On December 12, 2014, the National Institute for Standards and Technology (“NIST”) announced the release of Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (“SP 800-53A”). SP 800-53A is a companion guideline to Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations […]
23 Privacy Enforcement Authorities Issue a Joint Open Letter to App Marketplaces
On December 9, 2014, a joint open letter (“Letter”) was issued to the operators of seven (7) app marketplaces, urging them to “make the basic commitment to require each app that can access or collect personal information, to provide users with timely access to the app’s privacy policy.” Although the Letter was sent to Apple, […]
WP29 Announces a Common “Tool-Box” Approach to Handling of Complaints under the Right to be Forgotten
On September 18, 2014, the Article 29 Working Party (the “WP29”) issued a press release, announcing that the European data protection authorities agreed on a common “tool-box” approach to handling complaints lodged due to search engines’ refusal to remove complainant’s entries from their search results. In a landmark ruling on May 13, 2014, the Court […]
International Collaboration Disrupts GameOver Zeus and CryptoLocker
On June 2, 2014, in collaboration with the European Cybercrime Centre at Europol, the Department of Justice (DOJ) and the Federal Bureau of Investigation (FBI) announced a multi-national effort to disrupt the GameOver Zeus botnet, an extremely sophisticated type of malware designed to steal banking and other credentials from infected computers. The DOJ and the FBI also […]
American Apparel Settles FTC Charge on Falsely Claiming Compliance with Safe Harbor Privacy Framework
On May 9, 2014, the Federal Trade Commission (the “FTC”) announced that American Apparel, Inc. (“American Apparel”) agreed to settle FTC charges that American Apparel falsely claimed it was compliant with the U.S.-European Union Safe Harbor (the “US-EU Safe Harbor Framework”). The FTC’s complaint alleged that American Apparel, a clothing manufacturer and retailer with more than 200 […]