases patient privacy protections; (2) provides individuals with new rights to receive a copy of their electronic medical record in an electronic form;  and (3) provides individuals with the right to … Continue Reading