The UK Information Commissioner Office ("ICO", the UK data privacy agency) has recently issued an informative code of practice to assist companies collecting personal data so that they can better draft clear privacy notices to data subjects about how the company intends to use personal data, and especially when such data is considered to be … Continue Reading
The European Commission Article 29 Data Protection Working Party ("Working Party") recently released its opinion on data protection issues related to search engines. The opinion specifically addresses the applicability of the Data Protection Directive (95/46/EC) and the Data Retention Directive (2006/24/EC) to the processing of personal data by search engines.
… Continue Reading
According to a proposed settlement announced by the Federal Trade Commission (“FTC”) on March 27, 2008, discount retailer TJX will be required to implement a comprehensive information security program to remedy deficiencies in protecting sensitive consumer information. If approved, the settlement will resolve allegations that the company engaged in practices that failed to provide reasonable and … Continue Reading
Lawmakers in six states have responded quickly to the massive data breach at TJX Companies, Inc. with various bills designed to strengthen merchant security and/or render companies liable for third party companies’ costs arising from data breaches. These latest bills – introduced in California, Connecticut, Illinois, Massachusetts, Minnesota and Texas – represent a new front of … Continue Reading
Last month the French subsidiary of the U.S. based company, Tyco Healthcare, became the first local branch of a U.S. company to be fined for data protection violations. France’s data protection agency, La Commission Nationale de L’informatique et des Libertes (CNIL) levied a fine of 30,000 euro (or about $40,350) against the company after it … Continue Reading
Dubai recently became the first Arab nation to enact a substantial Data Protection Law (DIFC Law No. 1 of 2007) that aims to protect the personal information of its citizens. In a statement announcing the new law, Dubai called the enactment “pioneering in the region” and an examination of the law reveals that the description is rightly … Continue Reading