Privacy & Security Law Report: Index-Summary

ICANN (INTERNET CORPORATION FOR ASSIGNED NAMES AND NUMBERS)

See INTERNET
– Whois databases

IDAHO

– Data breach notification, bill requires state attorney general notification, 507; bill approved, sent to governor, 592; governor vetoes, 637

IDENTIFICATION DOCUMENTS

– Aliens, worker eligibility for employment

See ALIENS AND CITIZENSHIP

– Driver's licenses

See DRIVER'S LICENSES

– Dutch hotels copying or scanning passports, DPA to investigate practice, 1284
– Electronic identification (eID) cards, ENISA urges careful look at privacy features, 248
– Foreign passports and other false data used to bilk U.S. banks, defendant pleads guilty (M.D. Fla.), 401
– Identity theft

See IDENTITY THEFT

– IRS, TIGTA says progress slower than reported, 1051
– Japan moves to foreign resident national card, In Brief, 314
– Medical identity theft

See MEDICAL IDENTITY THEFT

– Real ID Act

– – Napolitano says DHS rethinking, 528
– – Providing for Additional Security in States' Identification (PASS ID) Act

See LEGISLATION, FEDERAL, S 1261

– – Real ID Repeal and Identification Security Enhancement Act

See LEGISLATION, FEDERAL, HR 3471

– Refinery worker who refused photo ID on religious grounds fails in bias suit (E.D. Pa.), 1277
– Security clearances

See BACKGROUND CHECKS

– Smart cards, NIST releases two technical standards, In Brief, 1312
– Tenn., false identification penalty law signed, In Brief, 785
– Transportation Worker Identification Credential (TWIC) program

– – American Samoa, DHS exempts workers, In Brief, 506
– – Delays, employment groups say TSA should speed processing, 1089

– Travel documents

See TRAVEL DOCUMENTS

– U.K. voluntary ID pilot plan to expand to Manchester, In Brief, 717; mandatory airport worker ID card dropped, to continue with voluntary plan, 988
– Voting, photo ID required (U.S., rev den), In Brief, 882

IDENTITY THEFT

– Aliens and citizenship

– – Aggravated ID theft, whether knowledge that real person required (U.S., oral arg held), 333; knowledge of actual victim required (rvs and rem), 708
– – E-Verify system

– – – Biometrics, witnesses tell Senate panel that biometric identifiers should be required, 1087
– – – Enhancements planned, 197
– – – HR conference speaker suggests employers consider using, DHS likely to retain system, 441

– – New Employee Verification Act

See LEGISLATION, FEDERAL, HR 2028

– Bank of New York Mellon technician charged in $1.1 million scheme (N.Y. Sup. Ct.), 1610
– Bank tellers allegedly stole account data for counterfeit check scheme (N.Y. Sup. Ct.), 801
– Canada, tough legislation reintroduced, to amend criminal code, 565; bill passes Senate, Stoddart argues rules better option, 932; Stoddart urges coordinated approach, 1438; Canadian Parliament passes bill but implementing provisions delayed, 1575
– Constitutional privacy right not implicated by SSN stolen off county clerk's website (U.S., rev den), 81; In Brief, 90
– Consumer Sentinel Network Data Book, FTC reports that ID theft once again leading complaints, 329
– Credit reports

– – Debt collector's probe of identity theft victim may be willful FCRA violation (S.D. Ohio), 201
– – Equifax errors, damages affirmed (4th Cir.), 499

– Criminal penalties, Personal Data Privacy and Security Act

See LEGISLATION, FEDERAL, S 1490

– Data breach notification, FTC and DOJ call for federal standard to fight ID theft, House hearing held, 923
– Double jeopardy attaches to federal statutes on ID theft and aggravated ID theft (11th Cir.), 1272
– Driver's licenses, British Columbia to use facial recognition biometric technology to enhance, 285
– FBI internet crime report for 2008, fraud and other activity complaints rose 33 percent, 529
– For-profit identity theft service industry, consumer group urges FTC to review practices, 464
– FTC, strategic plan adopted that includes consumer and global privacy issues, 1466
– Future risk claim insufficient despite standing to sue (N.D. Cal.), Special Report, 569
– Haw. law excludes fictional person's data (Haw.), In Brief, 748
– Medical

