UK ICO welcomes nuisance calls and texts law change
The law in the UK surrounding nuisance calls and texts changed on 6 April to allow the Information Commissioner’s Office (ICO) to fine companies who make unsolicited calls. The change removes the requirement for calls or texts to have caused "substantial damage or substantial distress" and the ICO has committed to fining those who break the law.
Businesses have expressed concern about compensation claims
Following the recent Court of Appeal judgment in Vidal Hall & Ors v Google Inc companies are concerned about the potential exposure to damages in light of claimants no longer needing to show "damage and distress". Although Google were refused permission to appeal to the Supreme Court, it remains to be seen whether they will seek to clarify important cyber security issues within the judgment. In the interim, data controllers need to be aware of this change and the potential to increase levels of risk posed.
Google loses German regulator’s challenge
Hamburg’s privacy watchdog has this week ordered Google to get consent for or limit its use of data if combined with information already obtained would allow Google to establish customers’ personal information such as marital status and financial standing. The ruling comes in the wake of increasing pressures on technology companies such as Facebook to give users more control over the use of their data and provide greater transparency around privacy policies.
New Australian data retention law passed to combat terrorism
The Telecommunications (Interception and Access) Amendment (Data Retention) Bill 2014 (Bill) has now passed Federal Parliament. It introduces new obligations on Internet Service Providers (ISPs) to retain consumer data for a minimum of two years in an attempt to combat terrorist attacks and serious crime. Critics argue that the Bill undermines their freedoms and is a vehicle for surveillance of the population.
AT&T pays USD 25 million fine for mobile phone data breach scam
The communications company AT&T settled a US Federal Communications Commission investigation yesterday by agreeing to pay a USD 25 million fine. The scam occurred in Mexico, Colombia and the Philippines with more than forty employees illegally accessing 280,000 customer names and Social Security numbers. The employees then provided the details to third parties who used the data to unlock stolen cell phones.
Facebook privacy case heard in Vienna court
Facebook’s case for alleged violations of European privacy laws brought by campaigner Max Schrems is being heard in the Austrian courts this week. The case includes a compensation claim, amounting to approximately EUR 500, for each of the 25,000 users involved in the class action. This follows the recent ECJ case, also brought by Schrems claiming that Facebook was in breach of EU law by providing US intelligence services with the data of its users which is yet to be determined.
Court orders ISPs to hand over illegal downloading customers’ details
This Monday, the Australian Federal Court ordered that six IPSs must disclose the names and addresses of those who illegally downloaded the film "The Dallas Buyers Club". The Court sided with the US company that owns the copyrights to the film and required that the names and addresses be provided to allow the company to bring copyright claims against those who had illegally downloaded the film.