1. California Ups the Ante on Consumer Data Protection

    While several states – and the federal government – consider strengthening legislation to protect consumers against data breaches, identity theft, and other privacy violations, California is taking action.

    Earlier this month, California Attorney General Kamala Harris created a new “Privacy Enforcement and Protection Unit.” From law firm Morrison & Foerster:

    “The Privacy Enforcement and Protection Unit will be organized under the state’s new eCrime Unit, which was formed in August, 2011 and will centralize a number of existing California Justice Department programs intended to enforce privacy laws, combat identity theft, educate consumers, and create partnerships with private industry under one umbrella.”

    Three takeaways: 

    1. The new agency has a very broad mandate:

    “The Privacy Unit will enforce laws regulating the collection, retention, disclosure, and destruction of private or sensitive information by individuals, organizations, and the government. In addition to online privacy regulation, the Privacy Unit will investigate data breaches, identity theft, and violations of offline health, financial, and government privacy regulations.” (California Steps Up Privacy Efforts with New Privacy Enforcement and Protection Unit by Wilson Sonsini Goodrich & Rosati) 

    2. This is only the beginning:

    “Harris has made online privacy protection a major focus of her administration, and the creation of the new Privacy Enforcement and Protection and eCrime Units are just two of her initiatives aimed at fighting online crime and protecting consumer privacy.” (California Attorney General Creates Privacy Enforcement and Protection Unit; Increased Enforcement Likely by Morrison & Foerster LLP) 

    3. Penalties can be severe for businesses that violate consumer privacy:

    “With the Privacy Unit in place, actions enforcing California’s data privacy regulations, which are among the strictest in the nation, are certain to increase…  ‘The Privacy Unit,’ according to Attorney General Harris, ‘will police the privacy practices of individuals and organizations to hold accountable those who misuse technology to invade the privacy of others.’  Based on prior comments from Harris, such enforcement may include prosecutions under California’s Unfair Competition Law  and/or False Advertising Law, which imposes penalties of up to $500,000.” (Law & Order PEPU: California’s new Privacy Enforcement and Protection Unit by Mintz Levin) 

    —- 

    See also:

     California Attorney General Creates a New Privacy Protection Unit – Proskauer 

    —-

    Additional privacy law updates:

    Cops Can Read Your Text Messages Without a Warrant - Lawyers.com 

    Access Denied: Public Agencies and the Release of Public Records - Dinsmore & Shohl LLP 

    STAR Test Results Delayed Due To Security Breach - Kronick, Moskovitz, Tiedemann & Girard 

    MAC and IP Addresses: Personal Information? - Fraser Milner Casgrain LLP 

    Senate Republicans Introduce a New Data Privacy Bill: Data Security and Breach Notification Act of 2012 - White & Case LLP 

    EPIC Demands Evidence of TSA Body Scanner Rulemaking - Electronic Privacy Information Center 

    From the Data Protection and Privacy Conference: Words of Advice from the Federal Trade Commission - Mintz Levin 

    EPIC Recommends Protections for Use of Commercial Facial Recognition Technology - Electronic Privacy Information Center 

    First Circuit Holds Bank May Be Liable For Customer Losses from Cyber Attacks - BuckleySandler LLP 

    EPIC Calls on FCC to Require Mobile Phone Carriers to Protect Privacy - Electronic Privacy Information Center 

    NIST Proposes Update To Mobile Device Security Guidelines - BuckleySandler LLP 

    Connecticut Amends Data Breach Notification Statute - Scott & Scott, LLP 

    EPIC Objects to Facebook Settlement, Cites Failure to Benefit Class Members - Electronic Privacy Information Center 

    Police Accessing Private Cell Phone Data at a Stunning Rate - Lawyers.com 

    EPIC Urges FTC to Develop Meaningful Privacy Protections for Mobile Services - Electronic Privacy Information Center 

    Preventing Or Responding To Data Security Breaches: Is Your Information Safe? - McNees Wallace & Nurick LLC 

    Connecticut and Vermont Security Breach Amendments Demonstrate a Growing Trend: AG Notice Requirements - Morrison & Foerster LLP 

    You Are Not Safe Online! - Lawyers.com 

    —- 

    Follow @Privacy_Law on Twitter»

Notes

  1. law-news posted this