See MEDICAL IDENTITY THEFT

– Merchants advisory board to create best practices guidance, In Brief, 1175
– Neb., bogus default judgment scam violates state law (Neb.), 500
– N.Y., omnibus law includes employer SSN use and personal data sharing restrictions, 8
– Nursing home residents' stolen tax data used fraud scheme, four more sentenced (W.D. Mo.), In Brief, 174
– Online user authentication lacking, allowed bank transfer from construction company's account (Me. Super. Ct.), 1431
– Operation Phish Phry, FBI, DOJ, and Egyptian authorities break up large operation (C.D. Cal.), 1472
– PCI DSS, House Homeland Security panel questions effectiveness against cybercrime, 525; PCI DSS overview, 527
– People's United Bank laptop lost, post-breach fear satisfies standing but not compensable without loss (D. Conn.), 1348
– Production sentence upheld for minor charge (1st Cir.), In Brief, 23
– Real ID Act, Napolitano says DHS rethinking, 528
– Real person's ID used, whether knowledge required

– – Flores-Figueroa (U.S., oral arg held), 333; knowledge of actual victim required (rvs and rem), 708
– – Villanueva-Sotelo (U.S., rev den), In Brief, 784

– Red flag rules, “Creditors”

– – Attorneys, ABA renews call for exemption, 955; ABA continues push for exemption, 1036; FTC believes it lacks power to exempt attorneys, 1137; ABA files challenge (D.D.C.), 1268; ABA seeks summary judgment, 1431; FTC opposes suit, 1491; ABA seeks full exemption, 1523
– – Benefit plan sponsors, some may be caught unaware, 402
– – Congressional action, groups face uphill battle to change scope of rule, 1165
– – Exemptions, bill introduced

See LEGISLATION, FEDERAL, HR 3763

– – FAQ guide released by FTC and banking regulators, 865
– – 401(k) accounts, FTC says rules do not apply to participant loans from, 1037; benefits lawyers seek formal guidance, 1090
– – FTC releases compliance guide and launches website, 525; retailers remain anxious about potential liability, 556; FTC officials say focus of new rule on flexibility, risk levels, and good faith efforts, 618; FTC postpones enforcement, possible Congressional role, 659; FTC posts new compliance guidance and checklist, 729; FTC grants third delay at request of House Appropriations Comm., 1137; FTC Chair Leibowitz, BNA Interview, 1181; FTC postpones deadline, 1552
– – Health care

– – – Exemption for small practices

See LEGISLATION, FEDERAL, HR 2345

– – – FTC and AMA argue over application, 389
– – – IT managers face triple regulatory threat, Practice Aid, 602
– – – Obligations, Analysis and Perspective, 1508
– – – Preparation urged by attorneys at industry meeting, 1233

– Senate Commerce Comm. expected to revisit consumer protection proposals, IAPP Privacy Summit, 478
– Social Security Number Fraud and Identity Theft Prevention Act

See LEGISLATION, FEDERAL, HR 2472

– Social Security Numbers Privacy and Identity Theft Prevention Act

See LEGISLATION, FEDERAL, HR 3306

– State legislation outlook, Special Report, 177
– Storage unit rented using stolen identity, no privacy protection in warrantless search (10th Cir.), 1610
– Taxation

– – Fraudulent returns, GAO report says IRS stops most but $15M still got away, 1467
– – New data security threats noted by officials, 868
– – N.Y. tax department discloses breach, former worker charges (N.Y. City Ct.), 628
– – Preparation service office files searched and seized, sheriff's office lacked probable cause for warrant (Colo. Dist. Ct.), 442
– – Puerto Rican residents, N.Y. man sentenced for tax refund scheme (S.D.N.Y.), 775
– – Scams, IRS cautions against, In Brief, 1176

