Tag Archives: data protection

UK Data Protection Authority Publishes Draft Guidelines for Implementing Privacy Policies

By Cecile Martin on February 19, 2009 Posted in Data Privacy Laws

The UK Information Commissioner Office ("ICO", the UK data privacy agency) has recently issued an informative code of practice to assist companies collecting personal data so that they can better draft clear privacy notices to data subjects about how the company intends to use personal data, and especially when such data is considered to be … Continue Reading

European Commission Data Protection Working Party Issues Opinion on Search Engine Data Protection

By S. Montaye Sigmon on April 22, 2008 Posted in European Union

The European Commission Article 29 Data Protection Working Party ("Working Party") recently released its opinion on data protection issues related to search engines. The opinion specifically addresses the applicability of the Data Protection Directive (95/46/EC) and the Data Retention Directive (2006/24/EC) to the processing of personal data by search engines. … Continue Reading

Federal Trade Commission Announces Settlement with TJX Over Inadequate Security Practices

By on April 15, 2008 Posted in FTC Enforcement

According to a proposed settlement announced by the Federal Trade Commission (“FTC”) on March 27, 2008, discount retailer TJX will be required to implement a comprehensive information security program to remedy deficiencies in protecting sensitive consumer information. If approved, the settlement will resolve allegations that the company engaged in practices that failed to provide reasonable and … Continue Reading

In Response To TJX Data Breach, One State Enacts Legislation Imposing New Security and Liability Obligations; Similar Bills Pending in Five Other States

By Proskauer Rose on May 29, 2007 Posted in Security Breach Notification Laws

Lawmakers in six states have responded quickly to the massive data breach at TJX Companies, Inc. with various bills designed to strengthen merchant security and/or render companies liable for third party companies’ costs arising from data breaches. These latest bills – introduced in California, Connecticut, Illinois, Massachusetts, Minnesota and Texas – represent a new front of … Continue Reading

First Subsidiary of a U.S. Based Multinational Company Fined for Data Protection Violations in France

By Jeremy M. Mittman on May 29, 2007 Posted in European Union

Last month the French subsidiary of the U.S. based company, Tyco Healthcare, became the first local branch of a U.S. company to be fined for data protection violations. France’s data protection agency, La Commission Nationale de L’informatique et des Libertes (CNIL) levied a fine of 30,000 euro (or about $40,350) against the company after it … Continue Reading

Dubai Becomes First Arab Nation to Enact Data Protection Law

By Jeremy M. Mittman on April 19, 2007 Posted in International

Dubai recently became the first Arab nation to enact a substantial Data Protection Law (DIFC Law No. 1 of 2007) that aims to protect the personal information of its citizens. In a statement announcing the new law, Dubai called the enactment “pioneering in the region” and an examination of the law reveals that the description is rightly … Continue Reading