13 September 2006. Bruce L. McDonald and Kirk J. Nahra, partners with Washington, D.C.-based Wiley Rein & Fielding LLP, discuss the 6 December 2005 D.C. Circuit Court ruling, which held that lawyers engaged in the practice of law are not subject to the privacy and security provisions of the Gramm-Leach-Bliley Act (GLBA). They examine the case, American Bar Association v. Federal Trade Commission, 430 F.3d 457, and its history.
This Washington Post business report discusses how consumers can protect personal information such as Social Security numbers and credit history. It also outlines what to do if you think you are a victim of identity theft and provides links to additional resources.
The European Commission maintains this site on data protection law. It provides information for lawyers and consumers alike. Find relevant legal instruments, including directives, regulations, treaties and case law, the implementation status of Directive 95/46/EC on the Protection of Individuals with regard to the Processing of Personal Data, related international instruments, model contracts for the transfer of personal data to third countries, news and more. A handy country chart provides access to information about the rights of citizens of member states. The site is available in available in French, German and English.
BNA's Web Watch, compiled by Laura Gordon-Murnane, provides coverage of legislative and interest group initiatives on data security. Find links (with brief descriptions) to federal and state legislation, testimony and position papers.
Consumer advocacy group, Privacy Rights Clearinghouse, explains background checking for employment purposes. Consisting of 10 parts, the guide informs about what employers can and cannot do with respect to background checking. While the guide speaks generally about federal law, it also highlights important differences in California state law.
The Health Privacy Project of the Institute for Health Care Research and Policy, Georgetown University, offers news and information about health care privacy issues. Find federal regulations and legislation, HPP congressional testimony, a report on state health privacy laws (over 200 pages), and more.
Intended for use by medical researchers, the National Institutes of Health and the U.S. Department of Health and Human Services offer this site on health privacy. It provides access to legal and educational materials. Find the health privacy rule and revisions, sample authorization forms, a booklet entitled "Protecting Personal Health Information in Research: Understanding the HIPAA Privacy Rule," guidance on access and use of health information in databases, and more.
The Privacy Rights Clearinghouse offers fact sheets, publications, speeches, testimony and victim stories related to identity theft. For example, find out how to reduce the risk of fraud or what to do if you become a victim of identity theft. Some of the information is also available in Spanish.
The Office for Civil Rights of the U.S. Department of Health and Human Services provides information about health information privacy. Find several fact sheets and FAQs on topics like disclosures to family and friends and how to file a health information privacy complaint. Also find educational materials, information for small business providers, HIPAA (Health Insurance Portability and Accountability Act) regulations and standards and information about compliance and enforcement.
The Electronic Privacy Information Center (EPIC) provides extensive information about numerous privacy issues, including financial, children's, medical and Internet privacy. In addition to detailed commentary, you will find many links to primary documents.
The law firm, Davis Wright Tremaine LLP, maintains this blog on privacy and security law. Lawyers comment on events in the news and legal developments, such as court decisions and state or federal legislation. The blog has an RSS feed and e-mail alert service for keeping up with new postings. The topics links on the home page take you directly to related commentary. You will also find this subject index in the site map.
Personal data vendor, ChoicePoint, launched this Web site in response to recent incidents of fraud against the company that resulted in the exposure of consumer information. The Web site provides access to company statements on the data theft and resources for victims of the incidents, as well as information about avoiding identity theft.
This single page on the Web site of the Federal Citizen Information Center offers basic information about privacy. It explains what you can, and cannot, stop, the right to opt out, types of privacy notices and where to go for help. An appendix summarizes the Fair Credit Reporting Act and the Gramm-Leach-Bliley Act.
The Federal Trade Commission (FTC) provides information relating to privacy. Topics include enforcement, financial privacy, credit reporting and children's privacy. In addition to brief explanations of each of these issues, you will find the text of relevant laws and regulations, testimony and more.
Watchdog group Privacy International comments on events and developments concerning privacy issues. Comments often contain links to primary documents. Additionally, the site offers country reports, a newsletter on international privacy issues and several reports.
A a non-profit consumer advocacy group, the Privacy Rights Clearinghouse provides information on many privacy issues, including identity theft, financial privacy, access to medical records, pre-employment and employment background checks, electronic privacy and more. Find fact sheets, which provide basic information about an issue and tips for consumers. Additional resources include speeches and testimony, resources for victims of identity theft and links to privacy-related resources.
A joint project of the Electronic Privacy Information Center (EPIC) and Privacy International, the Web site provides commentary about current events and developments concerning privacy issues. It links to additional resources and offers a news feed.
The Center for Social & Legal Research in Hackensack, NJ offers this resource for consumer privacy and data protection laws, issues and trends and developments worldwide. It links to international and foreign privacy laws and legislation as well as select court opinions from around the world. Also find links to commentary, studies and reports.
Online payment service, PayPal, provides a resource guide for victims of identity theft. In addition to services and utilities for PayPal subscribers, it offers general information and advise. Find an essay on the 5 things you can do to protect yourself, a tutorial on spoofed e-mail messages and Web sites, and a handy downloadable checklist.
AARP suggests resources for victims of identity theft. This AARP Bulletin provides the Web site addresses and phone numbers of the three largest credit bureaus and links to government and interest group resources. It's a good starting pointing for victims.
Marketing analyst Jimmy Atkinson and search engine optimization consultant Andy Hagans maintain this Weblog on radio frequency identification (RFID) technology. They comment on press releases and news concerning the technology. They also provide an introduction (The Future Is Here: A Beginner's Guide to RFID) to RFID and an essay on privacy issues (How RFID Will Impact Consumer Privacy). The commentary we reviewed appears balanced, although many of the links to external Web sites point to conservative viewpoints. As an aside, the two are also developing a directory of RFID related resources. See RFid Directory.
Part of the "Law About" section of the Cornell Law School Web site, Right of Privacy contains a brief analysis of the several federal privacy laws. It also helpfully contains links to the text of the laws. A sidebar contains additional resources. See also: Right of Privacy: an Overview, Right of Privacy: Personal Autonomy, Right of Publicity.
The legislative research librarians at the National Conference of State Legislatures (NCSL) track legislative activity in the 50 states on disclosure requirements related to security breaches involving consumer personal or financial information. The tracking begins in 2002.
William B. Baker, a partner with Washington, D.C.-based Wiley Rein & Fielding LLP, explains that data brokerage firms, such as ChoicePoint, LexisNexis (Accurint) and Merlin, belong to an industry that is mostly unregulated. "In American law, data about persons generally belongs to the organization that maintains it as a business record, and such data is regarded as an asset of the company." He goes on to discuss the circumstances under which the collection, use and distribution of the data is subject to some regulation. He ends with some advice for businesses that collect personal information.