Privacy & Information Security Law Blog

On April 10, 2014, the Federal Trade Commission announced that the Director of the FTC’s Bureau of Consumer Protection had notified Facebook and WhatsApp Inc., reminding both companies of their obligation to honor privacy statements made to consumers in connection with Facebook’s proposed acquisition of WhatsApp.

On April 10, 2014, U.S. Department of Justice Deputy Attorney General James Cole and Federal Trade Commission Chair Edith Ramirez announced a joint DOJ and FTC antitrust policy statement on the sharing of cybersecurity information (“Policy Statement”). The Policy Statement, as well as their remarks, emphasize the seriousness of the cybersecurity challenge and the need to improve cybersecurity information sharing. It is another example of the Obama Administration’s efforts to encourage the sharing of information about cybersecurity threats and vulnerabilities.

In March 2014, the State Postal Bureau of the People’s Republic of China (the “SPBC”) formally issued three rules (the “Rules”) establishing significant requirements regarding the protection of personal information: (1) Provisions on the Management of the Security of Personal Information of Postal and Delivery Service Users (the “Security Provisions”); (2) Provisions on the Reporting and Handling of Security Information in the Postal Sector (the “Reporting and Handling Provisions”); and (3) Provisions on the Management of Undeliverable Express Mail Items (the “Management Provisions”). The Rules, each of which became effective on its date of promulgation, were issued in draft form in November 2013 along with a request for public comment.

Hunton & Williams LLP is pleased to announce that Chambers and Partners has listed the firm’s Global Privacy and Cybersecurity practice in Band 1 in the 2014 Chambers Global guide. This is the sixth consecutive year the firm was top ranked in this category. In addition, the firm was newly ranked in the guide’s inaugural Europe-wide Data Protection section, premiering in the top-tier Band 1.

On March 21, 2014, the Article 29 Working Party (the “Working Party”) issued a Working Document containing draft ad-hoc contractual clauses for transfers of personal data from data processors in the EU to data sub-processors outside the EU (the “Working Document”).

On April 8, 2014, the European Court of Justice ruled that the EU Data Retention Directive is invalid because it disproportionally interferes with the European citizens’ rights to private life and protection of personal data. The Court’s ruling applies retroactively to the day the Directive entered into force.

On April 7, 2014, the U.S. District Court for the District of New Jersey issued an opinion in Federal Trade Commission v. Wyndham Worldwide Corporation, allowing the FTC to proceed with its case against the company. Wyndham had argued that the FTC lacks the authority to regulate data security under Section 5 of the FTC Act. The judge rejected Wyndham’s challenge, ruling that the FTC can charge Wyndham with unfair data security practices. The case will continue to be litigated on the issue of whether Wyndham’s data security practices constituted a violation of Section 5.

As reported in the Hunton Employment & Labor Perspectives Blog:

On February 14, 2014, San Francisco passed the San Francisco Fair Chance Ordinance and became the latest national municipality to “ban the box” and limit the use of criminal background checks in employment hiring decisions. The deadline for San Francisco employers to comply with the San Francisco Fair Chance Ordinance is August 13, 2014. The “ban the box” campaign continues to gain momentum – San Francisco joins other cities (Buffalo, Newark, Philadelphia, and Seattle) and states (Hawaii, Massachusetts ...

On March 28, 2014, the 87th Conference of the German Data Protection Commissioners concluded in Hamburg. This biannual conference provides a private forum for the 17 German state data protection authorities (“DPAs”) and the Federal Commissioner for Data Protection and Freedom of Information, Andrea Voßhoff, to share their views on current issues, discuss relevant cases and adopt Resolutions aimed at harmonizing how data protection law is applied across Germany.

As reported in the Hunton Employment & Labor Perspectives Blog, on March 10, 2014, the Federal Trade Commission and the Equal Employment Opportunity Commission issued joint guidance regarding the use of background checks in the employment context. The agencies issued two guidance documents: Background Checks: What Employers Need to Know (which advises employers on their existing legal obligations under both the Fair Credit Reporting Act and federal non-discrimination laws) and Background Checks: What Job Applicants and Employees Should Know (which informs job applicants ...