Privacy and Security Law Blog : Privacy & Security Law Blog : Davis Wright Tremaine LLP : Seattle, Los Angeles, Washington D.C., New York, San Francisco, Shanghai, Portland and Anchorage Law Firm

Posted by Thomas Jeffry

Last Thursday, New York Attorney General Andrew Cuomo announced that his office had entered into its first settlement under that state’s Information Security Breach and Notification Law enacted in 2005.

When it comes to notification that private information on a stolen laptop computer may be compromised, time is not your friend. The New York law requires notification to “the owner or licensee of the information of any breach of the security of the system immediately following discovery, if the private information was, or is reasonably believed to have been, acquired by a person without valid authorization.” In addition, both the owner and licensee of such information has an obligation to disclose, “in the most expedient time possible and without unreasonable delay,” any breach in the security to any New York resident “whose private information was, or is reasonably believed to have been, acquired by a person without valid authorization.” (New York State General Business Law § 899-aa)   The law includes the common provision that such notification may be delayed if a law enforcement agency determines that such notification impedes a criminal investigation

• Email This
• Print
• Comments
• Share Link

Posted by Randy Gainer

The Department of Justice disclosed its most recent proposed changes to the Foreign Intelligence Surveillance Act (FISA) on April 13^th. The DoJ proposals are set out in Title IV, “FISA Modernization Provisions,” of the Fiscal Year 2008 Intelligence Authorization Act. The DoJ also issued a supposed “Fact Sheet” on Friday the 13^th promoting the proposals but, as Lisa Graves of The Center for National Security Studies said her section-by-section critique of the DoJ “Fact Sheet”, the DoJ ignores the facts and misrepresents the effects of the proposed changes. “The bill’s changes are not modest updates to modernize FISA and increase privacy, but would dramatically change the law and substantially weaken civil liberties protections in the current law.” Id., 1. 

• Email This
• Print
• Comments
• Share Link

Posted by Bruce E. H. Johnson

The Real ID Act has been described by Crosscut columnist Skip Berger as creating "what is in essence America's first national identity card using driver's licenses that could be embedded with computer chips and biometric information, such as fingerprints. It has been proposed that such cards be required of every citizen who wants to drive, access government buildings, apply for federal benefits, or fly on commercial aircraft. Management of the vast databases would fall to each state's department of motor vehicles."

• Email This
• Print
• Comments
• Share Link

Tool mines personal data from across Net
CNETNews.com - April 19, 2007

Calif. Lawmakers to Vote on Five Bills to Regulate RFID Technology
Computer World - April 9, 2007

• Email This
• Print
• Comments
• Share Link

Posted by Ronald London

The Pew Internet & American Life Project has issued a report indicating that even teenagers who are very active on the Internet are careful to limit the personal information they place online out of concern over keeping sensitive data out of the hands of strangers, parents, and other adults. While almost two thirds of teenagers with online profiles acknowledged that someone hunting for information, armed with the right tools and incentive, could identify them based on information in their online profiles, most reported taking steps to make such identification more difficult, such as declining to post a full name, home phone number or cell phone number. The report is among the first in-depth looks at the privacy-related awareness and practices of teenagers that avidly use social networking sites such as MySpace or Facebook.

• Email This
• Print
• Comments
• Share Link

By Rory Eastburg

On April 5, 2007, a unanimous state Supreme Court ruled that California’s litigation privilege extends to claims based on the state’s constitutional right to privacy.  While conceding that the statutory privilege would have to yield to the constitutional privacy right if the two conflicted, the court concluded that “the statutory and constitutional provisions are not in conflict; they can and do coexist.”

• Email This
• Print
• Comments (1)
• Share Link

Posted by Charlene Brownlee

A password is now required if you want to get your account information from your telecommunications carrier[1] over the phone under new privacy rules approved Monday by the Federal Communications Commission (FCC).[2] If a customer does not provide a password, carriers have two options: (i) mail the information to the customer at its address of record; or (ii) call the customer at the telephone number on record.

• Email This
• Print
• Comments (1)
• Share Link