Tue, 14 Jun 2011 10:58:04 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert ac7c83f5-8b2e-4d9d-92a9-6812a6ee50b6 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/New-EU-Data-Breach-Notification Public communications providers (ISPs and telcos) in Europe will soon be required to inform their customers and national regulatory authorities about security breaches affecting their personal data. cb5104e9-fbdd-4f31-8fab-b4e0c508ad8a Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/European-Working-Party-Offers-Guidance-On-Discovery-For-1352179 Multinational companies with operations both in the U.S. and Europe are keenly aware of the conflict between European data protection laws and U.S. discovery requirements. Compliance with discovery rules are clear legal obligations for entities facing litigation in the U.S. However, the handling of European personal data to comply with these legal obligations may breach the national laws in Europe implementing the requirements of Data Protection Directive (95/46/EC) (the "Directive"). e715197e-cb02-45f0-b16b-6be86cfbd2ba Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/Massachusetts-Sets-the-New-Standard-But-Delays The Commonwealth of Massachusetts recently issued final regulations, implementing its security breach notification statute, that mandate privacy and security standards for all organizations that own, license, store or maintain personal information about Massachusetts residents. 86deb07a-ef66-4a76-a332-e314b13700da Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/FTC-Grants-Reprieve-Health-Care-Companies-Prepare-1352100 The Federal Trade Commission announced October 22, 2008 that it would delay enforcement of the new Red Flag Identity Theft Rules (rules that require organizations to spot and protect against the red flags that can be signs of potential identity theft), pushing the compliance deadline from November 1, 2008 to May 1, 2009. 484fe47c-80b8-4cae-9d51-186063ee9d00 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/ISP-s-And-Other-Providers-Of-Communications-Services In an opinion issued on July 18, 2007, the Advocate General of the European Court of Justice (ECJ) took the position that the European data protection directives do not allow for a direct disclosure of personal data of copyright infringers to copyright holders willing to start civil infringement proceedings. 5268daa3-0368-4028-86b6-3b0d1dd935d7 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/Alert-for-Clients-Engaged-In-Retail-or-E-Commerce-Credit We are writing to alert you to a new wave of class action cases that several plaintiffs' law firms have initiated against numerous companies. The class actions allege violations of the Fair and Accurate Credit Transaction Act (“FACTA”), a statute which amended the Fair Credit Reporting Act (“FCRA”). 6dac85f7-190f-4d0b-8ea4-e66d99a9744a Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/EU-Data-Protection-Authorities-Finds-Transfer-of-Financial On November 22, 2006, the European Privacy Watchdog, known as the EU Working Party, issued a lengthy Opinion on the transfer of personal data to the US Department of Treasury ("Treasury") by SWIFT. c76b38fa-564e-44da-86c2-b0ac5179e2f7 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/Cyber-Barbarians-Federal-Data-Breaches-In-1351067 In 2006, the lost Veterans Affairs laptop compromising the personal information of 26.5 million veterans represented just one of the hordes of information security breaches that flooded federal agencies, triggering Congressional hearings, GAO and IG investigations, and new OMB information security standards for federal agencies and contractors alike. de52bfda-3c88-4d87-baec-a908bf462de5 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/Belgian-Data-Protection-Authority-Outlaws-Transfer-of In a twenty-seven page report (the Report) of September 27, 2006, the Belgian Data Protection Authority (the Belgian DPA) opined that the transfer of banking records by the financial messaging service provider SWIFT to the US Department of Treasury (Treasury) violates European and Belgian data protection laws. 0bd8a6be-3037-4041-8c3e-05c890837818 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/European-Commission-In-Favor-Of-Security-Breach The European Commission recently announced in a public consultation concerning the review of the EU telecom regulations that it favors adopting security breach notification requirements for network operators and electronic service providers, similar to the requirements contained in laws passed by more than 30 states in the U.S. in the last two years. b6192014-162a-4500-869a-9ee9ad228d8c Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/To-Notify-or-Not-to-Notify-2006 Following in the footsteps of the California legislature, twenty-three other states have now passed security breach notification laws, and there are similar laws pending in several more states. 96c661ee-c863-4f9b-9560-282fb86c5780 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/European-Data-Protection-Watch-Dog-Outlaws-E-Mail-Content On 21 February 2006, the Article 29 Data Protection Working Party (“the Working Party”), issued an opinion on email content screening, virus scanning and spam filtering. 8fc14a99-4a9f-4bca-8fd5-46a5989f2f34 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/European-Data-Protection-Working-Party-Issues-Golden-Rules-1351072 The first Working Party Opinion of this year directly concerns American and other multinational corporations. It may signal the end of a long saga of threatened enforcement actions by national Data Protection Authorities (“the DPAs”) and works councils with respect to the legality of whistle-blowing schemes under European data protection law. 2b63eaaf-d7e3-4efc-add2-f08e4929b08e Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/To-Notify-or-not-to-Notify-Trend-Towards-Security-Breach Since our last update in September of this year, four additional states have enacted security breach notification laws and similar laws are still pending in several states. New York, New Jersey, North Carolina and Ohio have all joined the fray, increasing the pressure on the federal government to pass a uniform federal security breach notification law. b0f7b35b-e0a3-4034-bd7e-f752881b3207 Fri, 08 Apr 2011 17:38:08 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/FTC On June 1, 2005, new FTC regulations became effective which outline the duties of persons and companies when disposing of consumer credit reports and information derived from consumer credit reports. a95caafc-909c-48a7-9fe0-828bb7e60f87 Tue, 14 Jun 2011 10:58:04 GMT http://www.crowell.com/NewsEvents/AlertsNewsletters/Privacy-Law-Alert/New-Standard-Clauses-For-Data-Transfers-To-Data The Data Protection Directive permits the transfer of personal data outside of the EU in certain circumstances, including where a data exporter (based in the EU) and a data importer (based elsewhere) enter into a written agreement guaranteeing that the data importer will adequately protect all personal data received from the data exporter.