Privacy & Information Security Law Blog

On March 17, 2010, the Federal Trade Commission convened the last of its three-part series of roundtable discussions entitled “Exploring Privacy.”  In her opening remarks, outgoing Commissioner Pamela Jones Harbour emphasized the critical importance of privacy to consumers, stating that “consumer privacy cannot be run in beta,” and that companies often inappropriately expose consumer data during new product rollout.  David Vladeck, Director of the FTC’s Bureau of Consumer Protection, then set the stage by invoking the “notice is broken” theme that recurred during the first two roundtables on December 7, 2009, and January 28, 2010, and was echoed by participants in the March 17 event.

On March 3, 2010, the Senate unanimously confirmed the nominations of Julie Brill and Edith Ramirez to serve as FTC Commissioners for seven-year terms.  Most recently, Ms. Brill has served as Deputy Attorney General for Consumer Protection and Antitrust for the State of North Carolina.  She was formerly Assistant Attorney General for Consumer Protection and Antitrust for the State of Vermont and has served as Chair of the Committee on Privacy for the National Association of Attorneys General.  Edith Ramirez is a partner at Quinn Emanuel Urquhart Oliver & Hedges, LLP in Los Angeles ...

The Federal Trade Commission’s second “Exploring Privacy” roundtable concluded Thursday, January 28, 2010.  The roundtable did not provide many firm conclusions, but it did help further refine some hard issues facing privacy protection.

Although Thursday’s hearing was intended to be devoted to technology issues, the role of regulation appeared to dominate the discussions.  “Everyone is dying to talk about regulation,” said Jessica Rich, Deputy Director of the Bureau of Consumer Protection, moderating a panel on Technology and Policy.

On January 19, 2010, Information and Privacy Commissioner David Loukidelis resigned to accept the post of Deputy Attorney General of British Columbia.  Mr. Paul Fraser, the Conflict of Interest Commissioner, has been named interim Commissioner.  The appointment of a permanent successor is expected in the spring when the British Columbia legislature reconvenes.  
 
View the Commissioner Loukidelis' letter of resignation. 

Lisa Sotto, head of the Privacy and Information Management practice of Hunton & Williams LLP, has been appointed to the Board of Directors of the International Association of Privacy Professionals (“IAPP”). The IAPP is the world’s largest association of privacy professionals and works to define, promote and improve the privacy profession through networking, education and certification.

Sotto also serves as a member and is a former vice chair of the U.S. Department of Homeland Security’s Data Privacy and Integrity Advisory Committee. She is co-chair of the ...

On January 18, 2010, the Privacy Commissioner of Canada, Jennifer Stoddart, announced a public consultation to examine the privacy issues associated with online tracking, profiling and targeting of consumers.  The Commissioner noted that the consultation will “provide a forum for the exploration of the privacy implications related to this modern industry practice, and the protections that Canadians expect.”  The consultation marks the first in a series to review emerging technologies that are likely to have a considerable impact on consumer privacy.  The announcement of a ...

On January 12, 2010, Ms. Viviane Reding, Commissioner-designate for Justice, Fundamental Rights and Citizenship, was questioned during a public hearing before the European Parliament.  During this hearing, Ms. Reding revealed her priorities in the field of privacy and data protection.  “Fundamental rights and data protection will be top of the line” said Ms. Reding, who explained that she intends to incorporate the EU’s data protection rules into a modern and comprehensive legal instrument.

On December 7, 2009, the Business Forum for Consumer Privacy released “A Use and Obligations Approach to Protecting Privacy: A Discussion Document" at the Federal Trade Commission’s roundtable entitled “Exploring Privacy.”  The roundtable was a first step in the FTC’s effort to re-examine privacy protection in light of rapid, dynamic changes in technology, advances in data analytics and increasingly ubiquitous data collection and use.  The paper is the product of a three year effort on the part of the Forum to develop an approach to protecting data that meets the needs of businesses and consumers in this emerging environment.  The paper may be found at www.informationpolicycentre.com.

On Monday, December 7, the Federal Trade Commission began a three-part series of roundtables collectively entitled "Exploring Privacy."  The conference opened with a presentation by Richard M. Smith featuring data flow charts he developed with FTC staff to illustrate the current “personal data ecosystem” and how personal information moves in various online and offline contexts.  The charts that served as the basis for his discussion (available here) offer a sense of the FTC’s understanding of today’s information marketplace.  Other panels covered topics such as consumer expectations, information brokers and online behavioral advertising.

