Tag:

privacy

IRS Offshore Voluntary Disclosure Program to Shutdown: The End of Amnesty for International Tax Evaders?

The IRS has decided to shutdown its Offshore Voluntary Disclosure Program (OVDP) on September 28, 2018.  The program offers amnesty from criminal prosecution and a set penalty structure for those who have previously failed to disclose foreign bank accounts and other foreign assets, including those held through undisclosed foreign entities. Failure to disclose could include failure to file the annual FinCEN Form 114,most commonly referred to as the foreign bank account report or “FBAR”, as well as the failure to report income from such accounts and assets on tax returns and the failure to provide various other foreign information forms and returns.

Securing All The Things: Cybersecurity, D-Link, and the Expansion of IoT

The internet of things (IoT) holds promise for new ways to interact with and leverage technology; however, ever-expanding connectivity brings increased vulnerability. Addressing security and privacy issues is necessary for the continued growth of the IoT—and, as the U.S. Federal Trade Commission’s case against  D-Link Corporation demonstrates, one of vital interest to regulatory lawmaking bodies as well.

YouTube and Google Face Largest COPPA Fine in History

Data protection measures have been increasingly crossing news headlines ever since the General Data Protection Regulation (GDPR) came into effect in 2018. However, data protection measures did not begin with the GDPR. In the United States, where there is a sectoral system in place, there have been regulations in place for years that monitor children’s online privacy (COPPA), health information (HIPAA), spam (CAN-SPAM), and even video rental history (VPPA). Despite these systems being implemented years ago, large companies still fail to properly comply with the requirements set forth. Recently, a settlement between YouTube and the FTC brought to light the importance of compliance with COPPA.

Safeguarding Your Face: Regulating Facial Recognition Technologies

The use of facial recognition technology in the commercial context generates numerous consumer privacy concerns. As technology becomes increasingly present in many aspects of our life, regulations on states and federal level are struggling to catch up. Currently, only three states (Illinois, Washington, and Texas) implemented biometric privacy laws, and only Illinois grants individuals with a private right of action.

Stemming the Tide of Medical Information Data Breaches

Protected Health Information is seeing a surge of breaches on the cyber security front due to contractor error. It’s also impacting the most consumers in comparison to other data breaches and, in some cases, has the power to cause chaos in national infrastructure. Advances in technology and compliance measures can stem the tide and protect the most valuable information in consumers lives.

Amazon Go versus the GDPR

New data privacy regulations entail questioning both current and future technologies. Recently, Amazon has introduced a store concept that eliminates everyone’s least favorite things about shopping, long lines and small talk. Amazon Go is the grocery store of the future and these stores allow consumers to walk in, pick up the items that they need, and then walk right back out. That’s it. No long lines, no cashiers, no shopping carts. However, as great as this concept seems, there are still concerns from a data privacy standpoint as Amazon needs to collect personal data from its consumers in order to be able to lawfully execute these checkout-less stores.

GDPR, Data, & Blockchain: The New Wonders of the Digital World

In a world where our reliance on technology and the cloud is increasing exponentially, data security’s growth has stagnated. The European Union (EU) passed the General Data Protection Regulation (GDPR) in hopes of ensuring that consumer data is protected and not harbored by businesses. The effects of the GDPR, however, have passed the borders of the European Union. In a world where our actions extend internationally with just the click of a button, the GDPR’s impact circles the globe as well. The GDPR has pushed for a shift in data privacy and regulation for companies within and outside of the EU as it holds to protect European citizens, no matter where they are in the world. This international reach has not only created forces to drive U.S. companies to comply, but states within the U.S. are now creating GDPR-inspired laws to protect their own citizens. The GDPR has started a trend that will soon become the norm and finally push compliance to keep up with the exponential growth of technology.

You’ve Heard About the GDPR, but What About the CCPA?

On June 28, 2018 California took a page out of the European Union’s (EU) book and signed the California Consumer Privacy Act (CCPA) into law. The CCPA is a landmark privacy bill that will come into effect on January 1st, 2020 and it is being closely compared to the General Data Protection Act (GDPR).

What does this mean for California businesses and residents? In short, more privacy and more control over data. Key aspects include allowing consumers to request what data an organization has collected about them, allowing consumers the right to fully erase data, protecting children’s data, and making verification processes more stringent for businesses.

Facial Recognition Technology: How Much Can State Law Protect Users?

Sei Unno Associate Editor Loyola University Chicago School of Law, JD 2019 Facial recognition has become mainstream, whether the laws are ready or not. Video games are using facial recognition to check the ages of their users and cars are being equipped with technology to identify drivers who are fatigued or distracted. In the U.S., states …
Read more

Rush University Medical Center’s 2019 Privacy Breach Incident

In March 2019, Rush University Medical Center (“Rush University”) sent out breach notification letters to approximately 45,000 patients. The letter advises patients that a privacy incident occurred that may have involved the patients’ personal information. The privacy incident was caused by an employee of a third-party financial services vendor. The employee released a file that contained patient information to an unauthorized person. According to the breach notification letter, law enforcement and regulatory officials were involved in the investigation of the privacy incident. Rush University sent the breach notification letter in compliance with the Health Insurance Portability and Accountability Act’s privacy and security rules.