Posts tagged Safe Harbor

Boris Segalis, Buzz, Consent Order, Consumer Protection, data protection, data security, Federal Trade Commission, FTC, FTC Act, Google, Google settlement, InfoLawGroup, information law group, information security, personal information, privacy, privacy assessment, privacy by design, privacy enforcement, risk assessment, Safe Harbor, social media, social network

FTC Takes a Big Step in Privacy Enforcement with Google Buzz Settlement

By InfoLawGroup LLP on April 06, 2011

The Google Buzz settlement that the Federal Trade Commission announced on March 30, 2011 is the latest in the line of the Commission's numerous Section 5 actions related to privacy and data security violations. The Google Buzz settlement, however, is unique in several important ways. The settlement represents (i) the first FTC settlement order has requires a company to implement a comprehensive privacy program to protect the privacy of consumers' information, and (ii) the Commission's first substantive U.S.-EU Safe Harbor framework enforcement action. Let's dive in (make sure to read the "Action Item" at the conclusion of the post!).

Boris Segalis, cross-border, Dan Or-Hof, data protection, data transfer, EU Data Protection Directive, EU Directive, European Commission, ILITA, InfoLawGroup, information law group, Israel, model clauses, Privacy Protection Act, Safe Harbor, Yoram Hacohen

EU Confirms Adequacy of Data Protection in Israel, Simplifies Personal Data Transfers

By InfoLawGroup LLP on February 01, 2011

Dan Or-Hof, a privacy and technology partner at the Israeli law firm Pearl Cohen Zedek Latzer is reporting that the EU Commission published the much-anticipated announcement on the adequacy of data protection law in Israel. Published on January 31, 2011, the decision adopted by the Commission determines that Israel provides an adequate level of protection for personal data transferred from the EU, however only in relation to automated international data transfers and to automated processing of data in Israel.

Cloud, cloud computing, EU, EU Data Protection Directive, EU Directive, European Union, Germany, international data transfers, Safe Harbor, transborder data flows

European Reservations?

By W. Scott Blackmer on August 25, 2010

German state data protection authorities have recently criticized both cloud computing and the EU-US Safe Harbor Framework. From some of the reactions, you would think that both are in imminent danger of a European crackdown. That's not likely, but the comments reflect some concerns with recent trends in outsourcing and transborder data flows that multinationals would be well advised to address in their planning and operations.

Binding Corporate Rules, clauses, cloud computing, consent, contract, controller, EU, EU Data Protection Directive, EU Directive, European Union, offshoring, outsourcing, processor, Safe Harbor, sstandard, standard contractual clauses

Do the New EU Processing Clauses Apply to You?

By W. Scott Blackmer on June 10, 2010

A new set of EU standard contract clauses ("SCCs" or "model contracts") for processing European personal data abroad came into effect on May 15, 2010. Taken together with a recent opinion by the official EU "Article 29" working group on the concepts of "controller" and "processor" under the EU Data Protection Directive, this development suggests that it is time to review arrangements for business process outsourcing, software as a service (SaaS), cloud computing, and even interaffiliate support services, when they involve storing or processing personal data from Europe in the United States, India, and other common outsourcing locations.

final model privacy form, interagency, model form, model privacy notice, privacy notice, privacy rule, Safe Harbor

More Than Two Years Later, Federal Agencies Issue GLBA Final Model Privacy Form

By InfoLawGroup LLP on November 20, 2009

On Tuesday, the Office of the Comptroller of the Currency (OCC), the Federal Reserve System (Board), the Federal Deposit Insurance Corporation (FDIC), the Office of Thrift Supervision (OTS), the National Credit Union Administration (NCUA), the Federal Trade Commission (FTC), the Commodity Futures Trading Commission (CFTC), and the Securities and Exchange Commission (SEC) (the "Joint Agencies") issued the Final Model Privacy Form under the Gramm-Leach-Bliley Act (GLBA).

Binding Corporate Rules, breach notification, EU Data Protection Directive, Gramm-Leach-Bliley, HIPAA, model contracts, privacy, Safe Harbor

Legal Implications of Cloud Computing -- Part Two (Privacy and the Cloud)

By InfoLawGroup LLP on September 30, 2009

Last month we posted some basics on cloud computing designed to provide some context and identify the legal issues. What is the cloud? Why is everyone in the tech community talking about it? Why do we as lawyers even care? Dave provided a few things for our readers to think about -- privacy, security, e-discovery. Now let's dig a little deeper. I am going to start with privacy and cross-border data transfers. Is there privacy in the cloud? What are the privacy laws to keep in mind? What are an organization's compliance obligations? As with so many issues in the privacy space, the answer begins with one key principle -- location, location, location.