In an article published yesterday, Peter Swire reviews the recent passage of the USA FREEDOM Act. Perhaps most notably, the Act eliminates the bulk collection of telephone metadata by the National Security Agency. Swire calls the Act, “the biggest pro-privacy change to U.S. intelligence law since the original enactment of the Foreign Intelligence Surveillance Act […]
Privacy
RadioShack Agrees to Significant Limitations in Sale of Customer Data Following Pressure from State Regulators and the FTC
In what may become viewed as the de facto standard for selling customer information in bankruptcies, a Delaware bankruptcy court approved, on May 20, 2015, a multi-party agreement that would substantially limit RadioShack’s ability to sell 117 million customer records. The agreement was entered into by RadioShack Corp., General Wireless Inc., and 17 state attorney generals as […]
Alston & Bird issues a Privacy and Security ADVISORY on Russia’s new Data Localization Law
Today, Alston & Bird issued a Privacy and Security ADVISORY on Russia’s new Data Localization Law will take effect in September, 2015. Penalties for non-compliance can be severe, including suspension of offending websites. Our Privacy & Data Security Group gives details on the law, the compliance challenges facing U.S. companies, and the solutions available to them. […]
The FTC Announces It Will Host a “Start with Security” Initiative in September
On May 13, 2015, Federal Trade Commission Chairwoman Edith Ramirez announced that the FTC will host an initiative for its “Start with Security” program in September. The FTC unveiled the “Start with Security” program in March at the IAPP Global Privacy Summit. During the unveiling, FTC Bureau of Consumer Protection Director Jessica Rich stated that […]
North Dakota Updates Data Breach Law
North Dakota recently amended its data breach notification law to clarify that the obligation to notify individuals of a breach applies to any entity that “owns or licenses” personal information of the residents of North Dakota. Previously, the obligation to report a breach only applied to those “that conduct[ ] business in the state.” In […]