December 2010

The European Parliament has approved a resolution asking the Commission to carry out an in-depth study of “new advertising practices.”  Parliament is concerned about “the routine use of behavioral advertising and the development of intrusive advertising practices (such as reading the content of e-mails, using social networks and geolocation, and retargeted advertising) which constitute attacks

EU Home Affairs Commissioner Cecilia Malmström announced that the European Commission will propose amendments to the Data Retention Directive (2006/24/EC) following publication of an evaluation report on the Directive early next year.  Under the Directive, Member States must ensure that providers of publicly available electronic communications services or public communications networks retain certain traffic data

In 2009, 12 percent of EU businesses suffered security incidents due to hardware or software failures, according to a study released by Eurostat, the statistical office of the European Commission.  By contrast, incidents involving the destruction or corruption of data due to malicious software infection or unauthorized access were only reported by five percent of

The State of Vermont is petitioning the Supreme Court to review a Court of Appeals decision holding that the State’s prescription confidentiality law is unconstitutional. The law at issue prohibits regulated entities from selling or using records containing prescriber-identifiable information—i.e., information linking prescribers to prescriptions for particular drugs—for marketing or promoting prescription drugs, unless the

Last week, Congress delivered to President Obama for his signature the “Red Flag Program Clarification Act of 2010,” which is intended to narrow the types of entities that are subject to the Federal Trade Commission’s Red Flags rule.  The Red Flags rule requires “financial institutions” and “creditors” to establish programs to detect, prevent, and mitigate

The Federal Trade Commission is asking for comments on whether to strengthen its rules requiring telemarketers to disclose their identities via caller ID.  The FTC’s notice [PDF] suggests that the agency is taking aim at what it perceives to be deceptive identification disclosure practices. 
The FTC currently requires telemarketers to disclose their telephone number and, when

EU Justice Commissioner Viviane Reding is in the U.S. this week and was scheduled to meet with Attorney General Eric Holder on ways the U.S. and E.U. can cooperate on protecting consumer data.
Commissioner Reding also met with the Washington Post‘s Cecilia Kang to discuss the relationship between E.U. and U.S. conceptions of privacy. 

Just two days after the Director of the FTC’s Bureau of Consumer Protection announced that the agency would not tolerate an “arms race” aimed at developing technologies that subvert user choice regarding online tracking, two firms accused of employing such technologies agreed to settle lawsuits against them.  Quantcast and Clearspring–which provide web analytics and certain functionality to consumer-facing websites–were named in