Printable version (PDF) 

BACKGROUND CHECKS

– Accusearch, Canada Privacy Office with FTC help finds firm breached PIPEDA, 1173
– Credit reports

– – Ban on use in hiring

See LEGISLATION, FEDERAL, HR 3149

– – Cal. bill prohibits use for employment purposes, governor vetoes, 1498
– – Dallas-based corporate events planner, EEOC files class suit over firm's use of credit and criminal histories in hiring (D. Md.), 1471
– – EEOC considers guidance, ABA teleconference, 600
– – Railroad companies settle FTC allegations of failure to notify workers of use (D. Colo., W.D. Wash.), 1200

– Criminal data, U.K. job applicants may contest past conduct information, In Brief, 1619
– EEOC considers guidance, ABA teleconference, 600
– GSA must improve data security policies, IG report, 8
– Hazardous Material Endorsement (HME) program, TSA completes over 1 million checks on truckers, In Brief, 22
– IRS, sensitive but unclassified waste disposal, TIGTA report suggests improvements, 773
– Jurors, Ontario investigating police checks, In Brief, 883
– NASA contractors, en banc rehearing petition denied (9th Cir.), 871
– Preemployment screening, ASIS Intl. updates guidance, In Brief, 1480
– Security clearances

– – DOD personnel clearances, GAO tells Congress timeliness has improved, 8; GAO says reports not complete, In Brief, 806
– – Reciprocal recognition, Bush E.O. requires, 232
– – Reforms, agencies set to meet goals, In Brief, 1394
– – Security Clearance Oversight and Accountability Act

See LEGISLATION, FEDERAL, HR 639

– Transportation Worker Identification Credential (TWIC) program

– – American Samoa, DHS exempts workers, In Brief, 506
– – Delays, employment groups say TSA should speed processing, 1089

BANK SECRECY ACT

See MONEY LAUNDERING

BANKING

– Bank of New York Mellon technician charged in $1.1 million scheme (N.Y. Sup. Ct.), 1610
– Cloud computing, World Privacy Forum issues report, 337
– Colombian cybercrime law signed, 43
– Consumer Financial Protection Agency (CFPA)

– – Frank (D-Mass) bill

See LEGISLATION, FEDERAL, HR 3126

– – FTC chair assures lawmakers agency would maintain key powers, Consumer Union supportive, 1016
– – Hill Watch, status of significant bills, chart, 1333
– – Obama financial regulatory reform proposal includes, FTC to share power, 977

– Court records, no remedy against bank for filing that included unredacted SSN (Tex. Ct. App.), 1528
– Credit cards

See CREDIT CARDS

– Credit checks allowed for hiring some positions, banned for most

See LEGISLATION, FEDERAL, HR 3149

– Credit reports

See CREDIT REPORTS

– Data breaches

– – Bank of America settlement, privacy class objectors' claims tossed (Cal. Ct. App.), 987
– – Bank of N.Y. Mellon agrees to pay Conn., already paying for credit protection, 241
– – Certegy Check Services, telemarketer settles claim it acquired stolen data, judgment sets new due diligence standard (Fla. Cir. Ct.), 591
– – HSBC, U.K. regulator hits bank with record fine, 1099
– – People's United Bank laptop lost, post-breach fear of identity theft satisfies standing but not compensable without loss (D. Conn.), 1348
– – RBS WorldPay, U.S. processing arm of Royal Bank of Scotland improperly accessed with actual fraud detected on cards, 9; consumer class amends complaint (N.D. Ga.), 274; RBS WorldPay to process credit card tax payments despite recent breach, 667; oral arguments set (J.P.M.L.), 775; panel consolidates claims, 873
– – Response costs

– – – Maine bank regulators release survey results, many affected by Hannaford breach, 37
– – – Record breaking hacker case raises stacks, Special Report, 1244

