Digital Media and Data Privacy Law Blog

You may have noticed our law firm’s website recently posted a notice announcing a change to our website’s privacy policy.  You may have seen other website publishers do something similar from time to time, as well. Do you wonder why?

Announcing a change to your website privacy policy is important for at least two reasons.

First, if your privacy policy tells the public that you will announce changes, then you need to announce changes. After all, your company’s privacy policy is a contract between your company and users of the website. You need to live up to the promises made in the ... Read More 

We’ve discussed the importance of privacy assessments here in the past. It is a frustrating realization, indeed, when a company discovers a data breach involving data that it never needed or even knew it kept. 

A proactive company-wide privacy assessment allows your business to carefully evaluate on its own timeline (rather than in the panic of breach response) the company’s data collection, sharing, storage, and security practices.  Vulnerabilities can be identified and addressed, and “stale” privacy and security policies can be updated to reflect current practices.Read More 

If you thought all the action in privacy regulation centered around the Federal Trade Commission, the Federal Communications Commission would like you to think again. Yesterday, April 28, the FCC held a 3-plus hour workshop that started the regulatory “conversation” on the manner in which the FCC can or should regulate consumer broadband privacy.

Chairman Wheeler kicked off the event with opening remarks that included this unequivocal statement: “Privacy is unassailable.” He also said that “changes in technology do not affect our values.” From these words ... Read More 

“BYOD” or “bring your own device” (also known as the “consumerization of IT”) is a fact of life in today’s workplace. BYOD refers to the practice of using personally owned devices—like smartphones, tablets, and laptops—for work purposes and allowing these devices to connect to company networks and applications. According to a Gartner study released in late 2014, 40% of U.S. employees working for large companies use personally owned devices for work purposes. Of those who reported using personally owned devices, only 25% were required by their employers ... Read More 

Last week, we posted about the Consumer Privacy Bill of Rights “discussion draft” released by the Obama Administration. On Thursday, March 5, at the annual U.S. meeting of the International Association of Privacy Professionals (which I attended), FTC Commissioner Julie Brill answered questions about her take on the bill and other policy issues. Here are just a few comments from that discussion that merit a follow-up post:

• Commissioner Brill stated in no uncertain terms that the draft bill is not protective enough of consumers. At various times, she said there are ...

Late last week, President Obama released a “discussion draft” of the Administration’s long awaited Consumer Privacy Bill of Rights Act.  At first blush, the results are a mixed bag:  some good, some not so good, much work among stakeholders left to be done.

It didn’t take long for consumer advocates, and even one FTC Commissioner, to say the draft legislation doesn’t go far enough.  The Internet has been rife with posts this week about the bill’s problems and shortcomings.  In summary, for most, the bill landed like a lead balloon.

Still, the Administration released the bill as ... Read More