About the Book

A New Treatise from Thomson Reuters by Liisa Thomas

A Practical Approach

The work is divided into practical sections to make it easier for the practitioner. The goal is to allow you to answer key questions from your business teams about collection and use of personal information. The work is not a list of laws. Instead, it takes the confusing patchwork of laws and organizes it into clear categories:

What is personal information?
Are there restrictions on what can be collected?
What notices are required?
Do we have to give individuals choices about how their information is used?
What considerations should be made if sharing or using information?
What about if we want to use personal information to communicate directly with an individual?

Scroll down for the table of contents and (extensive) list of statutes covered

Thomas on Big Data: Table of Contents

Table of Contents

CHAPTER ONE: Introduction.. 3

1.1. Navigating the Complex World of Privacy Laws. 3

1.2. General Privacy Laws. 4

1.3. Industry-Specific Privacy Laws. 6

1.4. Activity-Specific Privacy Laws. 8

1.5. Scope: What Constitutes “Personal” Information Such That These Laws Apply?. 10

CHAPTER TWO. Collecting Information from and About individuals. 11

2.1. Are There Restrictions on What Information a Company Can Collect?. 11

2.2. When Is a Company Limited in How it Can Collect Information?. 12

2.3. Limits on Collecting Information During Credit Card Transactions. 13

2.4. Gathering Information Through Cookies and Related Technologies. 15

2.5. Gathering Information Through Spyware and Adware. 15

2.6. GPS-Based Information Collection. 17

CHAPTER THREE. Giving Notice About Information Practices. 17

3.1. General Requirements. 17

3.2. Method of Delivery. 17

3.3. Timing of Notice Generally. 18

3.4. General Content of Notice (Privacy Policies) 18

3.5. Notice if Sending Emails. 23

3.6. Notice if Sending Texts. 23

3.7. Notice if Making Calls. 24

3.8. Notice if Sending Faxes. 24

3.9. Notice if Providing WiFi 26

3.10. Notice by Phone and Broadband Companies. 26

3.11. Notice for Sharing Information. 26

3.12. Notice for Video Rentals, Online Streaming Services and More?. 27

3.13. Notice For Financial Services Companies. 28

3.14. Notice For Health Care Companies. 29

3.15. Notice if Selling Information. 30

3.16. Notice If Engaging in Passive Tracking. 31

3.17. Notice When Collecting Biometric Identifiers. 33

3.18. Notice if Collecting Information from Children. 34

3.19. Notice Requirements if Materially Change Existing Practices. 34

3.20. Notice if Combining Data. 35

CHAPTER FOUR. CHOICES (CONSENT AND OPTING OUT) 35

4.1. Consent Requirements Generally. 35

4.2. Consent and Opt-Outs for Sending Text Messages. 38

4.3. Consent for Making Phone Calls. 41

4.4. Faxes, Consent and Opting Out 43

4.5. Choices for Email Messages. 45

4.6. Choices for Behavioral Advertising. 47

4.7. Choices to Provide if Serving Adware. 48

4.8. Consent If Using Information In New Ways. 49

4.9. Consent for Recording Phone Calls. 49

4.10. Consent for Video Rentals and Online Streaming Services. 51

4.11. Consent When Collecting Biometric Identifiers. 51

4.12. Consent to Track Using GPS. 52

4.13. Consent if Using Drones to Gather Information. 53

4.14. Parental Consent to Collect Children’s Information Online. 54

4.15. Letting People Opt-Out of Information Sale. 54

CHAPTER FIVE: SHARING DATA.. 55

5.1. The Legal Landscape for Sharing Information. 55

5.2. Intercepting Communications as “Sharing”. 56

5.3. Data Broker Obligations. 57

5.4. Financial Institutions Sharing Information. 57

5.5. Health Care Providers Sharing Information. 58

5.6. Telecommunications Service Providers Sharing Information. 58

5.7. Online Streaming Services Sharing Information. 59

5.8. Providers of Credit Reports Sharing Information. 59

5.9. Restrictions on Sharing Data: Websites Directed at Children. 60

5.10. Restrictions on Sharing Data in Bankruptcy. 60

CHAPTER SIX: Using Data, REQUIREMENTS IF YOU HOLD DATA.. 61

6.1. Using Sensitive Information. 61

6.2. Automated Decision Making. 62

6.3. Restrictions on Cross-Border Data Transfers. 63

6.4. Providing Rights and Responding to Rights Requests. 64

6.5. Ceasing Use of Information. 65

6.6. Data Retention. 66

6.7. Third Party Vendors. 66

CHAPTER SEVEN: Communicating with Individuals. 67

I. Email Communications. 67

7.1. Email: Beyond Notice and Choice. 67

7.2. Multiple Senders. 67

7.3. Tell A Friend Services: Who Is the Sender?. 68

7.4. Email Content Restrictions. 69

7.5. Beyond Email: Social Media Messages. 70

II. Phone Calls. 71

7.6. Calls: Beyond Notice and Choice. 71

7.7. When To Check A “Do Not Call” List 71

7.8. Record Keeping and Training. 73

7.9. Registration Requirements. 74

7.10. Time-of-Day Limits. 78

7.11. Call Content Requirements. 79

7.12. Abandoning Calls. 80

7.13. US Restrictions on Use of Certain Technologies in Telephone Solicitations. 81

III. Text Messages. 82

7.14. Requirements When Sending Certain Types of Marketing Texts. 82

7.15. Time-of-Day Restrictions for Text Messages. 82

7.16. Text Messages and Kids: Proceed With Caution. 83

IV. Direct Mail Marketing.. 83

7.17. Direct Mail as Mass Marketing. 83

7.18. Requirements for Sending Direct Mail Advertisements. 83

7.19. Sweepstakes or Contests. 84

Covered Statutes

This work digests hundreds of laws, consisting of thousands of pages of content. A full list is coming soon. In the meantime, the following are the types of laws covered:

Activity-Specific

Telemarketing laws

Telephone solicitation laws

Email marketing laws

Wiretap and eavesdropping laws

Biometric laws

Children's privacy law

Spyware and adware laws

Online privacy laws

Industry Specific

Telecommunications and Cable/Video Tape Providers

Health Care

Financial Services

General Privacy Laws in Various Jurisdictions

Argentina

Australia

Brazil

California

Canada

European Union and Member States

Mexico

New Zealand

Philippines

Russia

South Africa

South Korea

Switzerland

and more!