The Federal Trade Commission announced a settlement with Myspace
over disclosure of Myspace users' personal information. The FTC
Myspace provided advertisers with the unique identifier of Myspace
users who were viewing particular pages on the social networking
site. Advertisers could use the unique identifier to locate a
user's Myspace profile to obtain personal information publicly
available on the profile and, in most instances, the user's
full name. According to the FTC, advertisers also could combine the
user's real name and other personal information with additional
information to link broader web-browsing activity to a specific
individual. The FTC claimed that these practices violated
The agency also claimed that Myspace certified that it was
complying with the U.S.-EU Safe Harbor Framework, which provides a
method for U.S. companies to transfer personal data lawfully from
the European Union to the United States. As part of its
self-certification, Myspace claimed that it complied with the Safe
Harbor Principles, including the requirements that consumers be
given notice of how their information will be used and the choice
to opt out. The FTC alleged that these statements were false.
Under the proposed settlement, Myspace is required to establish
a comprehensive privacy program designed to protect consumers'
information, and to obtain biennial assessments of its privacy
program by independent, third-party auditors for 20 years.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
To print this article, all you need is to be registered on Mondaq.com.
Click to Login as an existing user or Register so you can print this article.
Illinois Attorney General Lisa Madigan has issued a binding opinion under the state's FOIA that email messages sent or received through public employees' personal email accounts may be public records subject to disclosure...
Triggering a landslide of legislative reforms and legal battles, the European Court of Justice's ("ECJ") landmark judgment of April 8, 2014, Digital Rights Ireland (C-293/12), invalidated the Data Retention Directive 2006/24/EC, which provided that providers of publicly available communications services must retain certain data.
Following the July 12, 2016, adoption by the European Commission of the EU-U.S. Privacy Shield (the "Privacy Shield"), companies engaging in trans-Atlantic data sharing can now register for the Privacy Shield.
Register for Access and our Free Biweekly Alert for
This service is completely free. Access 250,000 archived articles from 100+ countries and get a personalised email twice a week covering developments (and yes, our lawyers like to think you’ve read our Disclaimer).