Clicky

Header graphic for print
InfoLawGroup privacy. security. technology. media. advertising. intellectual property.

Tag Archives: Segalis

Record Number of Data Breaches for New Yorkers in 2013

Posted in Privacy Law

Over the past eight years, the New York Attorney General’s office has been compiling statistics on data breaches pursuant to the state’s breach notification law.  Earlier this week, Attorney General Eric Schneiderman published a report titled, “Information Exposed: Historical Examination of Data Breaches in New York State,” which provides analysis and insight into how those… Continue Reading

Cybersecurity Effort Moves Forward – NIST Issues Final Critical Infrastructure Cybersecurity Framework

Posted in Uncategorized

Our Senior Counsel Mark Paulding assisted in the preparation of this post. There is little argument that the issue of information security has bipartisan support in Congress.  It has been some time since we have seen both parties come together for information governance legislation, but they did just that in December 2010, passing the Red… Continue Reading

White House Cyber Security Order Likely to Have Long-Term Impact on Critical Infrastructure Owners and Operators

Posted in Cybersecurity

On February 12, 2013, following Congress’ failure to enact cybersecurity legislation, the Administration issues an executive order — entitled “Improving Critical Infrastructure Cybersecurity” — that seeks to move forward the effort to comprehensively address the cybersecurity of the country’s critical assets. The White House observed that “the cyber threat to critical infrastructure continues to grow… Continue Reading

Illinois Second State to Enact Law Barring Employers from Obtaining Current or Prospective Employees’ Social Media Account Credentials

Posted in Privacy Law

By Boris Segalis and Nihar Shah. Earlier this week, following in the footsteps of Maryland, Illinois Governor Pat Quinn signed a law amending the state’s Right to Privacy in the Workplace Act to prohibit employers from asking current and prospective employees for their personal social media account credentials. The Maryland and Illinois legislation is a response to reports that circulated earlier this… Continue Reading

Congratulations Justine Gottshall, Jamie Rubin, and Boris Segalis

Posted in In The News

InfoLawGroup is very pleased to congratulate our partners Justine Gottshall and Jamie Rubin on their inclusion in the Chambers USA’s top ranking of Media & Entertainment: Transactional practices in Illinois. As noted in Chambers, Ms. Gottshall and Mr. Rubin represent major studios and retail companies involved in advertising, as well as publishers and other media companies. We are also thrilled to announce that our partner Boris Segalis has been selected to serve as one of the co-chairs of IAPP KnowledgeNet for New York City.

FTC Looks to Link Do-Not-Track, Big Data Privacy Concerns; Seeks Solutions

Posted in Data Privacy Law or Regulation

Nowadays, a news story on privacy is out of place if it doesn’t mention Do-Not-Track (known as “DNT”) or Big Data. While these hot topics represent key concerns for privacy professionals, advocates and regulators, there is no clear agreement on what they mean or how to address the privacy issues they raise. In this post, we consider recent developments on these topics, including how the Federal Trade Commission has sought to focus on and connect these new issues.
DNT or DNC
DNT is in the midst of a multi-faceted identity crisis, starting with a disagreement over the definition of DNT. Self-regulatory organizations and the advertising industry assert that DNT stands for “Do Not Target,” referring to the use of consumer data for the purposes of targeted advertising. The FTC, buoyed by privacy advocates, appears to take the view that DNT means not only “Do Not Target” but also “Do Not Collect” (DNC). FTC Commissioner Brill elaborated at the 2012 IAPP Summit that she doesn’t view the current DNT efforts as entirely sufficient because the choice DNT offers does not give consumers appropriate protection against what Brill characterized as “limitless, unmitigated” data collection. But Brill does not argue for wholesale implementation of DNC, and has indicated that the details of the implementation of DNT/DNC will continue to remain a key focus for the FTC.

EPIC Alleges Epic FTC Fail In Google Saga; We Review the Complaint

Posted in Enforcement

On February 8, 2012, the Electronic Privacy Information Center (EPIC) asked the Federal District Court for the District of Columbia to compel the Federal Trade Commission (FTC) to enforce the terms of the agency’s Google Buzz privacy settlement with Google. EPIC seeks to compel the FTC to stop Google’s planned consolidation of user data from across the company’s services into a single profile for each user under a single privacy policy. EPIC has alleged that the proposed changes and the way Google seeks to implement the changes violate the Google Buzz consent order. The District Court will hear the case before March 1, 2012.
In this post, we discuss the highlights of EPIC’s complaint, Google’s response and lessons learned.