– Tenant screening services company settles FTC charges (D. Minn.), 396
– Turkey, data protection law remains stalled, 44
– VA, former auditor sentenced (Cal. Super. Ct.), In Brief, 174
– Va. dangerous drug prescription reporting system data allegedly held for ransom, 751; Va. sending breach notices over exposure of SSNs, 836
– Whistleblowers, ex-worker who voiced data security issues has triable retaliation claim (D.N.J.), 708
– Wis. statute survives First Amendment as-applied challenge (Wis.), 1056

ILLINOIS

– Back Doctors log book, evidence of authorization defeats junk fax claim (S.D. Ill.), In Brief, 1356; “educational” fax not TCPA violation, In Brief, 1578
– Credit card marketing, new law expands restrictions of use of student data, 1206
– Dish Network and dealers, FTC and state AGs allege no call and state law violations (C.D. Ill.), 497
– E-mail, councilwoman may proceed on claim of unauthorized access by mayor (N.D. Ill.), 1055; damage not required for civil CFAA claim, 1275
– E-Verify system, state law barring use unconstitutional (C.D. Ill.), 468
– Mental health records disclosed during divorce proceedings, claims reinstated (Ill. App. Ct.), 1561
– Proprietary information, expert search not CFAA loss when pre-litigation action, IT agreement breach claim survives (N.D. Ill.), 533
– Public records access law amended, In Brief, 1356
– School superintendent's contract must be disclosed (Ill.), In Brief, 884

IMMIGRATION

See ALIENS AND CITIZENSHIP

IMMUNITY

– Cal., Pasadena police department entitled to qualified immunity, privacy invasion award nixed (Cal. Ct. App.), In Brief, 806
– Data breaches, Mich. bill grants liability immunity to firms with specified safeguards, 1168
– File sharing, music downloading by students, no sovereign immunity on subpoena for defendants' identities when not party in suit (W.D. Va.), 43
– Money laundering with alleged fraudulent ads, CDA controls unless Google requires illegal content (N.D. Cal.), In Brief, 49
– Strip search of student unconstitutional but principal immune (U.S., rvs), 956
– Surveillance, town officials have no qualified immunity for recording all calls from office for six years (7th Cir.), 1095
– Telephone records sold, no CDA immunity from FTC Act unfair practices claims (10th Cir.), 1020

IMPLEMENTING 9/11 COMMISSION RECOMMENDATIONS ACT

– Progress report, DHS issues, In Brief, 1104

INDIA

– Data security, parliament clears amendments to IT Act to protect personal information, 16; bill includes damages provision, 17; bill contains broad data security standards, rules not yet drafted, 248; industry self-regulatory council sends recommendations for new rules, 739; amended law takes effect but implementing rules incomplete, 1574
– Outsourcing center, security concerns voiced, In Brief, 49
– Spain agency reports increased data transfers to country, 596

INDIANA

– MySpace, single message insufficient to convict for intimidation and privacy invasion (Ind. Ct. App.), 1275
– Prescription records in dumpsters

– – CVS settles with Ind. AG (Ind. Pharm. Bd.), 1058
– – Lo Cost Rx settlement approved (Ind. Pharm. Bd.), 875
– – Walgreens cases pending (Ind. Pharm. Bd.), 875; Walgreens settles with Ind. AG, 1058

INFLUENZA

– H1N1 virus

– – France, CNIL posts vaccination campaign information, In Brief, 1577
– – HHS may waive some rules in event of national health emergency, 1556

INSTANT MESSAGING

– Commodity futures trading, e-mail and IM subject to recordkeeping, CFTC says, In Brief, 287

INSURANCE

– Am. Family Mutual Ins., sending letters to client list ruled CFAA authorized (N.D. Iowa), In Brief, 447
– Canada no-call lists, bulletins clarify obligations, 783
– Credit-based insurance score study, FTC approves data protection plan, In Brief, 677
– Data breaches

