Recent Articles

European Mobile Operators Agree To Mobile App Privacy Guidelines

February 29, 2012 17:20

By:  Chanley Howell Fresh on the heels of a similar agreement by US app platform providers, Europe’s major mobile operators have agreed to implementing guidelines for the development and privacy of mobile apps. The GSM Association published the guidelines which have been agreed to by...  

NIST Issues Draft Computer Security Breach Incident Handling Guide

February 27, 2012 18:02

By:  Chanley T. Howell The National Institute of Standards and Technology (NIST) has published for public comment a draft update to a guide for organizations managing their responses to computer security incidents such as hacking attacks. The Guide notes that computer security incident response...

Tech Giants Agree to Require App Developers to Post Privacy Policies

February 24, 2012 17:00

By:  Megan E. O’Sullivan             On February 22, 2012, California’s Office of the Attorney General announced that Amazon, Apple, Google, Hewlett Packard, Microsoft and Research in Motion (the “Companies”) have all agreed to require their application (“app”) developers to post...

California Businesses Targeted For Inadequate Website Privacy Disclosures

February 22, 2012 23:35

By:  Chanley T. Howell It may be form over substance, but sometimes form counts. California’s “Shine The Light” law (Cal. Civ. Code. §1798.83) requires businesses that collect California residents’ personal information and share it for marketing purposes to disclose to the...

FTC Disappointed with Privacy on Kids’ Mobile Apps

February 16, 2012 23:33

By Ariel Fox Johnson and Chanley Howell Today, the FTC staff released a Report [http://www.ftc.gov/os/2012/02/120216mobile_apps_kids.pdf] which raised concerns about the privacy polices and practices of mobile apps for children. The Report contains the results of a survey the FTC staff conducted...

NIST Issues Privacy and Security Guidelines for Cloud Computing

January 27, 2012 16:45

The National Institute of Standards and Technology recently issued its Guidelines on Security in Privacy in Public Cloud (SP 800-144). The Guidelines can be found at http://www.nist.gov/customcf/get_pdf.cfm?pub_id=909494 They stress the importance of user responsibility in practicing sound...

European Commission Releases Much Anticipated Data Protection Regulation: Questions Remain About What Will Finally Be Implemented

January 25, 2012 22:38

On January 25th, the European Commission published a proposal for a new data protection regulation to replace the 1995 Data Protection Directive. The 1995 Directive has come under considerable criticism due largely to the significant variation in implementation by the 27 EU member states. While...

The Business Implications of the U.S. v Jones CPS Tracking Decision

January 24, 2012 17:43

On Monday, January 23, 2012, the US Supreme Court ruled that law enforcement violated the Fourth Amendment by attaching a GPS tracking device to a suspect’s car in connection with a drug investigation. We provide a brief summary of the decision followed by our views on the implications of...

The Consumer Financial Protection Bureau: A New Financial Privacy Regulator Emerges (and Not Without Controversy)

Timothy S. Crisp
January 20, 2012 16:53

The federal Consumer Financial Protection Bureau (the Bureau) was created by 2010’s massive Dodd-Frank Wall Street Reform and Consumer Protection Act (the Dodd-Frank Act) and officially “opened for business”—at least in part—on July 21, 2011. Now, the new federal Consumer Financial...

Online Behavioral Advertising: European and American Approaches

January 11, 2012 23:37

By Peter McLaughlin and Megan O’Sullivan On December 8, 2011, the European Union’s Article 29 Working Party issued Working Paper 188 entitled “Opinion 16/2011 on EASA/IAB Best Practice Recommendation on Online Behavioural Advertising” (“WP 188”). WP 188 addresses the online...