On January 12, 2015, during a speech before the Federal Trade Commission (FTC), President Barack Obama announced that he would propose legislation to create a national, uniform data breach notification law. The White House later released the full text of the proposed bill. The President highlighted that a national breach notification law would benefit both […]
Privacy
NIST releases “Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans.”
On December 12, 2014, the National Institute for Standards and Technology (“NIST”) announced the release of Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (“SP 800-53A”). SP 800-53A is a companion guideline to Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations […]
23 Privacy Enforcement Authorities Issue a Joint Open Letter to App Marketplaces
On December 9, 2014, a joint open letter (“Letter”) was issued to the operators of seven (7) app marketplaces, urging them to “make the basic commitment to require each app that can access or collect personal information, to provide users with timely access to the app’s privacy policy.” Although the Letter was sent to Apple, […]
Giovanni Buttarelli Confirmed as New European Data Protection Supervisor
On November 27, the European Parliament confirmed that Giovanni Buttarelli will serve as the next European Data Protection Supervisor (“EDPS”). Buttarelli will take over for Peter Hustinx, who served as EDPS for 10 years. Prior to his appointment, Buttarelli was the Assistant EDPS, a position which will now be held by Wojciech Rafal Wiewiórowski. Buttarelli’s privacy experience […]
European Data Protection Supervisor Releases Guidelines on Data Protection for Financial Services Regulation
The European Data Protection Supervisor has released guidance to European financial services regulators to help them analyze data protection and privacy in the financial services arena. The guidance sets forth a 10-step methodology to “facilitate policymaking which respects the fundamental rights and freedoms in the [EU Charter of Fundamental Rights] and in particular the rights […]