FTC Takes on Super Cookies

Posted in Enforcement

On November 8, 2011, the Federal Trade Commission announced that an online advertiser, ScanScout, agreed to settle FTC charges that it deceptively used "Flash" cookies (also known as super cookies) to track consumers online. As explained by Wired, unlike traditional browser cookies, Flash cookies are not controlled by privacy controls in a Web browser. That… Continue Reading

NLRB Holds “Facebook” Firing Justified on Alternative Grounds, but Finds Policy Unlawful

Posted in Enforcement, Workplace Privacy

As we have discussed on our blog, the National Labor Relations Board (NLRB) has continued a campaign of enforcement actions against employers who, according to the NLRB, have unlawfully terminated employees for discussing working conditions on social media. As we reported, in the first of such “Facebook” enforcement actions to come before an NLRB administrative judge, the employer was ordered to reinstate five employees and to pay back their wages.
On September 28, 2011, in the second “Facebook” case to reach an NLRB administrative judge, an employer was found to have been justified in terminating an employee car salesman for Facebook postings that mocked the employer and did not concern working conditions

Russia Data Protection Enforcement Update – Administrative Charges Follow Breach

Posted in Enforcement

It is being reported that Moscow prosecutors conducted an investigation into whether several websites that were involved in data breaches earlier this year violated the country’s data protection law. As a result of the breaches, names, contact information and order histories of Internet magazine subscribers (including adult-themed publications) became available on Internet search engines, including Russian-language Yandex. Without naming the websites, the report states that the prosecutors have filed administrative charges against two Internet magazines as a result of the investigation.

Federal Information Security and Breach Notification Law Approved by House Trade Subcommittee

Posted in Data Privacy Law or Regulation, Information Security, Privacy Law

On July 20, 2011, the U.S. House of Representatives Energy and Commerce Committee’s Trade Subcommittee approved the Secure and Fortify Electronic Data Act (the “SAFE Data Act”). The Act would require any business that maintains personal information to implement an information security program and notify affected individuals in the event of an information security breach. The SAFE Data Act would preempt the over 45 existing state information security and breach notification laws and task the Federal Trade Commission with developing information security rules implementing the Act.

Russia Amends Federal Data Protection Law; Privacy Enforcement on the Rise

Posted in Information Security, International

Last week, the upper house of Russia’s federal legislature approved amendments to the country’s federal data protection law. The amendments impose detailed information security requirements on businesses that process personal data and revise some of the statute’s data subject consent provisions.The amended law will come into force when it is published in the official newsletter.

NLRB Social Media Enforcement Article in LawyersUSA Quotes Partner Boris Segalis

Posted in In The News

The LawyersUSA article discusses the recent enforcement actions the National Labor Relations board has taken to assert and protect employees’ right to discuss working conditions, including through social media. The article also suggests steps employers may take to navigate the evolving legal landscape. Please visit the InfoLawGroup blog for more on NLRB privacy enforcement. 

FCRA Violations Result in $1.8 Million FTC Penalty

Posted in Enforcement

The Federal Trade Commission announced today that Teletrack, Inc. has agreed to pay $1.8 million to settle charges that the company sold credit reports for marketing purposes, in violation of the Fair Credit Reporting Act (FCRA). According to the FTC’s complaint, Teletrack sells credit reports and other services to businesses that mainly serve financially distressed consumers. Teletrack’s business customers include pay day lenders, rental purchase stores and non-prime rate auto lenders. These businesses use Teletrack’s credit reports to decide whether and on what terms to extend credit to their customers.

InfoLawGroup Speaks with Fox Live about Mobile Privacy

Posted in Data Privacy Law or Regulation

On May 10, 2011, the Senate Subcommittee on Privacy, Technology and the Law held a hearing on mobile privacy. We covered the hearing in detail on our blog. Yesterday, InfoLawGroup partner Boris Segalis spoke with Fox Live’s Tracy Byrnes about the balance between business and consumer interests that mobile privacy implicates.
The clip from the interview is available on Fox at http://video.foxnews.com/v/4689248/the-congressional-mobile-privacy-hearing/?playlist_id=86861

FTC Privacy Enforcement Update: Two Companies Allegedly Failed to Protect Sensitive Employee Data

Posted in Enforcement

On May 3, 2011, the Federal Trade Commission announced that Ceridian Corporation and Lookout Services, Inc. agreed to settle the FTC’s allegations that the companies failed to safeguard their business customers’ employee personal information. Ceridian’s services include payroll processing, payroll-related tax filing, benefits administration and other human resource services for business customers. Lookout provides a web-based computer product that is designed to help employers comply with their obligations under federal law to complete and maintain a U.S. Citizenship and Immigration Services Form I-9 about each employee in order to verify that the employee is eligible to work in the United States.

Support for Privacy Legislation Survives Change of Power in Congress; Privacy Legislation May Advance

Posted in Data Privacy Law or Regulation

Last week, Politico ran an interesting piece suggesting that federal privacy legislation may see the light of day in 2011. Democratic supporters of the legislation show no signs of slowing down. In the Senate, John Kerry (D-Mass.) is working on privacy legislation based on a bill he proposed last year. Senator Jay Rockefeller (D-W.Va.), Chairman of the Senate Commerce Committee, is planning to hold public hearings on Internet privacy starting in February. Of course the key to the success of federal privacy legislation lies in the House, and there Republicans have voiced support for a privacy bill as well. Rep. Cliff Stearns (R-Fla.), Chairman of the Subcommittee on Oversight and Investigations at the House Energy and Commerce Committee, has said that the privacy bill introduced last year by former representative Rick Boucher (D-Va.) could be revised and reintroduced with Republican support (Rep. Stearns co-sponsored the Boucher bill). This sentiment was echoed by Rep. Mary Bono Mack (R-Calif.), Chairwoman of the Subcommittee on Commerce, Manufacturing and Trade. According to Politico, Rep. Bono Mack informed her colleagues on the subcommittee that she remains committed to addressing privacy issues.