13th Year of HR privacy consulting!
Privacy News:
December 2011
Draft EU Reforms Would Have Significant Impact on Employers
EFF Releases Guide for Safeguarding Data at U.S. Border
German DPAs Determined to Reign in Facebook
Quiet Month for HR
Data Breaches
Canada Fails to Meet Mandatory PIPEDA Review Requirements
November 2011
Chinese Province Passes Comprehensive Data Protection Regulation
European Court of Justice Finds Spain in Breach of Directive
Data Protection Laws Pending in Two More Caribbean Nations
HR Data Breaches Dip in November
Privacy Certification for Cloud-based Applications Expands
October 2011
European Commission Says Safe Harbor Will Continue
Mandatory Privacy Training for Gov't Contractors Proposed
German DPAs Issue Rules for Cloud Computing Use
Modest Number of HR Data Breaches in October
Council of Europe Considers Amending Convention 108
Court of Appeals Rejects Whistleblowing System Approved by CNIL
September 2011
Irish DP
Commissioner to Audit Facebook
NLRB Issues Report on 14 Social Media Cases
Interest in Local Clouds Grows in Europe
Nine HR Data Breaches in September
Directive Reform Likely to be Delayed
Costa Rica
Enacts Data Protection Law
August 2011
Data Protection Laws Now in 76 National Jurisdictions
Massachusetts Data Security Regs Require More Than a WISP
NLRB Issues Guidance on Social Media Policies in Workplace
Seven HR Data Breaches in August
Indian Gov't Exempts Outsourcers from Consent Requirements
Details
Emerge about New DP Law in Peru
July 2011
NIST Issues Privacy Controls for Federal Information Systems
Article 29
WP Issues Opinion on Consent
No Summer Holiday for HR Data Breaches
Russia Amends Federal Data Protection Law
Privacy Law Reform Revived in Australia
June 2011
FTC OKs Company that Scours Internet for Employers
Facebook Facial Recognition Provokes New Privacy Firestorm
State Employees Bear Brunt of Month's HR Data Breaches
Peru Enacts Comprehensive Data Protection Law
Colombia and Senegal Poised to Enact DP Laws
May 2011
India Adopts Comprehensive Privacy Regulations
FTC
Settles Data Breach Charges against Ceridian
Disney Employees Sue over Exposure of SSNs
Three
Sets of Cloud Computing Guidelines Issued
Italy Reduces Regulatory Burden of DP Code
April 2011
Maryland Restricts Employer Use of Credit Information
Massive HR Data Breach in Texas, Plus 10 Others
Firestorm Erupts over Secret iPhone Tracking
South Korea Enacts Comprehensive Privacy Law
Article 29 WP Backs Adequacy Finding for New Zealand
Mexican DPA Expects Company Compliance to Begin in July
March 2011
FTC Announces Landmark Settlement with Google
What Location Tracking Looks Like
Employers May be Getting the Message on Breaches
Reding Outlines Four Pillars of New European DP Rules
Germany Strengthens “Irredeemability” of Internal DPOs
Implementing Rules for Mexico's Privacy Law Expected in July
February 2011
NLRB Reaches Settlement in Facebook Firing Case
Companies Clamp Down on Facebook, Twitter at Work
Ebb and Flow of HR Data Breaches Continues
Art 29 WP Responds to European Commission Consultation
Philippines Data Protection Bill Passes 2nd Reading
Omnibus Data Protection Law Coming in Colombia
January 2011
Supreme Court Rules in NASA Background Investigation Case
E-Verify Fray Continues, as Errors Persist
Eight HR Data Breaches in January
European Commission Reaches Adequacy Determination for Israel
German Regulators Challenge Google Over Analytics Program
Russia Again Delays Enforcement of Data Protection Law
December 2010
FTC Proposes New Privacy Framework
Commerce Releases Privacy Policy Report
Firing Data Security Whistleblowers Not a Good Idea
HR Data Breaches Slow in December
Garante Halts GPS Tracking of Employees
Brazil Launches Consultation on Data Protection Bill
November 2010
Groups File Complaint with FTC over Online Health Sites
