Retail Privacy Network

Data Matters

You are invited to join privacy professionals in the retail sector for topical conversation, learning and networking at the first Retail Privacy Network meeting. This interactive meeting will include hot topics in UK/EU data privacy and cybersecurity with practical case studies on retail industry issues. The post Retail Privacy Network appeared first on Data Matters Privacy Blog.

Facial Recognition Is Coming to Retail

Schneier on Security

anonymity facerecognition privacy retailSummary article.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

DPIAs for retail and hospitality 

IT Governance

It’s relevant for everyone, including retail and hospitality. Retail and hospitality organisations will likely need to conduct several to cover all their processes, both new and existing. Loyalty programmes, device tracking and CCTV are just a few examples of activities that will probably need a DPIA to ensure the risk to the privacy of customers’ personal information is justified and that plans are put in place to mitigate that risk.

GDPR. Forget bitcoin, data is the new currency of retail

OpenText Information Management

On May 25, 2018, the new EU data privacy regulation, known as the General Data Protection Regulation (GDPR), comes into force. Forget bitcoin, data is the new currency of retail appeared first on OpenText Blogs.

Pairing Privacy and Security with Digital Identities in Retail


InfoSec Insider Privacy Web Security amazon consolidated view customer experience digital identities eve maler forgerock infosec insiders omnichannel online shopping SecurityOmnichannel views of customers are a competitive edge -- but they have to be appropriately implemented.

Retail has a multi-cloud problem…with sensitive data

Thales eSecurity

Digital transformation (DX) is fundamentally impacting all aspects of the economy across every industry, and nowhere is this truer than in retail. Analysis of this year’s results showed that the percentage of retailers increasing IT security spending declined.

Information Security and Compliance Through the Prism of Healthcare and Retail


Let’s explore how these concepts relate to two specific industries – healthcare and retail. The Department of Health and Human Services, Office for Civil Rights (OCR), may impose a penalty on a covered entity for a failure to comply with a requirement of the Privacy Rule. 2 -- Retail provides useful lessons in the importance of decentralized capture and the security challenges it creates. compliance healthcare scanning information security information capture retail

GDPR – the facts and what it means for the retail sector

IT Governance

There are many opportunities within retail, leisure and hospitality for tailored offers and promotions to improve business. That is why, immediately after 25 May, some US websites blocked EU traffic – there was uncertainty about the systems, processes, cookie notifications and privacy policies, and some decided to block EU traffic rather than risk non-compliance. EU GDPR Retail GDPR GDPR compliance

Hunton Publishes Retail Year in Review

Hunton Privacy

On January 18, 2018, Hunton & Williams LLP’s retail industry lawyers, composed of more than 100 lawyers across practices, released their annual Retail Year in Review publication. The Retail Year in Review includes several articles authored by our Global Privacy and Cybersecurity lawyers, and touches on many topics of interest including blockchain, ransomware, cyber insurance and the Internet of Things.

Hunton Andrews Kurth Publishes 2018 Retail Industry Year in Review

Hunton Privacy

As reported on the Hunton Retail Law Resource blog , on January 17, 2019, Hunton Andrews Kurth’s retail industry team, composed of more than 200 lawyers across practices, released their annual Retail Industry Year in Review publication.

Amazon's Healthcare Expansion: Analyzing Privacy Concerns

Data Breach Today

As Amazon expands its activities in healthcare, include a high-profile venture into the pharmacy business, the online retail giant will face a wide variety of important privacy issues, attorneys Jeffrey Short and Todd Nova explain

Retail 100

How to Avoid Spam—Using Disposable Contact Information

WIRED Threat Level

The next time you sign up for a coupon code or retail promotion, use these apps to avoid spam text and email messages. Security Security / Privacy

MY TAKE: Why Satya Nadella is wise to align with privacy advocates on regulating facial recognition

The Last Watchdog

We’re just a month and change into the new year, and already there have been two notable developments underscoring the fact that some big privacy and civil liberties questions need to be addressed before continuing the wide-scale deployment of advanced facial recognition systems. The surveillance regime the UK government has built seriously undermines our freedom,” Megan Golding, a lawyer speaking for privacy advocates, stated.

Did H&M spy on its German employees? Privacy watchdog opens an investigation

Security Affairs

A German p rivacy watchdog is investigating into clothing retailer H&M because it was allegedly spying on its customer service representatives in Germany. SecurityAffairs – H&M, privacy). Privacy watchdog opens an investigation appeared first on Security Affairs.

Zappos Offers Users 10% Discount in 2012 Breach Settlement


Breach data breach Data Privacy e-commerce lawyer fees lawyers legal online retail regulators Settlement ZapposLawyers will get $1.6 million in a settlement that stems from a breach that affected more than 24 million customers.

