Friday, December 18, 2009, 10:36 AM

Privacy Bulletin: Issue No. 32

In the News
House Approves Comprehensive Privacy Legislation: On December 8, 2009, the U.S. House of Representatives passed H.R. 2221, the Data Accountability and Trust Act (Rush, D-IL), a comprehensive reform effort governing the handling of sensitive data. The bill authorizes the Federal Trade Commission to promulgate regulations requiring entities to implement security policies and procedures to safeguard sensitive personal data; creates strict requirements regarding the collection, retention, and accuracy of personal information for data brokers; imposes additional requirements on data brokers by requiring them to submit a copy of their security policy to the FTC along with a breach notification and implement audit procedures to authenticate consumer information; and sets forth a national data breach notification standard. The bill was received in the Senate and referred to the Senate Commerce Committee where it is awaiting action.

Court Upholds Decision Exempting Attorneys from Scope of Red Flags Rule: On December 1, 2009, the U.S. District Court for the District of Columbia upheld its October 29, 2009 bench ruling exempting attorneys from compliance with the Federal Trade Commission’s (FTC) Red Flags Rule, which will take effect June 1, 2010. The Court found that the Congress did not authorize the FTC to sweep attorneys into regulations aimed at the credit industry and that application of the rules to attorneys was unreasonable.

$15.5 Million Judgment Entered Against Leader of “Spam Gang”: On November 30, 2009, a federal judge for the United States District Court for the Northern District of Illinois, at the request of the Federal Trade Commission (FTC), ordered the head of an international spam network to pay $15.5 million for his role in spearheading spammers from around the world to bombard consumers with billions of spam email messages. The spammers, through the targeted emails, deceptively marketed various weight–loss pills and prescription drugs, even though the pills had not been approved by the FDA and were potentially unsafe. The spammers also violated the CAN-SPAM Act for failure to provide a link or address to opt out of receipt.

Supreme Court to Review Employee Texting Policies: On December 14, 2009, the Supreme Court announced that it would consider employee’s privacy expectations when they send text messages from their employer’s accounts. The U.S. Court of Appeals for the Ninth Circuit recently found workers retained a reasonable expectation of privacy in their text messages sent from devices and accounts supplied by their employers; however, the judge acknowledged that there is very little precedent to guide judges on what is reasonable in the electronic space.

FTC Launches Website to Educate Children About Privacy: On December 2, 2009, the Federal Trade Commission launched a website (www.ftc.gov/YouAreHere) containing content that will assist children to learn to protect their privacy, identify fraud and avoid identity theft while using the Internet. The site also provides content for parents and teachers to educate children on these issues.

Privacy and Data Protection Team
The attorneys in Womble Carlyle’s Privacy and Data Protection Team provide a wide array of privacy services to clients. We work with clients to assess their privacy and data security obligations, and then develop a compliance plan and controls to meet their needs. This includes privacy and security assessments; drafting and reviewing policies and procedures; training employees; managing privacy risks in contracts and mergers and acquisitions; and providing dedicated staffing for client privacy projects and ongoing privacy management. Our team does not operate in a vacuum—our goal is to help clients avoid pitfalls in privacy and data protection so they can focus on their core business. We also assist clients when privacy protections do not work by helping clients address security breaches. The firm also assists clients regarding monitoring and affecting privacy and data protection legislation and regulations. Should the need arise, we aggressively represent our clients in litigation and in agency or law enforcement matters.

0 Comments:

Post a Comment

<< Home

back to top