Privacy Law Blog

Tag Archives: data retention

New York DFS Cybersecurity September 2018 Deadline

The New York Department of Financial Services cybersecurity regulation 23 NYCRR 500 (the “Regulation”) came into effect in March 2017 and established four staggered compliance deadlines for its various requirements. By the third deadline of September 3, 2018, Covered Entities are required to be in compliance with sections 500.06 (audit trails), 500.08 (application security), 500.13 … Continue Reading

FTC Provides Last Clear Chance for Industry to Self-Police in a Target-Rich Environment

On February 12, 2009, the FTC issued its long-anticipated Staff Report on Self-Regulatory Principles for Online Behavioral Advertising. The revised Self-Regulatory Principles are the result of a year of study of the more than 60 comments provided by industry, advocacy organizations, academics, and individual consumers in response to the FTC's proposed self-regulatory principles issued in late 2007. … Continue Reading

European Commission Data Protection Working Party Issues Opinion on Search Engine Data Protection

The European Commission Article 29 Data Protection Working Party ("Working Party") recently released its opinion on data protection issues related to search engines. The opinion specifically addresses the applicability of the Data Protection Directive (95/46/EC) and the Data Retention Directive (2006/24/EC) to the processing of personal data by search engines. … Continue Reading

Governor Schwarzenegger Says No to California A.B. 779

On Saturday, California Governor Arnold Schwarzenegger vetoed AB 779, legislation that would have amended California's landmark data security breach legislation. The bill would have been the first to follow law enacted by Minnesota earlier this year and effective August 1, 2007, that amended Minnesota's security breach notification law by, among other things, prohibiting businesses from retaining certain payment card data after authorization of a transaction. … Continue Reading

ISP Data Retention Legislation Introduced; ISPs and Privacy Advocates Fear Broad Mandates

Last month, a group of eight Republican lawmakers introduced H.R. 837, the Internet Stopping Adults Facilitating the Exploitation of Today's Youth (SAFETY) Act 2007. The bill would give the Attorney General very broad authority to enact rules requiring Internet Service Providers ("ISPs") to retain records so law enforcement could access their customers' online activities. … Continue Reading
LexBlog