Airline Found in Breach
The US Office of the Privacy Commissioner (OPC) has issued PIPEDA Report of Findings #2011-002: Airline must ensure policies comply with Canadian privacy law (19 September 2011). The report concerns a complaint that KLM failed to provide “information about its policies and practices relating to the management” of personal information requested by a passenger. The OPC’s investigation found that KLM had failed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) by not responding to the complainant’s request.
The OPC also made broad recommendations that all organisations should have procedures for handling information access requests, and that foreign organisations realise they fall under PIPEDA’s jurisdiction if they engage in commercial activities and have a real and substantial connection to Canada.
(Source: OPC; Department of Justice)
Father Sues Coffee Chain Over Hidden Camera
The Age reports that a US man is suing Starbucks for $US3 million for invasion of privacy, negligence and ”intentional infliction of emotional distress” after his five year old daughter found a hidden video camera in the bathroom of a Washington Starbucks outlet. Reportedly, the man is also accusing Starbucks of negligence in the hiring, training and supervision of its staff. Starbucks reportedly failed to have the lawsuit thrown out on the grounds that the man had not proven any wrongdoing by its employees.
The Age: ‘Camera in toilet’: father sues Starbucks for $3m (21 September 2011)
(Source: The Age)
Name Change Attempt to Improve Reputation
The Age reports that an internal News Corporation marketing brief has revealed plans to change the Australian division’s name from “News Limited” to “News Australia” in an effort to “rebrand” the company and rescue its flailing reputation. According to The Age, the rebranding follows the damage to the company’s reputation surrounding the UK phone hacking scandal, and tensions with the federal government over content published in The Daily Telegraph. The marketing brief reportedly discloses a need to “evolve” the company’s name, in part because “other people are defining [News Limited's] brand”. The brief also reportedly expresses the need to ”connect with employees to articulate a desired culture and shared values and ethics across the News Limited group”, after employee research on the company’s reputation amongst advertisers and competitors revealed that it was seen as an “arrogant newspaper company, difficult to deal with”.
The Age: ”News Ltd’ axed in major Murdoch rebranding (21 September 2011)
(Source: The Age)
Media Empire Investigated for Bribery
Bloomberg reports that the US Department of Justice has written to News Corporation requesting information as part of an investigation into whether alleged payments to police for information constituted a violation of the Foreign Corrupt Practices Act (FCPA). According to Bloomberg, an anonymous “person with knowledge of the matter” confirmed the investigation of the US business’ alleged “paying off” of foreign government representatives in order to gain commercial advantage, which is a crime under the FCPA.
The investigation reportedly accompanies an existing US probe into allegations that News Corporation hacked the phones of September 11 victims in the US, following revelations earlier this year that UK News Corporation staff hacked the voicemail account of murdered teenager Milly Dowler in 2002.
According to Bloomberg, the letter requests information from News Corporation, but does not legally oblige the company to respond.
Bloomberg: News Corp. Said to Get U.S. Letter Seeking Information For Bribery Probe (21 September 2011)
Related News Items:
The Guardian: US prosecutors write to News Corp as part of payment inquiry – reports (20 September 2011)
Reuters: US seeks information from News Corp as part of bribery probe – reports (20 September 2011)
(Source: Bloomberg; The Guardian; Reuters; justice.gov)
Hospital Commits Major Privacy Breach
Stanford Hospital (Stanford) recently suffered a major privacy breach when the data for 20,000 patients was publically posted on a commercial website. While Stanford discovered the breach last month, the data had been posted on the site for almost a year. A patient first discovered the data and alerted the hospital on August 22. The hospital then had the data removed from the website the next day. Information posted on the website included patients’ names, diagnosis codes, account numbers, admission dates, and billing charges.
New York Times: Patient Data Posted Online in Major Breach of Privacy (8 September 2011)
(Source: New York Times)