Archives: Workplace Privacy

Subscribe to Workplace Privacy RSS Feed

VOTE 2016 – The Only Easy Choice

In an election year that has divided much of the country, we are providing you with a clear and simple choice this voting cycle.  To this end, we are proud to announce that the Workplace Privacy Report Has Been Nominated for The Expert Institute’s Best Legal Blog Competition. From a field of hundreds of potential nominees, … Continue Reading

The Privacy Shield Is Finally Here

Earlier today the European Union and U.S. officials announced the final approval of the EU-U.S. Privacy Shield data transfer agreement (“the Privacy Shield”).  Beginning August 1, 2016, organizations based in the U.S. will be able to self-certify their compliance with the Privacy Shield. The Privacy Shield is meant to replace the EU-U.S. Safe Harbour agreement … Continue Reading

Facebook’s “Trending” Section and Human Resources Analytics

According to a recent New York Times article, “Facebook scrambled on Monday to respond to a new and startling line of attack: accusations of political bias.” Slate followed with a report that the online social networking giant became the subject of a United States Senate inquiry, with Commerce Committee Chairman John Thune wanting information about how … Continue Reading

EEOC Files Suit Targeting Employment Application “Health History”

On March 22, 2016, the Equal Employment Opportunity Commission (“EEOC”) filed suit in the United States District Court for the Western District of Missouri against Grisham Farm Products, Inc. alleging that its employment application violated the Americans With Disabilities Act (“ADA”) and the Genetic Information Non-Discrimination Act (“GINA”). Equal Employment Opportunity Commission v. Grisham Farm … Continue Reading

Should We Train Our Employees About Good Data Privacy and Security Practices?

Yes! It is the law in more places and circumstances than you suspect. Check out our report to learn more, including suggestions for setting up a training program. Late last year, The Wall Street Journal reported on a survey by the Association of Corporate Counsel (“ACC”) that found “employee error” is the most common reason for a … Continue Reading

The Inexplicit Requirement and Definitive Necessity for Employers to Implement Privacy Policies

In the face of seemingly daily news reports of company data breaches and the mounting legislative concern and efforts on both the state and federal level to enact laws safeguarding personal information maintained by companies, employers should be questioning whether they should implement privacy policies to address the protection of personal information they maintain on … Continue Reading

European Commission Unveils EU-U.S. Privacy Shield (Update)

Earlier today, the European Commission (the Commission) issued a draft “adequacy decision” as well as the texts that will constitute the EU-U.S. Privacy Shield (the Privacy Shield). This includes the Privacy Shield Principles companies have to abide by, as well as written commitments by the U.S. Government on the enforcement of the arrangement, including assurance … Continue Reading

The Status of the EU-U.S. Privacy Shield

As we previously reported, the EU and U.S. reached agreement last week on the EU-U.S. Privacy Shield to replace the invalidated EU-U.S. Safe Harbor Program for transatlantic data transfers.  While the announcement of the Privacy Shield is a relief to the thousands of companies who relied on the Safe Harbor Program, details remain unclear. What … Continue Reading

President Seeks $19 Billion and Creates a Commission to Address Cybersecurity

President Barack Obama requested $19 billion in his budget for 2017 to address cybersecurity in the United States, $5 billion more than was budgeted for the current year. Today, he issued an Executive Order that will create a commission within the Department of Commerce to be known as the “Commission on Enhancing National Cybersecurity.” So, … Continue Reading

Top 10 for 2016 – Happy Data Privacy Day

In honor of Data Privacy Day, we provide the following “Top 10 for 2016.”  While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2016. EU/U.S. Data Transfer (status of Safe Harbor).  On October 6, 2015, the Court of Justice of the European Union (CJEU) ruled … Continue Reading

FTC’s Big Data Report Has Suggestions for the Workplace

Earlier this month, the Federal Trade Commission (“FTC”) issued a report discussing “big data.” The report compiles the agency’s learning from recent seminars and research, including a public workshop held on September 15, 2014. Known best for its role as the federal government’s consumer protection watchdog, the FTC highlights in the report a number of … Continue Reading

Prohibiting Recording Devices – The Dreaded “Maybe”

Can we prohibit employees from making audio recordings at work?  As advancements in technology continue to increase, and it becomes easier and easier for employees to surreptitiously record conversations, this inquiry is posed by many employers.  In fact, we discussed this very question back in 2013.  Unfortunately, the answer to this question is perhaps the most … Continue Reading