UK Fines Dixons Carphone for Massive Breach

Data Breach Today

Retailer's Missteps Led to 'Careless Loss of Data,' Privacy Watchdog Says British regulators have fined Dixons Carphone $653,000 for a breach that exposed millions of payment card details and personal data due to point-of-sale malware.

Retail 148

The New Wave of Consumer Class Actions Targeting Retailers: What is the TCCWNA?

Hunton Privacy

The very acronym evokes head scratches and sighs of angst and frustration among many lawyers in the retail industry. But what is it and why has virtually every retailer been hit with a TCCWNA class action demand letter or lawsuit in the past few months? TCCWNA.

Google and Mastercard cut a secret deal to track retail sales data

Information Management Resources

Customer data Data privacy GoogleFor the past year, select Google advertisers have had access to a potent new tool to track whether the ads they ran online led to a sale at a physical store in the U.S. That insight came thanks in part to a stockpile of Mastercard transactions that Google paid for.

UK ICO Issues Unprecedented Fine Against Mobile Phone Retailer for Lax Security

Hunton Privacy

On January 8, 2017, the UK Information Commissioner (“ICO”) issued an unprecedented monetary penalty of £400,000 against British mobile phone retailer, The Car Phone Warehouse Limited. The ICO, in its public announcement of the decision, emphasized the importance of the Privacy by Design principle included in the GDPR, which requires companies to ensure that strong IT governance and information security measures are in place, tested and refreshed to comply with the provisions of the law.

The Need for Strong Federal Data Privacy Legislation


Consumers in the United States have finally begun to pay attention to the privacy of their data. Data Privacy advocates and ordinary consumers alike compared laws in the U.S. states have recently jumped in to try to fill this data privacy leadership void.

GUEST ESSAY: The privacy implications of facial recognition systems rising to the fore

The Last Watchdog

Tech advances are accelerating the use of facial recognition as a reliable and ubiquitous mass surveillance tool, privacy advocates warn. Assuming privacy concerns get addressed, much wider consumer uses are envisioned in areas such as marketing, retailing and health services. Ntrepid is focused on the privacy ramifications associated with these developments.

Getting Customer Communications Right in Times of Coronavirus

HL Chronicle of Data Protection

Across the world, large retail stores and small businesses alike are shutting their doors. With all of the cancellations, postponements, and alternative arrangements that are required as a result of this global crisis, plus the special desire of all retail, travel, and other consumer-facing businesses to stay in touch with their customers, many organisations face the critical challenge of getting to grips with the legal rules that apply to those unsolicited communications and interactions.

In Today’s Privacy Environment, That’s the Way the (Website) Cookie Crumbles: Data Privacy Trends

eDiscovery Daily

As covered in Alston & Bird’s Privacy and Data Security Blog ( Google-Style GDPR Fines for Everyone? The companies audited were from industries ranging from online retail to sports to banking & insurance to media, even automotive & electronics and home and residential.


Delta, Sears Breaches Blamed on Malware Attack Against a Third-Party Chat Service


Hacks Privacy Vulnerabilities credit card breach data breach Delta retail breach Sears security breachSecurity experts say breaches impacting Delta Air Lines and Sears customers is tied to malware planted on a third-party chat service.

The California Consumer Privacy Act Surfaces in Recent Data Breach Class Action Complaint

Hunton Privacy

At this point, most companies doing business in California are aware of the California Consumer Privacy Act (“CCPA”), and most have been bracing for the eventual onslaught of class action litigation to follow its passage. State Law CCPA Consumer Protection Personal Data Personally Identifiable Information Privacy

FTC Settles Spying Case Against Rent-to-Own Retailer

Hunton Privacy

Aaron’s is a national “rent-to-own” retailer that allows consumers to rent, with an option to purchase, consumer goods including electronics. Enforcement Online Privacy U.S. On October 22, 2013, the Federal Trade Commission announced a proposed settlement with Aaron’s, Inc. Aaron’s”) stemming from allegations that it knowingly assisted its franchisees in spying on consumers.

Shopping safely over Black Friday and Cyber Monday

IT Governance

Black Friday and Cyber Monday are almost upon us, kickstarting what retailers hope will be a successful trading period. However, retailers offering both a physical and digital presence stand to gain the most, as the omnichannel approach is favoured by 69% of UK-based survey respondents.

Sales 88

FTC Reaches Settlement in First Enforcement Action Against a Retail Tracking Company

Hunton Privacy

On April 23, 2015, the Federal Trade Commission (“FTC”) announced that Nomi Technologies (“Nomi”) has agreed to settle charges stemming from allegations that the company misled consumers with respect to their ability to opt out of the company’s mobile device tracking service at retail locations. The settlement marks the FTC’s first Section 5 enforcement action against a company that provides tracking services at retailers.

