The US and the European Commission have released details about the proposed Privacy Shield program, formerly known as the “EU-US Safe Harbor Framework.” A key takeaway on US side is that the program will still rely on self-certification, although with improved verification and monitoring mechanisms. For its part, the US Department of Commerce has released a 132-page package containing the program principles, letters from the
Update for March 3, 2016: This week a judge has ordered that the approximately 10 million records of California students held by the California Department of Education will not be turned entirely over to a group of community nonprofits in the Morgan Hill case. Instead, the judge ordered that several smaller databases will be turned over
Today The Guardian published an op-ed I wrote about employer-sponsored wellness programs. You can find that op-ed here. I have researched and written about HIPAA, health plans, wellness, predictive analytics, and big data for years now. A lot of my work coalesced together when Robert Gellman and I researched and wrote the Scoring of America
Update for February 29, 2016: The US and the European Commission have released new details about the proposed Privacy Shield program. We have published a new post about this release here. Briefly, the US Department of Commerce has released a 132-page package containing the program principles, letters from the FTC, the Department of Transportation, the Office of the Director
The closely watched Safe Harbor talks to craft new privacy rules for transatlantic data flows between the US and the EU have resulted in some preliminary signals today, although a final outcome is still pending. Commissioner Jourova, speaking before the Committee on Civil Liberties, Justice, and Home Affairs, said that the talks had not yet produced an agreement.