FTC Finalizes Order With TRUSTe On Privacy Seal Program

Written by
The Federal Trade Commission (FTC) has issued its final decision and order arising from its previously-disclosed settlement with TRUSTe stemming from the FTC’s complaint alleging that TRUSTe failed to conduct promised annual recertification of companies participating in its privacy seal program more than 1,000 times between 2006 and 2013. The complaint also alleged that TRUSTe misrepresented its status as a non-profit entity. The decision and order was finalized after a four-month public comment period. The decision and order was finalized without any changes from the settlement proposed in [...] Read more

California Health Care Facility Breach Statute Updated: Changes Effective Now

Written by
As a result of recent breaches – including breaches of health information and information held by health insurers – a great deal of attention has recently been focused on state data breach notification requirements. Most States have general data breach notification requirements that apply to all data breaches, including those involving health information. A few States have specific data breach laws applicable to health information or to certain types of entities in the health care/health insurance industry. California is one of such States – and it has made several significant revisions to [...] Read more

Montana Broadens Data Breach Notification Law

Written by
Montana has amended the state’s data breach notification law to both broaden the definition of “personal information” that triggers individual notice and to require notice to the state’s attorney general. The changes become effective on October 1, 2015. Montana has joined several other states, including California and Florida, that include medical-related information in the definition of personal information. Montana’s statute specifies that the medical information that would trigger individual notice, in combination with an individual’s full name or first initial and last name, [...] Read more

Third Circuit Questions FTC’s Data Security Authority

Written by
On March 3, 2015, the Third Circuit heard oral argument in FTC v. Wyndham Worldwide Corp., et al. (“Wyndham”) on the issue of whether the FTC has the authority to regulate private companies’ data security under Section 5 of the FTC Act. This appeal arises out of the District Court’s holding that the unfairness prong of Section 5 provides the FTC with the authority to regulate data security in the private sector.  (Previously reported here).  In its appellate briefs and at oral argument, the FTC argued that the district court got it right, noting that the FTC Act’s legislative history [...] Read more

White House Releases Consumer Privacy Bill of Rights

Written by
On February 27, 2015, the Obama Administration released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015 (the “Privacy Act”), holding true to President Barack Obama’s commitment in 2012 to introduce legislation to put the Privacy Act’s principles into law.  The Privacy Act is intended to “establish baseline protections for individual privacy in the commercial arena and to foster timely, flexible implementation of [the] protections through enforceable codes of conduct.” The Privacy Act seeks to regulate a broad variety of covered entities, which are persons that [...] Read more

White House Releases Report on Big Data and Differential Pricing

Written by
The White House Council of Economic Advisors recently released a report titled “Big Data and Differential Pricing.” “Differential pricing” refers to the practice of charging different prices to different groups of people for the same (or similar) products or services. The White House report explores the uses of big data for differential pricing, including the potential benefits or harms to consumers. The report follows the release of an earlier 2014 report on big data by the White House. Reviewing the economics of differential pricing, the recent report points out that many forms of [...] Read more

Peter Swire Honored with IAPP Privacy Leadership Award

Written by
Peter Swire, Georgia Institute of Technology Scheller College of Business professor and senior counsel in Alston & Bird’s Privacy & Data Security Group, was honored with the 2015 Privacy Leadership Award from The International Association of Privacy Professionals (IAPP). Swire is recognized for his commitment to the privacy field in tackling emerging privacy and security issues in public policy, academia and industry. The annual IAPP Privacy Leadership Award recognizes a leader in the field of privacy and data protection who has demonstrated an ongoing commitment to furthering [...] Read more

Webinar: Advising the C-Suite and Boards of Directors on Cybersecurity

Written by
On February 11, 2015, Alston & Bird hosted a webinar entitled “Advising the C-Suite and Boards of Directors on Cybersecurity.” Panelists included Alston & Bird attorneys Jessica Corley, Scott Ortwein and Kim Peretti, with Jim Harvey as the moderator. The cybersecurity legal landscape is rapidly unfolding due to the mass number of companies whose systems, data, and assets are networked and connected to the internet, as well as the surge of unprecedented attacks. Cybersecurity is no longer solely a concern for a company’s CIO or CISO, but also a concern for all members of the c-suite [...] Read more

Alston & Bird Privacy Program: An Interactive Discussion on How EU Data Laws are Undergoing Profound Changes

Written by
On February 4, Alston & Bird’s Los Angeles office hosted a presentation on EU data laws and US data laws with two leading experts from Olswang LLP, Ross McKean and Andreas Splittgerber. Alston’s Dominique Shelton moderated while McKean and Splittgerber shared their views on the profound changes occurring in EU data protection laws. It was a lively discussion that included the ramifications of the Google Spain decision and looked ahead to the upcoming EU Data Protection Regulation. The discussion provided a valuable opportunity to consider how U.S. companies can comply with the relevant [...] Read more

A&B Senior Counsel Peter Swire to Debate Consumer Privacy at Privacy Summit

Written by
On March 4-6, the International Association of Privacy Professionals (IAPP) will host its annual Global Privacy Summit in Washington, D.C. The Summit regularly attracts thousands of academics, officials, and privacy professionals. Those attending the Summit this year especially will not want to miss Alston & Bird Senior Counsel Peter Swire as he discusses and debates the future of consumer privacy with Stanford’s Jonathan Mayer. Peter previews his planned debate with Jonathan in an article published by the IAPP yesterday. The pair’s session is expected to focus on government oversight [...] Read more