The European Court of Justice held that national data protection authorities must be independent – Commission v Hungary (case C-288/12)

European Court of Justice (“ECJ”) held that Data Protection Directive 95/46/EC requires national supervisory authorities for the protection of personal data to operate with complete independence in the exercise of their duties. Hungary failed to fulfill such obligations by prematurely ending the term served by its national supervisory authority. Mr. András Jóri had been appointed […]

Tags: ,

Federal Trade Commission v. Wyndham Worldwide Corporation, U.S. District Court for the District of New Jersey, case no. 13-cv-1887

On April 7, 2014, the District Court held that the Federal Trade Commission (“FTC”) has authority to bring an unfair trade practice claim involving data security without formally issuing regulations before bringing such claim. Defendants used a computer system that handled reservations and payment card transactions while storing consumers’ personal information, “including names, addresses, email […]

Tags: ,

Italian Highest Court Held Internet Hosting Providers Have no Duty of Surveillance under Privacy Law on Uploaded Material

On February 3, 2014 the Italian Court of Cassazione deposited the full text of the decision with which on December 17, 2013 it acquitted Google managers of the crime of unauthorized data processing (it was a case of cyber-bullyism).  The Court held that managers of an Internet hosting provider are not criminally responsible because the […]

Tags: ,

DC Court of Appeals struck down several FCC’s net neutrality provisions

On January 14, 2014, the U.S. Court of Appeals for the District of Columbia Circuit partially vacated Federal Communications Commission (FCC)’s rules imposing net neutrality obligations on broadband providers, while still affirming the Agency’s jurisdiction to promote broadband infrastructure investment and competition in an “open Internet”. A little background. There are four major participants in […]

Tags: ,

Autorità Garante della Privacy (Italian Data Protection Authority), Regulation no. 444 (October 10, 2013) on the processing of personal data through call centers located outside the EU

(Italian Official Gazette no. 266, November 13, 2013) The Italian Data Protection Authority issued detailed rules for the processing of personal data by call centers located outside the EU, which operate on behalf of Italian data controllers to provide customer care or for marketing purposes. According to Directive 95/46/EC the transfer of personal data to […]

Tags: ,

In re Google Inc. Cookie Placement Consumer Privacy Litig., 988 F. Supp. 2d 434, 2013 U.S. Dist. LEXIS 145727, 2013 WL 5582866 (D. Del. 2013)

On October 9, 2013, Delaware US District Court released a memorandum opinion dismissing charges against Google since plaintiffs did not demonstrate direct harm caused by the company’s actions. In this case, plaintiffs filed a consolidated amended complaint against Google and other companies providing internet services accusing them of having “tricked” their browsers into accepting unauthorized […]

Tags: ,

Google fined by FTC for by-passing Safari privacy

On November 20, 2012, the FTC bureau approved the proposed settlement according to which Google Inc. has agreed to pay $22.5 million civil penalty settling charges that it misrepresented privacy assurances to users of Apple Inc.’s Safari Internet browser. The settlement resolves allegations that Google made misrepresentations to Safari users about the placement of advertising […]

Tags: ,

In the Matter of Facebook, Inc., FTC File No. 092 3184 (Nov. 29, 2011)

The Federal Trade Commission (“FTC”) brought a complaint against Facebook, Inc for violation of the Federal Trade Commission Act, 15 U.S.C. § 45 et seq. According to the FTC, Facebook has collected extensive “profile information” about its users violating the FTC Act on eight separate counts of unfair or deceptive acts. Specifically, the FTC found […]

Tags: ,

Tyler v. Michaels Stores, 840 F.Supp.2d 438 (D.Mass. 2012)

Holding: zip codes “may well qualify” as personally identifiable information under the Massachusetts law controlling the treatment of PII in credit card transactions. Mass. Gen. Law ch. 93A § 105(a) (2012).   The complaint predicated an alleged violation of Section 105(a) which provides: “No person, firm, partnership, corporation or other business entity that accepts a […]

Tags: ,

European Court of Justice, Joined cases C-317/04 and C-318/04 – Opinion of Advocate General Léger

From the Opinion: “38.      The Community legislature also wished that the protective regime thus established should not be impaired when personal data leave Community territory. It became apparent that the international dimension of information flows  would render legislation that was effective only in that territory inadequate if not useless. The Community legislature therefore opted for a […]

Tags: ,

1 14 15 16