– – Blue Cross and Blue Shield of Del. fined by state regulators for printing error disclosing personal data, 84
– – Japan, ALICO customer data misuse reported, 1097
– – Jubilee Marketing Agency, ICO takes action against, In Brief, 1034
– – Kaiser Permanente notifying workers that PII may have been stolen, 278; breach traced to terminated employee of union, 403
– – Zurich Ins. lost back-up tape with data on U.K., S. Africa, and Botswana customers, 1532

– Legal expenses insurance firm and contractors ordered to encrypt mobile devices after laptop theft, 878

INTELLECTUAL PROPERTY

– EU Universal Service and Framework Directive amendments, Hustinx praises but asks lawmakers for more, 305
– File sharing

See FILE SHARING

– Trade secrets

See TRADE SECRETS

– Trademark breach, Whois record admissible on control of website but not ownership (D.N.H.), In Brief, 1243

INTERNAL REVENUE SERVICE (IRS)

See TAXATION

INTERNATIONAL DEVELOPMENTS

– Anti-Counterfeiting Trade Agreement, groups seek to restrict internet use and ask for more documentation on talks, 774; privacy groups concerned about internet privacy ramifications, 1091
– Anti-doping agency, EU Article 29 group discusses at plenary session, 594; World Anti-Doping Agency amends privacy standards, In Brief, 748
– Data handling, groups say regulators can keep pace with technology only with focus on corporate accountability for consumer information, 1563
– Data Privacy Day

– – Duke Univ. conference speakers predict Obama to boost U.S. and EU data sharing plans, 193
– – U.S. National Privacy Day resolutions passed, 193

– Data protection, global framework

– – Barcelona meeting, attendees call for minimum standards, 85
– – EU Parliament supports online privacy standards, In Brief, 540
– – Madrid Resolution establishes non-binding minimum global privacy standards, 1620; conference speakers and sessions focused on global standards, 1623; keynote speakers focused on EU-U.S. information sharing, 1624
– – Spanish DPA sees progress at Bilbao meeting, 934
– – Viewpoint, 62
– – Workshop, FTC Leibowitz says will enforce requirements and seek global common ground, 461; FDIC analyst says self-regulatory guidance may be best model, 462

– DHS Napolitano to meet with Europeans on data privacy, In Brief, 634
– Economic crisis and offshoring raise threat of insider breaches and trade secrets theft, McAfee reports, 234
– Intl. Telecomm. Union

See UNITED NATIONS (UN)

– Internet governance, EU's Reding calls for U.S. to end ICANN pact and move to private, global group, 714
– Online freedom of speech, EU official calls for protections through trade agreements not legislation, 285
– Warrantless border searches of electronic devices

– – Border Security Search Accountability

See LEGISLATION, FEDERAL, HR 1726

– – Bush administration policy retained with new procedural safeguards under new directive, 1261
– – DHS annual report released, 1375; groups tell Congress that Privacy Office not living up to mandate, 1558
– – Review, DHS advisory committee urges Napolitano to add privacy protections, 269
– – Search data, ACLU files FOIA suit (S.D.N.Y.), 1270
– – Securing Our Borders and Our Data Act

See LEGISLATION, FEDERAL, HR 239

INTERNET

– Ed. Note: For electronic sales of goods and services, see ELECTRONIC COMMERCE. Electronic mail is covered under E-MAIL.
– Accessibility, Target settles web access claims of blind consumer class (N.D. Cal.), In Brief, 447
– Anonymous postings

– – Defamation

– – – Canada, statements on bulletin board, disclosure ordered (Ontario Super. Ct.), 538
– – – D.C., five-step test for unmasking speakers adopted (D.C.), 1235
– – – First Amendment balancing needed to unmask speakers (Md.), 399
– – – Jurisdiction, evidence needed for identification (D.D.C.), 301
– – – “Skanks of NYC” blog, Google ordered to provide account data (N.Y. Sup. Ct.), 1234
– – – Topix.com ordered to disclose web speaker identities (Tex. Dist. Ct.), In Brief, 448
– – – York Univ., internet users not entitled to chance to object to ID disclosure by ISPs (Ontario Super. Ct.), 1352

