personally identifying information

Proskauer on Privacy will never be confused with TMZ, but we would be remiss if we failed to report on the high profile privacy scandal unfolding in the backyard of our Los Angeles office. As we previously reported, California’s data breach notification law was amended effective January 1, 2008, to include breaches of medical and health insurance information. A number of recent incidents illustrate once again that it is not enough to have written policies and procedures in place for the handling of sensitive information – employee training is essential.

My very first blog post addressed a precedent-setting decision of the Central District of California holding that federal agents could not conduct a border search of the private and personal information stored on a traveler’s computer hard drive or electronic storage devices without reasonable suspicion. Eighteen months later, the Ninth Circuit has squarely reversed that decision. In a short opinion filed April 21, 2008, Judge O’Scannlain wrote in U.S. v. Arnold, No. 06-50581, that “reasonable suspicion is not needed for customs officials to search a laptop or other personal electronic storage devices at the border.” As far as the Ninth Circuit is concerned, for purposes of border searches under the Fourth Amendment, laptops and other electronic storage devices are not so much like a home or the human mind – they are more akin to luggage or a car.