Employers Can Provide Credit Monitoring and Other Identity Protection Services to Employees Tax-Free BEFORE a Breach Happens, IRS Says

Earlier this year, we reported that the Internal Revenue Service clarified that it would not consider the value of credit monitoring and other identity protection services provided by employers to employees in connection with a data breach to be taxable income to the employees. IRS Announcement 2015-22. In response to comments, the IRS expanded this … Continue Reading

DNC, Bernie Sanders’ Data Breach – Breaches Are Not Just About Social Security Numbers or Payment Cards

Are pundits discussing the personal information allegedly accessed by a campaign staffer for Bernie Sanders? No, not really, and that is the point. Scheduled to debate tonight at St. Anselm College in Manchester, New Hampshire, Democratic presidential candidates Bernie Sanders and Hillary Clinton are almost certain to joust over an alleged intrusion into Clinton’s voter … Continue Reading

EU Publishes Text of New General Data Protection Regulation

On December 17, 2015, following four years of sometimes acrimonious debate, the EU Parliament and Council of the European Union informally agreed on the final draft of the General Data Protection Regulation (“GDPR”). The GDPR will replace what privacy experts refer to simply as “95/48” –or the 1995 law known as EU Data Protection Directive— … Continue Reading

Leading Cause of Data Breaches – Employee Error, ACC Survey Concludes

When people think about data breaches, they tend think more about the illegal hacking into computer networks by individuals, criminal enterprises or even nation states, than they do about simple employee error. This makes some sense as hacking incidents seem to be more interesting and draw more media attention. Holding this belief, however, can cause … Continue Reading

Driver Privacy Act of 2015

An increasing number of companies have been installing or otherwise using some of the latest monitoring technologies in vehicles driven by employees – whether those vehicles are owned by the company or the employee – usually for safety and/or logistics management. These technologies include “event data recorders” or EDRs that capture a range of information … Continue Reading

Wearables, Wellness and Privacy

Bloomberg BNA (subscription) recently reported that this fall the Center for Democracy & Technology (CDT) will be issuing a report on Fitbit Inc.’s privacy practices. Avid runners, walkers or those up on the latest gadgets likely know about Fitbit, and its line of wearable fitness devices. Others may know about Fitbit due to the need … Continue Reading

The Hololens From Microsoft – Help Can Be Right Under…Over Your Nose

The saying – never let them see you sweat – soon may be more difficult to accomplish with Microsoft’s Hololens. Like Google Glass, the Hololens is worn as a headset. But this device has a “plurality” of sensors that gather a range of biometrics parameters (heart rate, perspiration, etc.) which determine along with other information … Continue Reading

Connecticut State Contractors, Health Insurance Industry Businesses Subject to Enhanced Significant Data Security Mandates

In June, Connecticut’s governor signed into law Senate Bill 949 which amended the State’s breach notification statute. The requirement that covered businesses must provide one year of identity theft protection services for certain breaches, easily the most popular aspect of the legislation, may have diverted attention from some significant aspects of this new law. Senate Bill … Continue Reading

Connecticut Enacts SB 949 Requiring One Year of Free Identity Theft Protection Services For Certain Data Breaches

Senate Bill 949 is now law in Connecticut, after being signed by Governor Malloy on June 11. As we reported, this law amends the state’s current breach notification mandate to require that for breaches of certain personal information covered business must provide one year of free identity-theft protection for affected persons. So, beginning October 1, 2015, … Continue Reading

Connecticut May Require Businesses to Offer One Year of Identity Theft Protection Services Following a Data Breach, Joining Other States in Strengthening Notification Laws

Following a string of states across the country that have strengthened their data breach notification laws in recent months, Connecticut is about to amend its law to require, among other things, that businesses provide one year of identity-theft protection for persons affected by the breach. Many businesses already extend such services to breach victims, but, … Continue Reading

States Continue to Protect the Personal Social Media Accounts of Employees, with Oregon Likely to Add an Interesting Twist

Over the past few years, states around the country have enacted laws limiting an employer’s ability to access the personal social media accounts of applicants and employees. Earlier this year, Montana’s Governor Steve Bullock signed HB 342 into law. Before that, Virginia enacted a similar measure. On May 19, Connecticut’s Governor added the Nutmeg state to … Continue Reading