Companies settle FTC charges on false representation of online privacy policies

The Federal Trade Commission (FTC) took three U.S. companies to settle on the its charges on deceiving customers for false representation of online privacy policies, related to their participation in the Asia-Pacific Economic Cooperation (APEC) Cross-Border Privacy Rules (CBPR) system.

Read More

Yahoo pays a high price for the data breach it suffered in 2014

Yahoo pays a high price for the data breach it suffered in 2014, in terms of market value.  The damage is worth 0 million in the negotiations to complete the sale of Yahoo’s core operations to Verizon, an overall deal that will still value more than billion but now reduced of 0 million from the initial deal.  Additionally, reports indicate that Verizon has requested Yahoo to share liability for any damages that result from government investigations or other litigation.  This will create additional stress on the Company, which has already suffered the erosion of customers’ confidence and the risk of expensive sanctions and litigation.

Read More

British Columbia

British Columbia's auditor general Carol Bellringer has published in February 2017 a follow-up report after a 2015 audit of the 2-million Integrated Case Management System used by the Ministry of Social Development and Social Innovation.  The audit highlighted faults in privacy security related, inter alia, to social programs including child protection, child-care subsidies and income assistance.  While the government has made "significant effort" to improve the system, work is still to be done.

Read More

Mexico issues the Federal Law on Data Protection for the Public Sector

Thanks to the amendment of Art. 6 of the Constitution, Mexico has recently issued the Federal Law on Data Protection for the Public Sector (Ley General de Protección de Datos Personales en Posesión de Sujetos Obligados) thanks to which the privacy protection in Mexico has been increased and has met the best international standards.  This Law equates public and private parties in the protection of privacy, and complies with the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data (ETS No. 108) of the Council of Europe.

Click here for the Law

The Peruvian Government creates the National Privacy Authority

In the Official Gazette of Perù dated 7 January 2017, the Peruvian Government published the Decree that creates the Peruvian National Authority for the Transparency and Access to Public Information, that reinforces the regime of protection of personal data and the regulation of the related interests.  At its Art. 6, the Decree also established the Tribunal for the Transparency and Access to Public Information.

The text of the Decree, in Spanish, is accessible here