You are here
Home > News > Cyberlaw

EU pushes to link tracking databases

As the final comment says: “If you build in more power for authorities, you need more safeguards for citizens as well,” she added. “That is not happening here.”... The European Union is about to become a lot safer — at least on paper. Lawmakers are set to approve plans for an enormous new database that will collect biometric data on almost all non-EU citizens in Europe’s visa-free Schengen area. The database — merging previously separate systems tracking migration, travel

Patient Privacy Breach…All in a Day’s Work?

A reminder, if you needed one, that a data breach need not involve computers and an external bad actor.  Staff training is just as important as firewalls and fancy software...: [...] In Parker v. Carilion Clinic, Virginia’s highest court partially revived a lawsuit against a health care provider and its two employees for allegedly disclosing confidential patient information. In her complaint, the plaintiff, Lindsey Parker, alleged that Carilion Clinic and Carilion Healthcare

Bounty UK fined £400,000 for sharing personal data unlawfully

Note that this is being positioned as a breach of the Data Protection Act. If this was being prosecuted under GDPR the level of fines available would make this an existential threat to Bounty...: The Information Commissioner’s Office (ICO) has fined Bounty (UK) Limited £400,000 for illegally sharing personal information belonging to more than 14 million people. An ICO investigation found that Bounty, a pregnancy and parenting club, collected personal information for the p

Dr. Carla Rydholm on the Value of Legal Data Analytics

This is a little different to my usual security musings...: Not many people can make the transition from Ph.D. in Genetics and Genomics, and then to the legal analytics field, but Dr. Carla Rydholm is someone who did just that. For nearly the past decade, Dr. Rydholm has been leading the charge of data analytics at Lex Machina. She is charged with not only acquiring the data large amounts of data but also maintaining that data as it is updated. Dr. Rydholm stopped by Greg’s

Is it weird not to have a privacy policy? (And other thoughts on privacy policy best practices.)

Any article that starts by talking about risk analysis is good in my book...: [...] It probably does look weird, given how ubiquitous website privacy policies are, but whether you ought to have a privacy policy is surprisingly not straightforward! On the one hand, the answer seems to be no: if you’re not collecting information, then what is there to advise customers about? On the other, maybe the answer is yes: better to inform individuals that nothing is being collected