– – Retaliation, privacy interest in ISP-stored identifying data held to depend on terms of service (W.D.N.Y.), 397
– – South Korea lowers threshold for websites requiring identification verification, 598

– Anti-Counterfeiting Trade Agreement, groups seek to restrict internet use and ask for more documentation on talks, 774; privacy groups concerned about internet privacy ramifications, 1091
– AOL, class argues embedded e-mail ads violate ECPA (C.D. Cal.), In Brief, 806
– Argentina, data retention law giving secret service access to e-mails and calls unconstitutional (CSJN), 340
– Australian cybersecurity legislation to allow early interception of online messages, 1438
– Background search firm, Canada Privacy Office with FTC help finds Accusearch breached PIPEDA, 1173
– Behavioral targeting

See ADVERTISING

– Broadband access, FCC seeks comments on privacy issues, 555; comments received, 863; FTC files comments, 1307
– Canada, new policy addresses traffic management technologies and customer privacy, 1536
– China, cyber-hunting

– – Jiangsu Province passes ordinance, 206
– – Wife's suicide, man harassed after personal data posted, awarded damages, 90

– Cloud computing

– – Analysis and Perspective, 425
– – Contract terms, companies should review and not move all sensitive data, RSA Conf., 646
– – ECPA update needed, status of data unclear, 827
– – FTC investigates practice, 701
– – Google, EPIC asks FTC to probe privacy and security efforts, 463
– – IAPP Privacy Academy explores issues like risks and jurisdiction, 1398
– – IAPP Privacy Summit, risks exist but old safeguards still apply, 475
– – L.A. City Council approves moving e-mail and internet services to Google Cloud, 1565
– – NIST seeks comments on definition, In Brief, 841
– – Privacy Act, advisory board and CDT urge Congress to amend to light of, 798
– – Standardization, organizations form working group, 1091
– – World Privacy Forum issues report, 337

– Congressional Internet Caucus

– – Annual State of the Net Conf., 77
– – Cybersecurity Policy Review forum, 843
– – Sen. Thane (R-SD) added as co-chair, In Brief, 635

– Consumer privacy protections, Boucher (D-Va) expresses interest in privacy and data collection legislation, 229; Boucher plans to move forward with draft measure, 616; Boucher tells conference that privacy bill priority for him, 702; Boucher's bill may sharpen opt-in, opt-out web consent debate, 827; House hearing, Google and other leading firms questioned, Boucher seeks baseline protections, 921
– Cookies

– – EU amendments, online ad firms object to require user consent requirement, 536
– – Federal websites, OMB proposes ending ban, comments sought, 1139; received comments are mixed, 1197
– – White House website privacy policy allows to link to social media sites, 194

– Craigslist

– – Auto-posting software maker sued (N.D. Cal.), In Brief, 1506
– – Prostitution ad claim dismissed (N.D. Ill.), In Brief, 1577

– Crime report for 2008 says fraud and other cybercrime complaints rose 33 percent, 529
– Deep packet inspection

– – Analysis and Perspective, 217
– – Canada

– – – Bell Canada needs to explain use, 1289
– – – Privacy Comm'r critical of web traffic management tools, 405

– – House communications panel hearing on privacy issues, 616

– Defamation

– – Anonymous postings

See Anonymous postings, this heading

– – Single-publication rules applies to alleged online slur (W.D. Ky.), In Brief, 785

– Domain name system deployment guide, NIST issues security guidance, In Brief, 448
– E-health

See E-HEALTH

– European Union (EU)

– – Data protection terms glossary published, In Brief, 210
– – E-Privacy Directive

– – – Article 29 Working Party calls for broad breach notice, 306
– – – Hustinx issues opinion, 86

