News | Page 39
Lawsuits for Data Breaches: Useless or Strategic?
Solove published an interesting piece today entitled: “Why Do Lawsuits for Data Breaches Continue Even Though the Law Is Against Plaintiffs?” He explains that while the U.S. law has been far from kind to plaintiffs in data breaches (most courts dismiss claims for lack of harm), lawsuits keep coming. We have a similar situation in […] Read more
Mobile apps and privacy challenges
The WSP reports that most mobile apps don’t respect users’ privacy. The Global Privacy Enforcement Network (GPEN) undertook last May a second privacy sweep demonstrating the ongoing commitment of privacy enforcement authorities to work together to promote privacy protection around the world. It is reported that some 26 privacy enforcement authorities in 19 countries participated […] Read more
Is behavioral advertising harmful?
The Economist published a great piece on behavioral advertising : “Getting to know you: Everything people do online is avidly followed by advertisers and third-party trackers”. I blogged yesterday about the fact that the article raises an interesting point: industry players often take the position that since they do not know the users’ names, what they are collecting […] Read more
Should behavioral advertising profiles qualify as “personal information”?
The Economist published a great piece on behavioral advertising today: “Getting to know you: Everything people do online is avidly followed by advertisers and third-party trackers”. The article discusses the fact that gathering information about users and grouping them into sellable “segments” has become important for the $120 billion online advertising economy. The article raises an […] Read more
Verizon: When can a Telco use subscriber’s personal information for marketing purposes?
In the U.S., Verizon has recently been slapped with a $7.4 million fine by the U.S. Federal Communications Commission (FCC) for a privacy violation, the largest fine the FCC has ever imposed for a privacy violation. What did Verizon do to deserve this fine? It failed to provide the choice of opting out of its […] Read more
IIROC Security Breach : Class Action Not Authorized
The Investment Industry Regulatory Organization of Canada (IIROC or in French OCRCVM) who monitors all trading activity across the country suffered a security breach which was reported in April 2013. It was revealed that an employee lost a USB drive containing the personal information of more than 52,000 individuals with accounts at more than 30 […] Read more
Deleting Sensitive Material from iCloud
The reported iCloud security incident, which exposed photos of celebrities, has highlighted the potential risks of storing files online. According to a WSP article, the iCloud vulnerability was exposed on the code hosting site Github: developers discovered that Apple’s “Find My iPhone” feature could be compromised by a brute force attacks, which is an attack […] Read more
CASL: Already 85 000 complaints filed at the CRTC
CASL, the new Canadian Anti-Spam Law came into force on July 1st. CASL is enforced by the Canadian Radio-television and Telecommunications Commission, the Competition Bureau and the Privacy Commissioner of Canada. CASL regulates all commercial electronic messages (or “CEM”), which are messages that include among their purposes, the encouragement of participation in a commercial activity. […] Read more
Limited Protection of Dependents’ Personal Information in Group Insurance Matters
A group insurance policy often involves several parties, namely the insurance company, the plan administrator and the insured employee (or “member” of the plan), who rarely however has any negotiating power in this regard. In addition, it is often the case that a member’s dependents will be eligible for benefits under the policy. Administering a […] Read more
The Internet Never Forgets: Google Inc.’s “right to be forgotten” EU ruling and its implications in Canada
In May of this year, the Court of Justice of the European Union (CJEU) issued a groundbreaking decision for online privacy rights in Google Inc. v. Agencia Espanola de Proteccion de Datos. The CJEU ruled that European Union citizens have the right to require the erasure of inadequate, irrelevant or outdated information from search engines, […] Read more