Last Week in Privacy- July 3, 2018

Welcome to “Last Week in Privacy!” Each week, OneTrust’s in-house privacy experts will give you the top international privacy industry highlights from last week.


  1. In a groundbreaking decision, the U.S. Supreme Court ruled in the Carpenter vs. the United States case that, under the Fourth Amendment of the U.S. Constitution, the government must get a warrant to obtain cell site location data held by wireless communication companies. The Supreme Court majority acknowledged privacy interests in a mobile device’s constant generation of location data, and decided that an individual would not waive these interests by merely sharing that data with their service provider.
  2. More than 60 different NGO’s and a number of other advocacy groups in the EU have teamed up to file complaints, asking member state governments – including France, Germany, Ireland and the UK – to stop requiring phone and internet providers to retain traffic data of their users, a practice that still continues despite it being ruled illegal by the Court of Justice of the European Union.
  3. The FTC’s Bureau of Consumer Protection has issued a comment to the Consumer Product Safety Commission about potential safety issues associated with Internet of Things devices. The comment warns of potential risks to consumer safety – such as loss of safety functions, connectivity, and degradation of data integrity – and outlines ways to mitigate those risks. The FTC has also provided additional guidance on predicting and mitigating IoT device-related privacy and security risks.
  4. The UK Information Commissioner’s Office announced that it is developing a code for protecting children’s privacy. The Age Appropriate Design Code will provide guidance on privacy standards for companies to adopt when offering online services and apps to children, including standards for privacy settings and notices, as well as an assessment of the appropriateness of automated profiling of children or use of their geolocation data. The ICO announced plans to conduct a direct consultation with children, parents and guardians to inform the code’s development.
  5. California Governor Jerry Brown signed into law the California Consumer Privacy Act of 2018 on June 28, 2018. This first of its kind U.S. privacy law will give California residents new online privacy protections and will dramatically impact how companies handle their data.

Be sure to check out our latest articles in CPO Magazine and in IAPP The Privacy Advisor, written by our very own Chief Privacy Officer Andrew Clearwater, and Privacy Counsel, Brian Philbrook.

See you next week!