– – Electronic communications rules overhaul on hold due to dispute over illegal downloading crackdown, 562; file sharer web cutoff disagreement continues to stall overhaul, In Brief, 634; reform moving after Parliament drops court order for net cutoff demand, 673; European Parliament rejects compromise stalling approval of new rules, 714; European Parliament instructs EC to consider broad data breach notice law, 742; EU member states reject demands to require court order to cut off internet, 875; Council of the EU adopts legislative changes, still discussing internet cutoff provision, 1568; EU Parliament backs off court order demands for internet cut off law, 1569; EU agrees on new internet user rights with protection from arbitrary service cut off, 1615
– – Profiling, Council of Europe seeks comments on draft guidelines, 1475
– – Search engine data retention standards, Article 29 Working Party statement welcomes calls for, 278
– – Telecommunications reform package, Hustinx opinion discusses data breach notification, 86
– – Universal Service and Framework Directive, Hustinx praises intellectual property amendments but asks lawmakers for more, 305

– Expired password used, claims fail (N.D. Ill.), 986
– File sharing

See FILE SHARING

– Finland, rule requiring bank PIN to file crime report online draws concern from DPA, 1099
– France, new crime bill allows government monitoring of cybercriminals' internet use, 837
– FTC plans roundtable talks to examine privacy concerns, 1261; FTC announces series, 1346; FTC sets schedule, 1603
– Global standards

See INTERNATIONAL DEVELOPMENTS

– Go Daddy site, registrar's preservation of site content for police no basis for civil rights claims (N.D. Cal.), 400
– Google

– – Book Search settlement, CDT says court should monitor to ensure strong user privacy, 1144; proposed settlement draws privacy rights objections (S.D.N.Y.), 1315; fairness hearing delayed, 1433
– – Cloud computing, EPIC asks FTC to probe privacy and security efforts, 463
– – Dashboard allows users to manage data stored on themselves, 1608
– – Juror search of defendant results in new trial (S.D.), In Brief, 1393
– – Latitude friends-and-family location service, CNIL says subject to French law, approves privacy plan, 880
– – Money laundering with alleged fraudulent ads, CDA controls unless host requires illegal content (N.D. Cal.), In Brief, 49
– – Privacy policies, Google modifies data collection policy, In Brief, 252
– – Rocky Mountain Bank, probe of customer data improperly attached to e-mail, unable to seal complaint (N.D. Cal.), 1378; dismissal approved, 1433
– – Street View

See Photographs of private property, this heading

– – Video postings

See Video postings, this heading

– HIPAA Privacy Rule compliance answers website, HHS revises and expands, 272
– Internet Corp. for Assigned Names and Numbers (ICANN)

– – Breach, domain registrar and proxy service not liable, spam recipient not beneficiary (N.D. Cal.), 1618
– – Chief executive officer and president, Beckstrom named to lead, 981
– – EU's Reding calls for U.S. to end pact and move to private, global group, 714
– – Generic top-level domain names, ICANN reviews comments, some urge stronger Whois features, 19; new draft security plan published, In Brief, 842
– – Oversight agreement

– – – House criticizes pending expiration of, 825
– – – Permanent arrangement, Boucher (D-Va) and other House panel members calls for, 1199
– – – Renewal and possible increased government involvement

See LEGISLATION, FEDERAL, S 773

– – Security plan, NIST, NTIA, and Verisign join ICANN to deploy comprehensive technology, 825; new draft security plan published, In Brief, 842
– – State of the Net Conf. panel discussion, 77
– – Whois databases

See DATABASES

– Internet Governance Forum, ABA resolves to urge renewal, In Brief, 1208
– IP addresses not personal data, collection ban agreement not breached (W.D. Wash.), 1022
– ISP data retention requirements

– – Art. 29 Working Party to probe practices, 470
– – Dutch amendment sets, 1029; government agencies meet with ISPs on new obligations, 1535
– – Irish bill to cut how long user ID data kept, 1064
– – U.K., new internet traffic data rules take effect, guidance due soon, 565; comments sought, guidance include third party data comparison requirement, 674
– – U.S.

