After the EU-U.S. Privacy Shield was rendered invalid by the Court of Justice of the European Union (CJEU) in July 2020, and following a prior challenge to the U.S.-EU Safe Harbor, many businesses operating on both sides of the pond scrambled to find other ways to protect data flows between the EU and U.S. that
Data Security
Sheila Millar Authors “The Right to Repair: Implications for Consumer Product Safety and Data Security” for Inhouse Defense Quarterly
Keller and Heckman partner Sheila Millar wrote the Inhouse Defense Quarterly article, “The Right to Repair: Implications for Consumer Product Safety and Data Security. The article examines the potential effects of President Biden’s July 9, 2021, executive order that aims to expand consumers’ “right to repair.” Advocates of the right to repair, including the Federal…
UK ICO Proposes GDPR Fines for British Airways and Marriott Data Breaches
Earlier this week, the UK Information Commissioner’s Office (ICO) announced its intent to fine British Airways £183,390 million ($230 million) and its intent to fine Marriott International more than £99 million ($123 million) for violations of the General Data Protection Regulation (GDPR) arising out of data breaches. The ICO investigated the breaches as the lead…
Sheila Millar Authors Law360 Article “UK’s Proposed Age-Appropriate Data Code Would Be Onerous”
In a recent Law360 article, Sheila Millar discusses a proposal from the British Information Commissioners Office (ICO) that significantly restricts how information society services deemed likely to be accessed by children must handle the data they collect, use, and share. In “UK’s Proposed Age-Appropriate Data Code Would Be Onerous” (July 3), she delves into how…
FTC’s 2018 Data Privacy and Security Update Highlights Enforcement
The Federal Trade Commission (FTC) recently released its annual report highlighting its work on privacy and data security during 2018. The FTC initiated five enforcement actions arising out of data breaches and nine data privacy enforcement actions in 2018, including cases against online payment system Venmo and mobile phone maker BLU for misrepresenting their privacy…
FTC Releases Cybersecurity Resources for Small Businesses
Small businesses face the same cybersecurity risks as large multinationals but lack a large IT infrastructure to help protect themselves. At the direction of former Federal Trade Commission (FTC) Acting Chairman Maureen Ohlhausen, the FTC launched a new cybersecurity campaign aimed at helping small businesses navigate the ever-evolving cyber landscape, coordinated with the Department of…
Agency Comings and Goings
This week has seen several significant changes at the Commission level at both the Consumer Product Safety Commission (CPSC) and the Federal Trade Commission (FTC).
CPSC
After several months of stasis, the Senate voted to confirm Peter Feldman as a Commissioner on the CPSC, with a term expiring October 26, 2019. Feldman takes the place…
NIST Launches Development of Voluntary Privacy Risk Management Framework
The National Institute of Standards and Technology (NIST) has launched a collaborative effort to develop a voluntary framework that will help organizations manage privacy risks and protect consumer privacy when developing and using innovative technologies. According to NIST, a robust cybersecurity program can help manage risks, but organizations need customizable tools for addressing the challenges…
FTC Approves ESRB’s Updated COPPA Safe Harbor Program
The Federal Trade Commission (FTC) approved modifications to the video game industry’s Children’s Online Privacy Protection Act (COPPA) program. Earlier this year, the Entertainment Software Ratings Board (ESRB) proposed several substantive changes intended to take account of recent FTC COPPA rules and guidance.
To receive FTC approval, COPPA safe harbor programs must “implement substantially…
California Company Settles with FTC over Alleged Privacy Shield Misrepresentations
If a company claims to be certified under the EU-U.S. Privacy Shield framework when it hasn’t even completed the paperwork, the Federal Trade Commission (FTC) isn’t likely to let it slide. ReadyTech, a California-based online training services company, made such a claim on its website, in violation of the FTC Act’s prohibition against deceptive acts…