Privacy & Information Security Law Blog

On September 14, 2011, the Article 29 Working Party (the “Working Party”) met with representatives of the European Advertising Standards Alliance (“EASA”) and IAB Europe, to discuss the industry’s new self-regulatory code of conduct for online behavioral advertising (the “Code”), which was released on April 14, 2011.

On September 14, 2011, UK Information Commissioner Christopher Graham said that the private sector “isn’t as good as it thinks it is” when it comes to data protection compliance, and that many of the compliance problems that arise originate in the private sector.  While giving evidence to the House of Commons Justice Select Committee, the Commissioner criticized the private sector and, in particular, banks and other financial services companies.

On September 15, 2011, the data protection authority of the German federal state of Hamburg (the “DPA”) published a press release confirming that Google has significantly improved compliance with respect to the implementation of Google Analytics in Germany.  This finding is the result of two years of fruitful dialog between Google and the DPA, which was acting on behalf of the conference of German data protection authorities responsible for the private sector (the “Düsseldorfer Kreis”).

On September 15, 2011, the U.S. House of Representatives Subcommittee on Commerce, Manufacturing and Technology held a hearing on “the impact and burden” of European privacy regulation.  Paula Bruening, former Vice President of the Centre for Information Policy Leadership at Hunton & Williams LLP, was one of five witnesses who testified at the hearing.

On September 14, 2011, Alex Türk announced that he will be resigning his position as Chairman of the French Data Protection Authority (the “CNIL”), in accordance with a recent amendment to the French Data Protection Act (Loi n° 2011-334 du 29 mars 2011 relative au Défenseur des droits).  The amendment prohibits the CNIL’s Chairman from holding any other elected office or public position.  Although this restriction does not enter into force until September 1, 2012, Mr. Türk, who also serves as a senator in the French Parliament, chose to resign prior to the upcoming French ...

On September 12, 2011, the Department of Health and Human Services’ Office of the National Coordinator for Health Information Technology (“ONC”) unveiled a model privacy notice for personal health records (the “PHR Model Privacy Notice”).  The PHR Model Privacy Notice was developed by ONC in collaboration with consumers and vendors of personal health records (“PHRs”).  The PHR Model Privacy Notice is intended to enable consumers to “understand privacy and security policies and data sharing practice information, compare PHR company practices, and make informed decisions.”

On September 8, 2011, Richard Allan, Facebook’s Director of European Public Policy, met with the German Federal Ministry of the Interior (the “Ministry”) and endorsed the Ministry’s initiative for a future self-regulatory code for social networks with a focus on data security, consumer protection and the protection of minors.

On September 12, 2011, the Commissioner for Data Protection and Freedom of Information of the German federal state of North Rhine-Westphalia (“DPA”) imposed a fine of €60,000 on Easycash GmbH (“Easycash”), a leading German service provider for electronic payments.

Mexico’s Federal Institute for Access to Information and Data Protection ( “IFAI”) will host the 33rd International Conference of Data Protection and Privacy Commissioners in Mexico City on November 2-3, 2011.  This year’s conference, entitled “Privacy: The Global Age,” will focus on the challenges associated with managing and protecting personal data in an era characterized by the constant, instantaneous transfer of information across the globe.  IFAI President Jacqueline Peschard discussed the conference in further detail in an interview with Marty Abrams ...

Following the U.S. Supreme Court’s ruling in Sorrell v. IMS Health, Thomas Julin, partner at Hunton & Williams LLP who represented IMS Health in the case, closely studied the Court’s decision to assess its implications, including with respect to other forthcoming legislation.  In an interview with Marty Abrams, President of the Centre for Information Policy Leadership, during the Centre’s First Friday Call on September 9, 2011, Julin discussed the close parallels between the law invalidated in Sorrell v. IMS Health and proposed federal regulation of behavioral ...