See LEGISLATION, FEDERAL, HR 1076, S 436

– Japan

– – Advertising, limits on cell services' use of internet and location data for targeted ads, 1282
– – Police ask ISPs and carriers to retain communication logs for three months, 1537

– Legislation must be flexible to allow innovation, industry asserts, 77
– Making Home Affordable Programs, search engine firms must identify advertisers misdirecting users (D.D.C.), 772
– Medical identity theft, HHS releases new tools for seniors, 1493
– Merchants ID Theft Advisory Bd. to create best practices guidance, In Brief, 1175
– Monster.com says passwords and IDs compromised but not SSNs, 205
– My IRS Account Project, IRS needs better access authentication, TIGTA report, In Brief, 1313
– National security letters (NSLs), gag order feature in ISP letters violates First Amendment (2d Cir.), 13; Judge Sotomayor named by Obama for Supreme Court, 808
– Network Solutions, source of hack affecting credit card accounts not identified, 1144
– N.J. governor signs bill on intercepting web communications, 1531
– Norway, doctor choice website increases security after DPA warning, In Brief, 1292
– Online freedom of speech, EU official calls for protections through trade agreements not legislation, 285
– Parental control software tracking and selling online activity data of minors (FTC), 1472
– PayChoice discovers website security breach when phishing e-mails spotted, 1469
– Phishing

See PHISHING

– Photographs of private property

– – Cal. and Tex. consider limits on posting images online, 470
– – Google Street View

– – – Canada, officials welcome retention policy, 1479
– – – Pa., homeowners' privacy not invaded by inclusion (W.D. Pa.), 303; failure to seek trespass nominal damages no basis to reopen case, 591
– – – Swiss DPA demands further improvements, In Brief, 1356
– – – U.K. ICO rules that personal privacy not violated, In Brief, 634

– PINs and payroll debit cards targeted using increasingly sophisticated methods, RSA Conf., 641
– Privacy policies

See NOTICE

– Real estate ad prospecting, CNIL fines site for unfair practices, 1150
– Red flag rules, FTC releases compliance guide and launches website, 525
– Regulations.gov, glitch affects website, comments lost, In Brief, 1356
– Russia relaunches personal data portal, 1501
– Scareware scheme, FTC reaches accord with defendants (D. Md.), 952; CEO's role in management of ads supports individual claims against him, 1381
– Scottrade online brokerage to pay FINRA fine over lax anti-money laundering program, 1559
– Search engines

– – Ixquick reduces data retention time to zero, 247
– – Microsoft and Yahoo announce advertising agreement, deal to face scrutiny, 1143; privacy groups urge DOJ to conduct “rigorous” review of deal, 1376
– – South Korea indicts two hackers for exploiting e-commerce sites and reusing passwords, 597
– – Third party content, Google and Yahoo held liable for model's photo on pornographic sites without her consent (Juzg. N.), 1151

– Sears Holdings Mgmt. settles FTC claims of consumer data collection without proper disclosure (FTC), 824; proposed settlement involves software tracking of online activity, 869; settlement casts doubt on sufficiency of established practice, Viewpoint, 1070; FTC approves final consent order, 1306
– Social networking websites

See SOCIAL NETWORKING WEBSITES

– Sony online community not “company town,” speech not protected (N.D. Cal.), 1435
– Spain, AEPD opens compliance review, 631; AEPD issues internet user privacy guidance, 748
– Spam

See SPAM

– Spyware

See SPYWARE

– Stored Communications Act

– – Bloomington-Normal Seating, claims advance as “other aggrieved person” (C.D. Ill.), 830
– – Corporate-owned laptop used to access offensive websites, SCA inappropriate (E.D. Mich.), 1094
– – E-mail

See E-MAIL

– – Location data from mobile phone provider, privacy groups file brief supporting ruling that U.S. needs warrant (3d Cir.), 499
– – MySpace, verdict against restaurant for manager's access of employee's private chat group (D.N.J.), 1474

– Sweden, Freedom of Expression Act loophole increasingly used to post personal data, DPA concerned, 880
– Trusted Internet Connection services, AT&T receives GSA award, 9
– U.K., parliamentary group launches inquiry into ISP role in catching bad actors, 675
– Union not liable for members' web comments when not acting as union agents (D. Nev.), In Brief, 678
– Utah sex offender law requiring disclosure of internet account information survives challenge (D. Utah), In Brief, 1294
– Video postings