Labor Board Opposes Employee Termination for Facebook Post
Seven HR Data Breaches Reported in November
European Commission Releases Outline of DP Reforms
German Federal Council Calls for Changes in Employee DP Bill
Indian Government Launches Consultation on Privacy Law
October 2010
EEOC Public Meeting Explores Employers’ Use of Credit History
State AGs, Other Countries Continue Street View Investigations
HR Data Breaches Swell in October
Commission Reaches Adequacy Determination for Israel
French Appeals Court Rejects Use of Geo-location Data
Accountability Paper Released, Helping Define Rules to Come
September 2010
Supreme Court Hears Arguments in NASA Case
Only Six HR Data Breaches in September
Security Industry Association Releases Privacy Framework
One Facebook Probe Ends in Canada, Another Begins
ECJ Bars Legal Privilege for In-house Counsel
Swiss Supreme Court: IP Addresses are Personal Data
August 2010
Malaysia Enacts the Latest in a Wave of DP Laws
HR Data Breaches at
All-time High in August
Illinois Restricts Use of Credit History in Hiring
European Commission Delays DP Reforms
Street
View Investigations Continue to Unfold
Germany to Bar Employers from Checking Facebook
July 2010
FTC Raises Info Security Bar with Twitter Case
HR Data Breached Seven Times in July
U.S. Cloud Providers Lobbying EU on Privacy Rules
Art 29 WP Urges Adoption of Accountability Principle
Schleswig-Holstein DPA Calls for End to Safe Harbor
Ukraine Enacts Comprehensive Data Protection Law
June 2010
Supreme Court Allows Search of Work-Issued Pager
Worldwide Investigations of Google Wi-Fi Sniffing
German DPA Finds Cloud Computing Largely Illegal
Half a Dozen HR Data Breaches in June
Taiwan Passes Personal Data Protection Act
May 2010
German DPAs Call for Safe Harbor Checks
EU Rights Agency: Stronger DPAs, Employment Laws Needed
House Examines Use of Credit Info in Employment
Google Wi-Fi Sniffing Explodes as Major Privacy Violation
Seven HR Data Breaches Reported in May
April 2010
Dept. of Commerce to Address Internet Privacy
Military Hit Hard by April Data Breaches
Ten Privacy Commissioners Challenge Google
Mexico Passes Omnibus Data Protection Law
NIST Issues Guide to Protecting PII
March 2010
Senators Propose National Worker ID Card
FTC Requires Monitoring Outbound Internet Traffic
HR Data Breaches Moderate in March
Top EU Privacy Regulator Calls for ‘Privacy by Design’
French Senate Approves Amendment to DP Law
Japanese Cell Phone Tracks Employee Motions
February 2010
Massachusetts Data Security Law Now in Effect
Checking Job Applicants Online Very Common in U.S.
Google Runs into Privacy Buzz-Saw over Buzz
HR Data
Continues Hemorrhaging in February
European Commission Updates Model Contract for Processors
More Requirements Emerging in Alberta PIPA Amendment
January 2010
FTC Declines to Address Adequacy of Safe Harbor Policies
Federal Government to Keep SSNs as Employee IDs
Ten HR Data Breaches in January
Background Checks? There's an App for That
UN Watchdog Calls for International Privacy Agreement
UK
DPA Receives Power to Impose £500,000 Fines
December 2009
Supreme Court to Hear City of Ontario vs. Quon
Facebook Changes Privacy Controls, Provokes Critics
Online PHR Vendors Graded on Privacy Protections
Another Lull in HR Data Breaches
Major Revamp of EU Data Protection Law Coming
New Rules for Oversight of System Admins in Italy
November 2009
Commissioners Approve Draft Global Data Privacy Standard
DOC to Review Safe Harbor Privacy Policies
Eight HR Data Breaches in November
Massachusetts Finalizes Data Security Regulations
October 2009
FTC Settles with Six Companies Claiming Participation in Safe Harbor
EEOC Issues Guidance for Employers in Handling Pandemic Flu
Employee Awarded $1.8 Million for Invasion of Privacy
Microsoft to Seek ISO Certification for Its Cloud Services
Are US
Employers Finally Protecting HR Data?