Senior staff changes at the Federal Trade Commission have enhanced privacy’s profile within the agency.  Jessica Rich is the new Deputy Director of Consumer Protection.  Ms. Rich has been the Acting Associate Director responsible for the Division of Privacy and Identity Protection following nearly a decade as Assistant Director for the Division.  Rich has long been seen as the FTC’s staff’s privacy thought leader.  The new Privacy Division Associate Director is Maneesha Mithal.  Ms. Mithal brings a strong international background to the position.  The new Assistant Director is ...

In a closed session on November 5, 2009, the 31st International Conference of Data Protection and Privacy Commissioners adopted the International Standards on the Protection of Personal Data and Privacy (the “Standards”).  Although the document is advisory in nature and is not legally binding, it offers guidance to States that have not yet adopted comprehensive data protection laws.  The Spanish Data Protection Agency, which acted as the secretariat for drafting the Standards, held two meetings that included more than fifty privacy enforcement agencies, privacy advocates and businesses before hosting a final drafting session that was reserved for recognized data protection authorities.

Every year since 2005, the United States, the European Commission and the Article 29 Working Party on Data Protection meet to review the latest developments in the U.S.-EU Safe Harbor Framework, as well as changes in privacy compliance, information security and data protection.  This year’s  International Conference on Cross Border Data Flows, Data Protection and Privacy occurs November 16 - 18 and features leading experts who will examine these issues and others, as well as changes made to the approval process for binding corporate rules.  Join our privacy professionals, Martin ...

Janet Napolitano, Secretary of the Department of Homeland Security, and Alfredo Perez Rubalcaba, the Spanish Minister of the Interior, spoke in contrasting tones today of the difficulties of finding the right balance between security and privacy.  The theme "Striving for a Balance Between Security and Privacy" was debated during the first plenary session of the 31st International Conference of Data Protection and Privacy Commissioners in Madrid.

On November 4, join our privacy professionals at the 31st International Conference of Data Protection and Privacy Commissioners in Madrid, Spain.  Participate in various presentations on ways to manage the most challenging data protection issues in today’s global environment.  In addition, the International Association of Privacy Professionals (“IAPP”) will host a Data Protection and Privacy Workshop in conjunction with the conference.

On September 15, 2009, the Federal Trade Commission unveiled a series of public roundtables that will focus on the effect of modern technology and business practices on the privacy of consumer information.  The goal of the panels is to explore how to best balance the concerns for consumer privacy, beneficial use of consumer information and technological innovation.  The discussions will address myriad technologies and practices, such as social networking, cloud computing, behavioral marketing, mobile marketing and, generally, the collection of consumer information for ...

Don’t miss the 2009 International Association of Privacy Professionals’ (“IAPP”) Privacy Academy in Boston, MA, September 16-18th. The Academy provides various program topics on operational privacy and technology, as well as advanced breakout sessions focusing on today’s cutting edge privacy issues. We hope you will visit our privacy attorneys who are speaking on the following panels:

• Suggestions From the States: Designing a Workable Breach Notice Requirement, Thursday, September 17, 11 a.m. – 12 p.m., Aaron Simpson, Hunton & Williams, moderates, and speakers ...

On May 19 and 20 the European Commission held a conference which was perhaps the most important data protection event in Brussels since the Commission conference on evaluation of the EU Data Protection Directive 95/46/EC held in 2002. The conference was part of the Commission's current evaluation of the Directive, and was designed to explore both the current status of data protection in the EU and where it is headed in the coming years. Speakers included Jacques Barrot, the European Commissioner in charge of justice, freedom and security; Alex Türk, chairman of the CNIL (French Data Protection Authority) and the Article 29 Working Party; European Data Protection Supervisor Peter Hustinx; and representatives of European academia, business and non-governmental organizations.

Wednesday, January 28, 2009, marks the second annual international Data Privacy Day, which brings together a broad coalition of privacy professionals from both the private and public sectors, as well as corporations, academics and policymakers, with the goal of promoting awareness and collaboration on a variety of data privacy issues.

A wide variety of events celebrating Data Privacy Day has been scheduled throughout the week across the United States, Canada and the European Union. The Triangle Center on Terrorism and Homeland Security and Intel Corporation are sponsoring a ...