Canada’s Supreme Court rules Alberta Privacy Law Unconstitutional
The Supreme Court of Canada, in a unanimous ruling, has determined that the Alberta privacy law is unconstitutional and has given the province one year to amend it, reports CTV News. The case, Information and Privacy Commissioner v. UFCW Local 401—commonly known as the Palace Casino case—dates from 2009, and involved union members filming replacement workers crossing a picket line and threatening to post the pictures online, prompting a complaint to Alberta’s Office of the Information and Privacy Commissioner. Alberta’s Court of Appeal ruled in 2012 that while “publishing the images would have violated Alberta’s privacy statute, the legislation violates the freedom of expression guaranteed in the Canadian Charter of Rights and Freedoms,” the report states.
"(The act) imposes restrictions on a union's ability to communicate and persuade the public of its cause, impairing its ability to use one of its most effective bargaining strategies in the course of a lawful strike," wrote Justices Rosalie Abella and Thomas Cromwell. While noting the privacy act addresses important issues, they wrote, "The price (the act) exacts, however, is disproportionate to the benefits it promotes.”
Texas AG Talks of Privacy in Campaign Speech
In his second policy address of his gubernatorial campaign, Texas Attorney General Greg Abbott laid out his plans, naming among his concerns government surveillance, the selling of citizens’ data without consent, red-light cameras and also proposed creating a “personal property right for your DNA,” reports the Texas Tribune.
Wisconsin Moves Along Social Media Privacy, “Revenge Porn” Bills
The Wisconsin Senate passed a bill to prohibit employers, colleges and landlords from asking for applicants’ login information to online accounts. The Milwaukee Journal Sentinel reports that a spokesman for the Governor said the Governor plans to sign the bill.
The house also passed a bill to outlaw “revenge porn” which would make it “a misdemeanor to reproduce or distribute photos or video of someone who is nude or engaged in sexually explicit behavior without that person's consent.” Wisconsin would be the third state to pass such a law if it goes through. The bill now heads to the Senate.
House Passes Asbestos Bankruptcy Trust Act
The U.S. House of Representatives has passed the Furthering Asbestos Claim Transparency (FACT) Act of 2013 which would require asbestos trusts to publish the names of claimants along with the nature of their claim, reports Forbes. This measure is an attempt to stop false claims and claimants inappropriately filing claims at multiple trusts. Opponents of the act say publishing claimants’ names violates their privacy and are pushing for the disclosure of only the last four digits of claimants’ Social Security numbers.
Ohio Looks at Drone Privacy Bill
Rep. Rex Damschroder (R-Fremont) has introduced H.B. 207 to the general assembly of Ohio in an “attempt to preserve personal freedom and privacy ahead of the industry,” reports Springfield News-Sun. The bill would require law enforcement to obtain a warrant before using drones in most cases. Similar legislation has passed in Florida and Illinois, according to Damschroder. One law-enforcement representative noted that if the bill became law, “You, as a private citizen … could use a drone with a camera on it. Law enforcement could not, and it seems like it’s a double standard the wrong way.”
FTC Denies Company's Consent Method
The Federal Trade Commission (FTC) has denied AssertID’s application seeking approval of a parental consent method. The FTC said in a letter to the company that its proposal “failed to provide sufficient evidence that its method would meet the requirements” under the Children’s Online Privacy Protection Act. The company hoped to use a method called “social-graph verification,” but the FTC said in a 4-0 vote there hadn’t yet been sufficient research or testing to prove its efficacy.
Judge: Peer-to-Peer Data Isn't Protected Under Fourth Amendment
A federal judge in Vermont has ruled there can be no expectation of privacy when it comes to data exposed online via a peer-to-peer file-sharing network, Computerworld reports. The case involved three men charged with a crime who claimed the police illegally gathered data from their computers using a peer-to-peer search tool and then obtained a search warrant based on that data. The defendants asked the judge to suppress the evidence based on a violation of their Fourth Amendment rights, but District Court Judge Christina Reiss denied the motion, stating the defendants made the data public when they posted it over a peer-to-peer network. Other courts have ruled similarly where peer-to-peer networks are involved.
Is California Transparency Law Still Effective 10 Years Later?
The American Civil Liberties Union of Northern California (ACLU) has published a policy paper looking at the state’s Shine the Light law of 2003. The paper looks at whether the law, now 10 years old, is still effective in providing transparency about how businesses handle personal data. “From revelations of widespread NSA spying to high-profile data breaches, the need to know what is happening to our personal information is more important than ever,” the ACLU said.
"Ban-the-Box" Laws on the Rise; Not Everyone's Happy About It
Phil Gordon of Littler Mendelson writes about the current legislative trend toward banning employers from asking applicants to answer the question “Have you ever been convicted of a crime?” on applications. These “ban-the-box” laws “prohibit employers from inquiring into criminal history in the job application,” but they also “create a complex, legislative patchwork” due to variations on the allowed timing for asking whether an applicant has committed a crime—especially for organizations operating in multiple states. Gordon offers tips on how organizations can mitigate risk and reduce liability, as well as exploring the reason for the trend in this Privacy Tracker post. Meanwhile, Texas’ attorney general has sought an injunctive and declaratory relief against the Equal Employment Opportunity Commission mainly over its “prohibition against blanket ‘no felons’ hiring policies.” (IAPP member login required.)
