On December 9, 2015, the Federal Trade Commission announced that Wyndham Worldwide Corp., Wyndham Hotel Group LLC, Wyndham Hotels and Resorts, LLC, and Wyndham Hotel Management, Inc. (“Wyndham”) had agreed to settle FTC charges that the company’s security practices unfairly exposed the payment card information of consumers to hackers in three separate data breaches between […]
Privacy Litigation
FTC’s Ability to Regulate Data Security Potentially Limited in FTC v. LabMD
A November 13, 2015 decision from the Federal Trade Commission’s Chief Administrative Law Judge, D. Michael Chappell, calls into question FTC enforcement in the data privacy space. The case began when the FTC filed a complaint on August 28, 2013 after an employee of LabMD, a cancer detection laboratory, downloaded peer-to-peer (“P2P”) software that exposed patient […]
European Commission Releases Communication on Schrems and Safe Harbor 2.0
On November 6, 2015, the European Commission released a widely-anticipated Communication assessing the impact of the judgment of the European Court of Justice (“ECJ”) in the Schrems case (C-362/14), which invalidated the U.S.-EU Safe Harbor framework. Though the Communication is not legally binding, it provides useful guidance to companies on transfers of personal data to the […]
Swire on Data Transfers After Schrems
Peter Swire, Alston & Bird Senior Counsel and Georgia Institute of Technology Scheller College of Business professor, has published an article on the path forward for E.U. / U.S. data transfers. Swire’s article offers a historical perspective on the European Court of Justice’s (ECJ) recent decision in Schrems. Schrems invalidated the Safe Harbor framework relied […]
Swire Challenges Factual Basis of Schrems Decision
In an article published today, Senior Counsel Peter Swire challenges the factual basis for the Advocate General’s recent opinion in the so-called “Schrems case” against the E.U.-U.S. Safe Harbor framework. Thousands of U.S. businesses rely on the Safe Harbor framework in order to support the transfer of data from the European Union. As previously discussed […]