DPA Finds Daimler Pre-Employment Blood Tests Illegal
September 2009
Shared Assessments Program Expands Membership
Dept. of Defense to Let Troops Use Social Media
September Lull in HR Data Breaches
Hustinx Expects UN, OECD to Adopt New Data Privacy Standard
Hyatt Becomes First Company to Win Expedited BCR Approval
CNIL Fines Company for Covert CCTV System
August 2009
Massachusetts Revises ID Theft Regs, Extends Deadline
Facebook Will Meet Canadian Privacy Objections
Seven HR Data Breaches Reported in August
FTC Brings EHR Vendors Under Breach Notification Rule
FTC Takes Enforcement Action over Safe Harbor
South
African Privacy Bill Approved by Cabinet
July 2009
Commissioner Finds Facebook Violates Canadian Privacy Law
DHS to Push Ahead with E-Verify but Drop “No-Match Rule”
Cloud Computing Standards Group Formed, but Feds May Not Wait
Big Companies, School Districts and Laptops Dominate July Breaches
DP Law Amended, Employee Privacy Act Coming in Germany
CNIL Drops Prior Authorization for Safe Harbor Transfers
June 2009
Court Rules MySpace Comments Off-Limits to Boss
Growing Role of Organized Crime in Data Breaches
Social Networking Sites Subject to EU Data Protection Law
British Standard on Data Protection Published
Federal Data Protection Law Progresses in Mexico
May 2009
NIST Backs Overhaul of 1974 Privacy Act
Proposal for New International Standard Moves Forward
French Pass Law to Speed Data Transfer Approvals
Online Personal Health Records to Remain in Canada
Forrester and Chambers Urge Heightened Scrutiny of Cloud Security
April 2009
FTC Issues Draft Breach Notification Regulations
Eight HR Data Breaches in April
DHS Privacy Office in Forefront on Use of Social Media
Corporate Spying Scandals Continue to Mount in Germany
NIST Issues Password Management Guidance
Privacy-information Services: The Free, the Cheap and the Pricey
March 2009
Behavioral Targeting Moves to Center Stage
Most March HR Data Breaches in Public Sector
PHR Vendors Slow to Embrace ARRA Requirements
Worker Blacklist Scandal in UK
EC Issues Guide to Data Protection Compliance
February 2009
Major Changes Coming in HIPAA Requirements
Massachusetts Delays Data Security Regs Until 2010
Report Explores Privacy Issues in Cloud Computing
HR Data Breaches Keep on Coming
Germany Rocked by Spying on Employees Scandal
Canada Launches Certification Service for EHR Vendors
January 2009
2009 Begins with Ten Breaches of HR Data
NIST Issues New Draft Standard on Protecting PII
BSI Publishes Draft Data Protection Standard
Canadian Privacy Commissioner Issues Transborder Guidelines
Personality Tests Undermined by Availability of Cheat Sheets
December 2008
HHS Issues New Privacy Guidelines for EHRs
Employers Face Challenges with Social Networking
Cobbler’s Children Once Again Go without Shoes
FTC to Co-Sponsor International Data Security Conference
Switzerland Accepts US-EU Safe Harbor Framework
November 2008
Massachusetts's Data Security Law Delayed
Employee Snooping Back in News
Starbucks Not the Only Employer Spilling the Beans
Bermuda Preparing EU-Style Privacy Law
Employee
Firing for Blog Comments Upheld
October 2008
Six HR Data Breaches, Six Different Causes
Mutual Recognition Pact May Speed BCR Approvals
European Privacy Conferences Available Online
More Funding, Powers for UK DPA
Uruguay Enacts Comprehensive Data Protection Law
September 2008
Massachusetts Mandates Rigorous Data Security Program
Financial Crisis May Spur More Regulation of Privacy
Google Remains in Art 29 WP Crosshairs
HR Data Breaches Slow in September
Who is Guarding the Guardians?
DOJ Backtracks on Attorney-Client Privilege
Laptop Seizures Gaining Attention of Lawmakers
Only Four HR Data Breaches in August
Russia Establishes DPA, Website and Registration
ALRC Issues Massive Report on Privacy Law Changes
July 2008
Privacy Certification Coming for Personal Health Records
Eleven HR Data Breaches in July
Top Canadian Court: Attorney-Client Privilege Trumps Privacy
DOC Issues Safe Harbor Certification Mark
June 2008
Outsourcing of Communications Creates Right to Privacy
Tech and Health Care Firms Announce PHR Privacy Guidelines
Connecticut Mandates Employee Data Protection Policy
Article 29 WP Encourages Use of BCRs
May 2008
New Genetic Information Law Poses Challenges
Facebook: Coming Soon to an Employee Portal Near You?
Google Launches Health Service in Beta Mode
Sixth Pfizer Data Breach in a Year
UK DPA Gains Power to Fine Data Breachers
April 2008
Congress Passes Genetic Non-Discrimination Act
No Spring Break for Employee Data Breaches
European Commission to Study Privacy Law Changes
JAL Employees Reject $473,000 Settlement Offer
Japan Issues Guidelines for Working with Data Processors
March 2008
HR Groups Support New Federal Work Eligibility Bill
Patriot Act Chills Acceptance of Software-as-a-Service
Breaches of HR Data Reach Peak Levels
Consultation on Use of RFID Chips in Workplace
Research Shows Weak Wireless Security at Airports
February 2008
Electronic Health Records Taking Center Stage
Laptops Subject to Search and Seizure at US Borders
Stolen Computers, Vendors Dominate February Breaches
Swedish DPA Blocks Processing by Standard & Poor’s
Disk Encryption Not Always Effective
January 2008
Ninth Circuit Court Hands JPL Employees a Victory
New York Law Restricts Use of Truncated SSNs
Microsoft Seeks Patent on Worker-Monitoring System
HR Data Breaches Continue in January
Spain Issues New Data Protection Regulation
FTC Releases Data Security Resources