Plaintiffs: VPPA Case Should Proceed, Even With Lack of Financial Harm
Hulu users involved in a potential class-action lawsuit are urging a federal judge to allow the case to proceed, MediaPost reports. The Hulu users have asked U.S. District Court Judge Laurel Beeler to reject Hulu’s motion to be awarded summary judgment in the case, saying that the case should proceed even if they do not prove financial harm. The class members claim Hulu violated the Video Privacy Protection Act (VPPA) by allegedly sharing user data with Facebook and comScore, but Hulu claims that consumers were not financially harmed in the case. The consumers argued, “A violation of the VPPA simply does not require a threshold showing of pecuniary damages.”
Parents To Sue NY Education Dept.
A group of New York City parents is planning to file suit “to block the state Education Department from sharing their kids’ data—including test scores and discipline records—with private companies,” NYDailyNews.com reports. The suit, which is to be filed in New York Supreme Court, comes in response to “the controversial $100 million inBloom project being built by the company Amplify,” the report states, noting the parents allege the project “violates the state’s Personal Privacy Protection Law, forbidding state agencies from giving personal info to companies without consent, unless state law specifically requires the agencies to do so.” The suit follows concerns about inBloom raised in other states.
Opinion: A Stronger Cali "Eraser" Law Wouldn't Work
Privacy expert Woodrow Hartzog writes in New Scientist that California’s recently enacted bill, SB-568, which some call the Internet “eraser” law, is not flawed and that a more robust eraser mandate would be “disastrous” and violate free speech. “While the critics correctly identify the unclear language in the statute,” he writes, “they miss the point when they say it will be ineffective because it won’t remove truly harmful ‘viral’ information that gets widely shared on the Internet,” adding, “What they fail to realize is that the modest protection offered by this eraser law is not a defect, it’s a feature.”
Cavoukian: Bill C-551 Worthy of Consideration, Passage
IT World Canada reports on the newly introduced Act to Establish the National Security Committee of Parliamentarians and Ontario Information and Privacy Commissioner Ann Cavoukian’s comments that she is “heartened” by Bill C-551. The bill was introduced in the House of Commons by MP Wayne Easter last week. “While the bill may not give committee members sufficient authority to peer behind the veil of secrecy surrounding national security powers and programs,” she writes, “I see Mr. Easter's bill as a proposal worthy of consideration, debate and ultimately passing into law.”
Canadian Supreme Court: Warrants Needed To Search Computers, Mobile Phones
The Supreme Court has issued a unanimous decision in R. v. Vu that recognizes “important privacy interests in information stored in a computer or mobile phone,” Mondaq reports. In its decision, the court determined “specific, prior judicial authorization is required to search the contents of those devices when executing a search warrant for a premises,” the report states. Noting it “is difficult to imagine a more intrusive invasion of privacy than the search of a personal or home computer,” the court writes that it does “distinguish, for the purposes of prior authorization, the computers from the cellular telephone in issue here.” (Registration may be required to access this story.)
Garante, DIS Enter Cooperative Protocol
The Garante, Italy’s data protection authority, and DIS, the country’s intelligence department, have entered into a cooperation protocol. “This is an extraordinary agreement entered into by very key sensitive functions of the Italian State and a great signal of transparency for the world in reply to all worrying news on Datagate we daily read on newspapers or on the Internet,” writes Panetta & Associati Managing Partner Rocco Panetta in this Global Privacy Dispatch for The Privacy Advisor. “At the same time this is a proof of evidence that a different model of cooperation on the ground of the intelligence services is possible. Citizens have to believe that another world is possible and their rights might be protected together with their security and safety.”
Right To Be Forgotten Remains "Hot Topic"
Mondaq examines the “hot topic” of the right to be forgotten “in the context of imminent EU Data Protection Reform.” The report looks at the right in the context data subjects’ ability through a "right of erasure" to ask data controllers to “delete any personal data relating to them and ensure there is no further dissemination of such data.” This is potentially problematic for companies, the report states, highlighting one recent court case that “has the potential to open the floodgates and set a precedent to justify further requests by others objecting to videos posted about them on social media.” (Registration may be required to access this story.)
Brazil Calls for End to "Excessive Electronic Surveillance"
Following the country’s outrage over the U.S. National Security Agency’s (NSA) spying scandal and calls for new legislation, Brazil has put forth a resolution calling for an end to excessive electronic surveillance, BBC News reports. Brazilian President Dilma Rousseff, who canceled a trip to Washington, DC, following reports that the NSA had intercepted data from her office, said the U.S. has broken international law. "Friendly governments and societies that seek to build a true strategic partnership, as in our case, cannot allow recurring illegal actions to take place as if they were normal," Rousseff said. "They are unacceptable.”
New Zealand Privacy Bill Defeated
3News NZ reports on the defeat of a bill “that would have given the privacy commissioner much wider powers” by a vote of 61 to 59 on its first reading in Parliament this week. Labour MP Sue Moroney drafted the Privacy (Giving Privacy Commissioner Necessary Tools) Bill to allow the commissioner “to undertake investigations, issue compliance notices and demand privacy audits across the public and private sectors.” The government opposed the bill, the report states.
Hong Kong Privacy Law Amendments Affect Insurers
South China Morning Post reports on the impact of amendments to Hong Kong’s privacy law on insurance companies. The changes “may have made it harder for insurers to sell products by cold calling potential customers, and has cut down sales in the second quarter,” the report states. “But it has not entirely shut the door on such a sales channel.” As amended, the Personal Data (Privacy) Ordinance “forces companies to determine in advance whether their customers object to the use of their personal data for direct marketing purposes,” and, one insurer comments, "Previously, many insurers linked up with banks and used the banks' data to cold call their customers. This practice is now banned under the amended privacy law."