– – Google, video shows taunts of Down syndrome boy, Italian court considers criminal defamation case against officials (Tribunale di Milano), 243; ombudsman for municipality files civil suit, 244; case remains before judge, jurisdictional issues not decided, 308; ruling postponed, In Brief, 474; Italy has jurisdiction, 502; Milan court retains criminal and privacy cases, sends related case to Rome, 631; Google says IT not available then to restrict video post, In Brief, 718; trial granted use of fast-track process, 782; trial postponed, closed to media and public, In Brief, 966; court date set, In Brief, 1440
– – Spain probe targets internet protocol cameras, In Brief, 993
– – YouTube

– – – France, internet hosts must collect user ID data on content uploaders, legal experts seek clarification (T.G.I.), 45
– – – Spain DPA fines poster who failed to gain subject's consent, 242

– Va. dangerous drug prescription reporting system data allegedly held for ransom, 751; Va. sending breach notices over exposure of SSNs, 836
– White House website

– – Cookies, privacy policy allows to link to social media sites, 194
– – Obama records and website policies draw early praise, concern remains over future issues, 191

– Yahoo

– – Belgium, fined over refusal to disclose user data to prosecutors (Dendermonde Crim. Dist. Ct.), 404
– – CDA bars claim for failure to remove content, contract-based claim may proceed (9th Cir.), In Brief, 805; opinion amended, In Brief, 995
– – Hacking, using a Cal.-based anonymizer service to access creates jurisdiction (N.D. Cal.), In Brief, 1539
– – Privacy policy now allows opt-out of behavioral tracking from mobile devices, 1092

INTERVIEW

– Commerce Undersecretary O'Neill, 94
– DHS Chief Privacy Officer Callahan, 846
– FTC Chair Leibowitz, 1181

IOWA

– Drug testing, employer failed to comply with testing law but no damages awarded when second test confirmed positive results (Iowa), 83
– Mental health records of children, mother properly denied access, children's best interests trump parent's statutory right to release of such records (Iowa), 627
– Videotaping, wife's privacy invasion claim affirmed (Iowa), In Brief, 22

IRELAND

– Biometric data, report calls for greater privacy safeguards, 1616
– Data breach notification, interim guidance recommends notice to data protection office, 630
– Data Protection Comm'r annual report says complaints head steady and e-mail spam fell, 745
– Data retention, EU Directive challenge dismissed (E.C.J.), 284; Irish bill to cut how long telephone and web user ID data kept, 1064
– Lisbon Treaty, Ireland approved, 1477
– Personal Public Service Number, Data Protection Comm'r annual report expresses concern over private sector use, 745
– Spam

– – Fines increased, complaints increased, 20
– – Text messages, DPA has no duty to seek informal resolution prior to filing suit (H. Ct.), 170

IRS (INTERNAL REVENUE SERVICE)

See TAXATION

ITALY

– Data breaches

– – Cerved unable to use tax and voting records mistakenly posted online, 170
– – Guidelines released, 170

– Data protection, DPA approves major hikes in fines, business group objects, 206; DPA says agency will impose new fines, repeats call for greater authority, 746
– Do-not-call registry, Italy moves to create, 283
– E-health, DPA issues draft rules to protecting records, 502
– Facebook, DPA warns users that information never completely deleted, In Brief, 506
– Google, video shows taunts of Down syndrome boy, court considers criminal defamation case against officials (Tribunale di Milano), 243; ombudsman for municipality files civil suit, 244; case remains before judge, jurisdictional issues not decided, 308; ruling postponed, In Brief, 474; Italy has jurisdiction, 502; Milan court retains criminal and privacy cases, sends related case to Rome, 631; Google says IT not available then to restrict video post, In Brief, 718; trial granted use of fast-track process, 782; trial postponed, closed to media and public, In Brief, 966; court date set, In Brief, 1440
– Phishing, government creates task force to curb, 283
– Shareholders may access contact data of fellow shareholders, In Brief, 717
– Telemarketer access to telephone databases, DPA increases fines, 472