(May 28, 2015) “Privacy law in the U.S. is weaker than in most places,” writes the Center for Democracy & Technology’s Justin Brookman, adding, “but hey, at least we’ve got Section 5.” Though it’s based on a law now 100 years old, he notes, it also acts as a baseline, of sorts, preventing consumer deception. “Recently, however,” Brookman writes, “even this weak standard has been called into question—by two sitting commissioners of the FTC, no less. Commissioners Maureen Ohlhausen and Joshua Wright have both indicated that the FTC shouldn’t bring deceptive practices cases against companies absent some objective assessment of consumer harm.” Brookman examines this recent development and describes why such an argument is “an extremely dangerous idea” in this post for Privacy Perspectives. Read More

Daily Dashboard

Salary Survey Released at Symposium

(May 28, 2015) In conjunction with the IAPP Canada Privacy Symposium, the IAPP is releasing the first regional breakout of its biennial Privacy Professionals Salary Survey. The report offers insight from about 200 Canadian privacy professionals on salary levels according to variables such as privacy experience, certifications, industry, size of organization, gender and more. The survey finds that the median salary for Canadian privacy professionals is $74,005, with the software and services industry topping the scales at $88,648. Also, take a look at data on recent raises and bonuses received and the differences in salaries related to position and acquiring a certification. (IAPP member login required.) Read More

Canada Dashboard Digest, Daily Dashboard

ECJ Ruling Could Invalidate Safe Harbor

(May 28, 2015) On March 24, the European Court of Justice (ECJ) examined a key question concerning the future of transborder data flows between the U.S. and Europe. Jan Dhont and Alyssa Cervantes report in this exclusive for The Privacy Advisor that the outcome of this case could have wide-ranging ramifications for anyone who transfers data from the EU to the U.S. through the Safe Harbor agreement because the ECJ could rule in one of three ways—including invalidating Safe Harbor. They suggest “businesses should explore other adequacy mechanisms to transfer their data between the EU and U.S." Read More

Daily Dashboard, Europe Data Protection Digest

How Google Now Avoids “Creepy,” Apple Aims To Compete

(May 28, 2015) Fast Company profiles Google’s director of product management, Aparna Chennapragada, who spearheads Google Now, which gives users real-time information when they need it. On making sure such data is helpful to users and not creepy, Chennapragada says the company has been clear about making sure that the user is in control. “All of this is an opt-in feature,” she said. Meanwhile, Apple is working on plans to expand its real-time information feature, Siri, to compete with Google Now, and a student... Read More

Daily Dashboard

FCC’s Pai Criticizes Privacy Guidance

(May 28, 2015) Federal Communications Commissioner Ajit Pai has criticized his agency’s move to classify Internet service providers under Title II, saying it was a “risky reversal of course” and has said the FCC’s recent guidance on broadband privacy generated more confusion than clarity, Broadcasting & Cable reports. Citing the guidance’s statements that “the Enforcement Bureau intends to focus on whether broadband providers are taking reasonable, good-faith steps to comply … rather than focusing on techn... Read More

Daily Dashboard

NIST Putting Finishing Touches on Privacy Framework

(May 28, 2015) The National Institute for Standards and Technology (NIST) is set to finalize an interagency report that will provide guidance for federal agencies on assessing and mitigating digital privacy risks, Fierce Government IT reports. “Cybersecurity has come a long way in the last 10 years,” said NIST’s Sean Brooks, while “privacy has really lagged behind.” Brooks added that the framework aims to guide privacy initiatives from compliance to engineering and development staff “and even up to executive s... Read More

Daily Dashboard

Yahoo Loses Bid To Block Class-Action Suit

(May 28, 2015) Yahoo has lost a bid to block a lawsuit filed on behalf of millions of Internet users that alleges wiretapping violations in the company’s scanning of email, BloombergBusiness reports. U.S. District Judge Lucy Koh has granted class-action status to nonsubscribers of the email service “who claim the company mines data from their messaging for advertising purposes,” the report states. Last year, Koh refused to let a similar complaint against Google advance as a class-action. In the Yahoo case, Koh said the plaintiffs established a “real and immediate threat of repeated injury.” Yahoo has not commented on the ruling. Read More

Daily Dashboard

Finance Committee Want Answers on IRS Hack

(May 28, 2015) Lawmakers are increasing their scrutiny of computer security at the Internal Revenue Service (IRS) after a data breach that affected at least 100,000, The Wall Street Journal reports. Sen. Orrin Hatch (R-UT) on Wednesday asked for a briefing from the IRS on the breach. The Senate Finance Committee said Wednesday it will hold a hearing on the breach next week. “Taxpayers deserve to know what happened at the IRS … and this hearing will be the first step of many that the committee takes to determin... Read More

Daily Dashboard

New Telecom Law Proposed; Authorities Take Skype to Court

(May 28, 2015) In Germany, telecommunications and Internet companies “could once again be forced to store customer traffic and location metadata for police investigation purposes, five years after a previous data retention law was declared unconstitutional,” PCWorld reports. Under a draft data retention law released Wednesday, providers would be required “to store call and Internet traffic metadata for a maximum of 10 weeks while location data would have to be stored for four weeks,” the report states, noting ... Read More

Daily Dashboard, Europe Data Protection Digest

License-Plate Scanners On the Rise

(May 28, 2015) NPR reports on the lingering questions surrounding license-plate scanners, which are now attached to traffic lights and police cars, among other places. While it’s hardly an invasion of privacy to scan a license plate, which is meant to be public, amidst millions of scans, patterns emerge, the report states. And while states are increasingly passing new restrictions on police use of license-plate data, private databases continue to grow and are largely unregulated. “Private companies don’t have the same responsibilities as government,” says Jennifer Lynch of the Electronic Frontier Foundation. And the fact that a private company collects the data doesn’t mean they can’t share it with the government, she says. Read More

Daily Dashboard