TRUSTe presented a webinar on Managing Customer Data From The EU: Are You Compliant? The panelists were: Maureen Cooney, CPO and VP of Public Policy, TRUSTe Damon Greer, Director, US-EU Safe Harbor Framework, US Department of Commerce, International Trade Administration Heather Shaw, Vice President, ICT Policy, US Council for International Business Dean Forbes, CIPP, Sr. … Read more »
Category: Privacy
Zip Codes Are Not Personal Identification Information Under California Law
In Party City Corp. v. The Superior Court of San Diego County, the California Court of Appeal in the Fourth Appellate District held that zip codes are not “personal identification information” under California’s Song-Beverly Credit Card Act of 1971, California Civil Code Sec. 1747.08. Information “concerning the cardholder” is protected pursuant to the purposes of … Read more »
FSA Berates Compliance Officers in Crackdown on Data Security Breaches
Joanne Wallen of Complinet writes about the reaction of the U.K.’s Financial Service Authority: FSA Berates Compliance Officers in Crackdown on Data Security Breaches (.pdf). The FSA focused on compliance officers for not putting enough focus on data security. Examples of good practice at firms that the FSA visited included encrypting laptops and using secure … Read more »
Morrison and Foerster Privacy Library
Morrison & Foerster has put together a Privacy Library with links to the relevant statutes and regulations. The library include each sate in the U.S., along with other countries and multilateral organizations. The firm has also launched Summit Privacy, a subscription service that provides a searchable privacy database of global privacy laws. Read more »
Six States Now Require Social Security Number Protection Policies
Miriam Wugmeister, Nathan D. Taylor of Morrison & Foerester wrote the December Privacy and Data Security Update: Six States Now Require Social Security Number Protection Policies. Connecticut – Ct. H.B. 5658. Massachusetts – 201 Mass. Code Regs. §§ 17.01 – 17.04. Michigan – Mich. Comp. Laws § 445.84. New Mexico – N.M. Stat. §§ 57-12B-2 … Read more »
Data Privacy Roundtable
Deloitte hosted an executive roundtable on Massachusetts Data Protection. The room was packed full of us trying to figure what to do with these regulations. Mark Schreiber of Edwards Angell Palmer & Dodge kicked things off with a look at the history of the regulation and the regulators view of the regulations. The regulators acknowledge … Read more »
Public Hearing on Massachusetts Data Privacy Regulations
The Massachusetts Office of Consumer Affairs and Business has published a Notice of Public Hearing on 201 CMR 17.00, Standards for the Protection of Personal Information of Residents of the Commonwealth. (.pdf) The hearing is on Friday, January 16, 2009 at 2:00 pm in Room No. 5-6, Second Floor of the Transportation Building, 10 Park … Read more »
Additional Time to Comply with Identity Theft Prevention Regulations
The Massachusetts Department of Consumer Affairs and Business Regulation have extended the deadline for compliance with 201 CMR 17.00: Business Community Given Additional Time to Comply with Identity Theft Prevention Regulations. The regulations were orginally set to take effect on January 1, 2009. That deadline has been extended to May 1, 2009. The deadlines for … Read more »
New Data Security Regulations Have Sweeping Implications For Massachusetts Businesses
A white paper written by Joe Laferrera of Gesmer Updegrove LLP New Data Security Regulations Have Sweeping Implications For Massachusetts Businesses (.pdf) provides a great analysis of the new Massachusetts Data Privacy Regulations, their impact and how to deal with them. These are my prior posts on the new Massachusetts Data Privacy Regulations: Computer System … Read more »
Computer System Requirements for New Massachusetts Privacy Regulations
As discussed in earlier alerts (Additional Guidance on the Massachusetts Privacy Regulations, Privacy and Security Alert: Massachusetts Has New Data Security Regulations and New Massachusetts Privacy Laws), starting on January 1, 2009, businesses will be held to a higher standard regarding the protection of Massachusetts residents’ personal information. The regulations set out in detail the … Read more »