Tag Archives: Privacy Policy

FTC settlement and warning letters over cross-border personal data transfers

The Federal Trade Commission’s (FTC) recently announced settlement with background check provider SecurTest, Inc. shows the agency remains vigilant regarding businesses’ claims that they comply with the EU-U.S. Privacy Shield Framework (Privacy Shield). Privacy Shield provides U.S. businesses with a legally recognized mechanism for receiving personal data in the United States from the EU. In … Continue Reading

Privacy shield team issues guidance

This month, the Privacy Shield Program posted answers to Frequently Asked Questions. The Privacy Shield provides a mechanism to comply with data protection requirements when transferring personal data from the European Union to the United States in support of transatlantic commerce. The general guidance addresses topics such as the continued status of the Privacy Shield … Continue Reading

Google Makes Ad-Tracking Change in its Privacy Policy

In 2007, Google bought online ad network DoubleClick, which uses cookies to collect and store data about Google users from their browsing history, to best place clients’ ads. This past June, Google revised its privacy policy to state that users’ activities on other sites tracked by DoubleClick “may be associated with [their] personal information.”  This … Continue Reading

New Tool in Calif. AG’s Privacy Enforcement Efforts: Consumers

California Attorney General Kamala Harris is enlisting new enforcers in her efforts to get companies to comply with the state’s privacy policy requirements: members of the public. On October 14, Harris released an online form enabling consumers to report websites, mobile applications, and other online services that are violating the California Online Privacy Protection Act … Continue Reading

High Court Permits University’s Contravention of Its Own Privacy Policy

The High Court in Bangura v Loughborough University [2016] EWHC 1503 (QB) ruled 19 May that Loughborough University acted lawfully under the Data Protection Act 1998 (“DPA”) in supplying Leicestershire Police with the registration form of a student suspected of sexual assault and rape. In contravention of the university’s data protection policy, the registration form … Continue Reading

Privacy policy required for contact forms on websites? German Courts in disagreement

Over the last years, a number of German Courts had to decide whether the operator of a website that contains a contact form for the website’s visitors shall be obliged to provide visitors a privacy policy that informs the visitor about type, scope and purposes of collection and use of personal data. The question whether … Continue Reading

Maximum administrative fine issued by the CNIL against Google: More to come?

After almost two years of back and forth with Google, the French CNIL has, similarly to the Spanish Data Protection authority (€900,000 fine), sanctioned Google with a €150,000 fine, as Google refused to review its integrated platform and to modify its privacy policy as requested by the Working Party 29. In addition to this fine, … Continue Reading

CalOPPA Enforcement Grounded, For Now

This post was also written by Joshua B. Marker and Tyler M. Layton. In a significant victory, Delta Airlines’ demurrer to the enforcement action filed by the state of California was sustained without leave to amend. We previously wrote about the case here. California alleged that Delta’s mobile application was in violation of CalOPPA because its … Continue Reading

CNIL vs. Google, Act V: Six Data Protection Authorities led by the French CNIL are now starting action in order to penalize Google

Pursuant to their common decision 26 February 2013 to engage action in order to penalize Google Inc. for refusing to revise its global privacy policy, six of the European Working Party 29 regulators, led by the French CNIL, have now jointly started to act in their respective jurisdictions and according to their national laws against … Continue Reading

California’s Proposal to Require Privacy Policies Be No More Than 100 Words: Simplifying or Complicating the Process?

This post was also written by Frederick Lah. A California state assemblyman proposed legislation this week attempting to require that online privacy policies be no more than 100 words. The legislation would also require that the privacy policy “be written in clear and concise language, be written at no greater than an 8th grade reading level, … Continue Reading

California Mobile Privacy Enforcement Takes Flight; All Companies Offering Mobile Apps to Consumers Should Prepare for Landing

This post was also written by Joshua Marker. Following a year in which she repeatedly announced her intention to make mobile privacy a priority, California Attorney General Kamala Harris filed the first mobile privacy enforcement action against Delta Air Lines. The case, The People Of The State Of California v. Delta Air Lines, CGC-12-526741, filed … Continue Reading

CNIL vs. Google, Act IV: Google Against the Rest of the World of the Data Protection Regulators

We have previously reported on the different requests and repeated questionnaires the Commission nationale de l’informatique et des libertés (CNIL) has sent to Google over the past few months regarding the evaluation of Google’s compliance with applicable European Data Protection Regulation concerning its new integrated privacy policy, as well as the new integrated platform launched … Continue Reading

CNIL vs. Google, Act III: CNIL sends Google a 6-page additional Questionnaire on Google’s New Privacy Policy since it is still “impossible to know Google’s processings of personal data”

We have previously reported that the French Data Protection Authority (DPA), the CNIL, had sent to Google 19 March 2012, a 12-page questionnaire divided in not less than 69 main questions on Google’s new privacy policy. The CNIL has been designated by the Working Party 29 to evaluate the compliance to applicable data protection regulation … Continue Reading

CNIL vs. Google, Act II: the CNIL Strikes Back – CNIL sends Google a 12-Page Questionnaire on Google’s New Privacy Policy for its Integrated Platform in Order to Verify its Compliance with Applicable European Regulation

Google’s CEO, Larry Page, now belongs to the happy few who enjoy direct and regular contact with the CNIL’s president, Mrs. Falque-Pierrotin: he received on 19 March another letter from the French Data Protection Authority’s president pursuant to Google’s decision to launch its new integrated platform 1 March, despite the CNIL’s strong warning to postpone … Continue Reading

A recent Initiative for a Competitive Online Marketplace (“ICOMP”) Conference on ‘Data Protection and Profiling’ poses difficult questions in relation to Google’s attitude towards the law, exploitation of user information and its new privacy policy

A recent ICOMP Conference on ‘Data Protection and Profiling’ in Brussels focussed primarily on the implementation of Google’s new privacy policy on 1 March 2012. ICOMP provides a discussion forum for organisations and policy makers relating to the online marketplace aimed at supporting principles related to a transparent and competitive Internet. There was some controversy … Continue Reading

Concerns for Google’s Privacy Policy

Reed Smith’s Co-Head of Data Privacy, Security & Management, Cynthia O’Donoghue, was interviewed by LexBlog earlier this week, following the recent outcome of the CNIL’s (the French data protection agency) investigation of Google’s new privacy policy. Cynthia outlined the reasons for the CNIL’s preliminary findings, stressing that its failure to properly incorporate EU data protection … Continue Reading

French CNIL Urges Google to Postpone the Launch of its Integrated Platform and Raises Serious Doubts about Google’s Compliance with European Data Privacy Directive

February 2012 will last as a milestone of an unprecedented fight between the Working Party 29, which comprises the European Data Protection Agencies, and Google. Google has highly publicised the forthcoming launch of an integrated platform that is deemed to allow a better tracking of the user’s personal data and in particular to advertise with … Continue Reading

Privacy: A Washington Tale of Two Reports

This post was also written by Chris Cwalina and Amy Mushahwar. We’ve been busy here in Washington with two seminal privacy reports released within a span of two weeks.  At Reed Smith, our interdisciplinary team of former government officials, former in-house attorneys, class action litigators and engineers (in the US and internationally) are reviewing the releases … Continue Reading

FTC Releases Privacy Report

This post was also written by Christopher G. Cwalina, Amy S. Mushahwar, and Frederick Lah. On December 1, 2010 the FTC released its long-awaited Protecting Consumer Privacy in an Era of Rapid Change. This 123-page preliminary staff report proposes a sea change in US privacy law. The FTC is accepting comments on this report until January … Continue Reading
LexBlog