– – Rocky Mountain Bank, probe of customer data improperly attached to e-mail, unable to seal complaint (N.D. Cal.), 1378; dismissal approved, 1433
– – Statistics, ID Theft Resources Center reports 2008 increase, 40
– – TJX Cos., remaining bank plaintiffs may pursue some claims (1st Cir.), 532; final bank plaintiffs settle claims (D. Mass.), 1260; hacker pleads guilty, 1272
– – TowerGroup says institutions must assume personal data has been or will be compromised, 928

– Data security, self-regulatory groups merge efforts, In Brief, 883
– Deutsche Bank, DPA probes alleged corporate spying, two workers fired, 1098
– E-mail

– – Authentication best practices released, In Brief, 883
– – Disclosure or spam receipt not injury or damage for contract or fiduciary claims (S.D.N.Y.), 559

– European Central Bank, EU Council agrees to modify data collection provisions, 1242
– Executive bonus data subpoenaed, no shield from publication (N.Y. Sup. Ct.), In Brief, 568
– FCRA reasonable investigation, bank must conduct (9th Cir.), In Brief, 1538
– FDIC employee indicted on charge of disclosing confidential bank data (D. Kan.), 1496
– Finland, rule requiring bank PIN to file crime report online draws concern from DPA, 1099
– Funds transfer privacy law covers ordinary customer bank accounts (N.J.), 559
– Global framework, FDIC analyst cites self-regulation as best model, 462
– Goldman Sachs suffers proprietary computer code theft, FBI charges employee (S.D.N.Y.), 1025
– Identity theft, bank tellers allegedly stole account data for counterfeit check scheme (N.Y. Sup. Ct.), 801
– Job postings, FOIA does not cover daily online updates (D. Ariz.), In Brief, 1506
– Mobile devices, security and privacy top concerns, KPMG report, In Brief, 567
– Money laundering

See MONEY LAUNDERING

– Multifactor identification measures

– – Citizens Fin. Bank, failure to adopt may create liability (N.D. Ill.), 1268
– – People's United Bank, transfer from construction company's account allowed due to lax measures (Me. Super. Ct.), 1431

– N.Y. financial data measures include e-transfer breach notice and data sharing prohibition, 215
– Operation Phish Phry, FBI, DOJ, and Egyptian authorities break up large operation (C.D. Cal.), 1472
– Polygraph testing, failed bank robbery led to firing of manager not disclosure of polygraph, no evidence of damages (D.S.C.), 625
– Power-of-attorney status applicants, final FCRA settlement over Bank of America credit reviews approved (E.D. Pa.), 274
– Privacy notices

– – Eliminate Privacy Notice Confusion Act

See LEGISLATION, FEDERAL, HR 3506

– – Model form, SEC reopens comment period on proposal, 584; FTC to release final model GLB privacy notice form by Fall, 732; final form due in Aug., 1166; FDIC board approves, 1554

– Regulatory compliance chief policy challenge, Deloitte reports, 233
– Spam, Project Honey Pot seeks assistance of banks and clearinghouse vendors to identify hackers (E.D. Va.), 1236
– Suspect parties, Frank (D-Mass) considers new limits on banks doing business with corrupt regimes and individuals, 774
– Swiss bank client names, U.S. petitions court to enforce summons, tax fraud alleged (S.D. Fla.), 301; TRO issued (Bundesverwaltungsgericht), 341; UBS official tells Senate panel of objections to IRS summons, 394; Switzerland says IRS summons violates tax treaty and threatens agreement (S.D. Fla., brief filed), 716; DOJ affirms it is not dropping summons, 954; DOJ files memorandum, In Brief, 993; DOJ files memorandum, summons is only means to gain UBS account data, In Brief, 1034; trial postponed, In Brief, 1069; U.S. and UBS announce settlement, 1205; settlement terms announced, 1241; IRS requests account details, EC wants similar assistance, 1285; Conn. AG seeks UBS names, 1285; Swiss judge orders UBS to notify clients before turning over account details, 1391

BCRs

See BINDING CORPORATE RULES (BCRs)

BEHAVIORAL TARGETING

See ADVERTISING

BELGIUM

– DPA annual report shows rise in business sector privacy interest, 2008 achievements highlighted, 1066
– SWIFT