Trusted Customer Engagement with Data Governance and Privacy by Design


Examples include organizations driving disruptive innovations in retail (Amazon), transportation (Uber), hospitality (Airbnb) and entertainment (Netflix). Consumer sentiment parallels the demands of new and emerging data privacy laws. Customers today have high expectations.

Retailer Sued over Allegations that Background Check Consent Form Includes Extraneous Information

Hunton Privacy

As reported in the Hunton Employment & Labor Perspectives Blog : On November 2, 2015, a putative class action was filed against retailer Big Lots Stores, Inc. FCRA Workplace Privacy Class Action Consent Credit Report Federal Trade Commission

Impact Of Chat Service Breach Expands To Best Buy, Kmart


Featured Hacks Privacy Vulnerabilities Best Buy Best Buy Breach Cyber breach data breach Delta Kmart breach retail breach SearsA breach that exposed the credit card information of Delta Air Lines and Sears Holdings now expands its impact to include Best Buy and Kmart.

IT 59

Reltio Supports Apple CEO Tim Cook’s Clarion Call for Stronger US Customer Data Privacy Laws


privacy law , similar to GDPR (General Data Protection Regulation), is appropriate and timely. But today modern data management solutions that include technologies like machine learning empower organizations to implement data governance and privacy initiatives at scale, and are an essential part of their overall Customer 360 data strategy. privacy law as a regulatory burden rather than an opportunity have not yet internalized what it means to be a customer-driven company.

Consumer Horizons 2019: Hogan Lovells’ Cross-Practice Publication Highlights Key Privacy and Data Protection Considerations in the Consumer Industry

HL Chronicle of Data Protection

Businesses in the consumer industry have seen a wave of unprecedented disruption and transformation that have made privacy and data protection issues a mainstream topic in boardrooms, amongst legislators, and across the wider public.

Radisson Rewards programme breached

IT Governance

Radisson has confirmed that “upon discovering the data incident, [it] promptly informed EU regulators of the situation”, but it could still face fines of up to €20 million or 4% of annual global turnover if it is found to have infringed individuals’ privacy rights.

Debate Continues on the Future of US Privacy Regulation from California to Capitol Hill

Data Matters

With the midterm election out of the way, legislators on Capitol Hill and in state capitols are getting ready to consider the future of data privacy regulation in 2019 and consumer and industry groups continue to weigh in on the ongoing debate. In Washington, key leaders of congressional committees from both parties indicated that privacy legislation will be on their agendas in the next Congress.

Mortgage Broker Settles FTC Privacy Charges That It Improperly Disclosed Consumer Information on Review Site

Hunton Privacy

As reported on our Hunton Retail Law Resource blog, on January 7, 2020, the Federal Trade Commission announced a settlement with Mortgage Solutions FCS, Inc., Under the terms of the settlement, Walker and Mount Diablo will pay a $120,000 civil penalty, and must not misrepresent their privacy and data security practices, misuse credit reports or improperly disclose personal information to third parties. Enforcement Online Privacy U.S.

Card Factory allowed customer photos to be exposed publicly

IT Governance

However, on 15 October it said: The trust and privacy of our customers is of utmost importance to us. The issue demonstrates how easy it is for retailers to experience cyber security incidents, and how important it is that they are prepared to respond.

The New Congress Turns to an Old Issue – The Possibility of Comprehensive Federal Privacy Legislation

Data Matters

Even a few short years ago, it seemed unlikely that Congress would enact comprehensive privacy legislation. But a series of high profile data breaches; increasing concerns about data practices, particularly when connected to political micro-targeting; fears about the rise of autonomous, and potentially invisible, decision-making; and the passage of far-reaching foreign and now State privacy laws have all changed the zeitgeist. Legislation Online Privacy Policy US State Privacy Law

Recent Risk Alerts by SEC OCIE Highlight Privacy and Cybersecurity Issues in Examinations

Data Matters

The SEC’s Office of Compliance Inspections and Examinations (OCIE) released two Risk Alerts, on April 16, 2019 and May 23, 2019, highlighting the importance of privacy and cybersecurity compliance for SEC-registered investment advisors and broker-dealers under Regulation S-P. April 16 Risk Alert – Privacy Notices and Safeguard Policies. Privacy and Opt-Out Notices. Cybersecurity Enforcement Financial Privacy SEC

CCTV and the GDPR – an overview for small businesses

IT Governance

In both cases, you must weigh your lawful basis against the data subjects’ privacy rights. Privacy notices (Article 13). For further information about how to handle a data breach, please visit our website >> Data Protection EU GDPR Retail GDPR compliance