The closely watched Safe Harbor talks to craft new privacy rules for transatlantic data flows between the US and the EU have resulted in some preliminary signals today, although a final outcome is still pending. Commissioner Jourova, speaking before the Committee on Civil Liberties, Justice, and Home Affairs, said that the talks had not yet produced an agreement.
The World Privacy Forum has filed extensive comments on the proposed changes to how the Genetic Information Nondiscrimination Act will be interpreted. Our comments focus on how the proposal will impact wellness program privacy, as well as family and spousal privacy. In our comments, we discuss our concerns with a variety of aspects of wellness program privacy, including the fact that much data from wellness programs falls outside of HIPAA protections. We also have strongly urged the EEOC to not allow employers to purchase genetic information about employees from third parties without consent, among other items related to this issue.
The Nuremberg Code, an extraordinary document around ethics and research on human subjects written after the research abuses that took place during World War II, is akin to a global Emancipation Proclamation for human research subjects. The Nuremberg Code’s 10 principles remain a timeless rendering of thought on what should be in place prior to any entity conducting research on human subjects, and this code forms the philosophical foundation of a regulation in the US known as the Common Rule. We have written extensive comments on the US proposal that will update the Common Rule…
Every other year, the US Federal Trade Commission issues a report about the national Do Not Call registry to Congress. The FTC has recently released its newest report, and by all measures, the Do Not Call registry is still strong and growing. It is not without its snags, however. For example, complaints about robocalls have increased,
After four years of negotiations, the EU Commission, Parliament, and Council have reached a final agreement on the General Data Protection Regulation (GDPR). The GDPR is an omnibus data protection law which sets arguably the most extensive data protection laws globally, along with strong enforcement authority. The new law contains many new provisions that move