– – EU Article 29 group discusses at plenary session, 594
– – Temporary pact negotiations, EC seeks until Lisbon Treaty enters into force, 1062; EU to incorporate data protection recommendations into pact, 1283; European Parliament adopts resolution setting guidelines for new agreement, 1351
– – U.S. Treasury respected privacy safeguards, EC-appointed judge concludes, 340

– Yahoo fined over refusal to disclose user data to prosecutors (Dendermonde Crim. Dist. Ct.), 404

BINDING CORPORATE RULES (BCRs)

– Article 29 Working Party

– – Annual report for 2007 gives overview of enforcement and documents issued, 166
– – FAQs updated, 167; third party beneficiary rights listed, 241; discussed at 70th plenary session, 594; latest guidance covers EU privacy law compliance and burden of proof, 672

– Blueprint for global privacy compliance, Practice Aid, 27
– Czech Republic, Slovakia, and Malta latest to join recognition procedure, 629
– eBay, U.K. ICO set to approve, 1616
– Hyatt Hotels, U.K. ICO approves BCR, first under new mutual recognition policy, 1374
– Transfers to third countries, EU releases FAQ, 471
– U.K. approves BCRs for two U.S. firms signaling start of speedier process, 699

BIOMETRIC DATA

– Article 29 Working Party, annual report for 2007 gives overview of enforcement and documents issued, 166
– Canada, U.K., and Australia fingerprint data sharing agreement concerns Canadian Privacy Comm'r, 1283
– Children, data rights second to child's best interest, Art. 29 Working Party, In Brief, 343
– CLEAR registered traveler program, data transfer enjoined (S.D.N.Y.), 1233
– Driver's licenses, British Columbia to use facial recognition to enhance, 285
– Employment verification system, Schumer (D-NY) to include in immigration reform bill, 954; witnesses tell Senate panel that biometric identifiers should be required, 1087
– FBI issues technology assessment, In Brief, 92
– France

– – CNIL audit schedule statement released, 879
– – Education test firm's transfer of palm vein data to U.S. approved, 1027

– Ireland, report calls for greater privacy safeguards, 1616
– Medical identity theft, Utah law requires patient identification, 510
– Mobile collection guidelines, NIST releases, In Brief, 1292
– Portugal workplace privacy code restricts surveillance and e-mail monitoring, 308
– Smart cards, NIST releases two technical standards, In Brief, 1312
– Transportation Worker Identification Credential (TWIC) program

– – American Samoa, DHS exempts workers, In Brief, 506
– – Delays, employment groups say TSA should speed processing, 1089

– US-VISIT program, DHS expands collections, In Brief, 21

BLOGGING

– ABA. Conf. says valuable ad tool but firms must know risks, 1178
– Defamation

– – Anonymous, five-part test for unmasking adopted (Tenn. Cir. Ct.), In Brief, 1578
– – “Skanks of NYC” blog, Google ordered to provide account data (N.Y. Sup. Ct.), 1234

– Employer monitoring of web posts, Analysis and Perspective, 1039; correction, 1068
– Health care reforms, free speech chilled by White House requests for public to forward “fishy” e-mail, suit also alleges Privacy Act violation (D.D.C.), 1274
– N.J. media shield law, postings on porn software data breach not covered (N.J. Super. Ct.), 1095
– Nursing student reinstated, off-color post did not violate patient privacy (W.D. Ky.), 1202
– Post of Fla. prosecutor's work memo protected since copy came through records request (S.D. Fla.), 961
– Sweden extends journalism protection, In Brief, 598

BOTSWANA

– Data breaches, Zurich Ins. lost back-up tape with data on U.K., S. Africa, and Botswana customers, 1532

BREACHES

See DATA BREACHES

Contact the Webmaster at webmaster@bna.com
1801 S. Bell Street, Arlington, VA 22202 - Phone: 1-800-372-1033

Copyright © The Bureau of National Affairs, Inc. All Rights Reserved.