1. 5 Legal Stories You Should Read This Weekend

    On tap for your weekend reading: Google’s privacy policy, stem cell research, Equifax privacy settlement, Medicare data breaches, Federal lawsuit against Wells Fargo. Five stories from the week that stood out, as written by some of the smartest lawyers at work today:  

    EU Sends Google Back to the Drawing Board

    European data protection authorities released their report on Google’s privacy policy and associated practices this week. Prepared by France’s Commission nationale de l’informatique et des libertés (translation: one of the toughest regulators in Europe), the report is highly critical of Google’s policy, write Kolvin Stone and James Drury-Smith of law firm Orrick

    “… the report finds that Google does not provide sufficient information to Google users about the personal data it collects and how such data is used; questions whether personal data is only used for the purposes stated in the policy; raises concerns about whether Google implements minimization and proportionality principles in respect of the type and volume of personal data it collects; and states certain uses and combinations of personal data from across its services do not have appropriate legal grounds to take place.”

    The good news for Google? No fines, no sanctions, and a chance to fix the privacy policy. The bad news? If they want to stay (and out of trouble) in Europe,they’ve got lots of work to do. (Orrick

    Federal Funding of Stem Cell Research Targeted by Conservative Groups

    On October 10, 2012, the Jubilee Campaign’s Law of Life Project and the Alliance Defending Freedom filed a petition seeking Supreme Court review of an appeals court decision that allowed federal funding of stem cell research to continue. In 2009, President Obama authorized the use of federal funds for research on using embryonic stem cells created after August 2001. The pro-life groups want to block the National Institutes of Health from following the order, claiming that the appeals court ruling authorizing it to do so was based on a mistaken view of executive power. (Foley & Lardner

    Equifax Settlement Exposes a Different Kind of Data Breach

    Data breaches continue to cause concern to corporations and individuals alike (that’s why October is National Cybersecurity Awareness Month), but a recent FTC settlement with Equifax and others make it clear that anonymous hackers aren’t the only ones trying to get their hands on our personal financial information. Alison Finnegan at law firm Schnader

    “The FTC claimed that Direct Lending and its affiliates purchased more than 17,000 prescreened lists from January 2008 through early 2010 [from Equifax], and sold the lists to third parties, including entities that targeted consumers in financial distress for loan modification, debt relief and foreclosure services… The FTC alleged that, in other instances, prescreened lists were sold to list brokers and others, and then resold to unidentified downstream entities.”

    Time will tell if the settlement will cause other consumer reporting agencies and data resellers to think twice before buying and selling customer lists (Corporate Law Report

    Speaking of Data Breaches (yes, I’m talking to you, Medicare)…

    According to a Department of Health and Human Services study released earlier this month, the Centers for Medicare & Medicaid Services (CMS) – responsible for maintaining the protected health information of millions of Medicare beneficiaries – reported 14 separate data breaches that required notification under the HITECH Act. The breaches, which affected nearly 14,000 individuals, took place during the period running from late 2009 to late 2011. 

    One particularly revealing statistic: although CMS made the notifications required to comply with the HITECH Act in all 14 breaches, the agency failed to meet 23 specific requirements of the law when making those notifications. Even the Feds have trouble meeting all of the rules … (Mintz Levin

    Feds Go After Lender for Faulty Loans
    The federal government filed a lawsuit earlier this month against Wells Fargo, claiming the lender violated the False Claims Act and the Financial Institutions Reform, Recovery, and Enforcement Act. The DOJ is seeking damages stemming from the bank’s “breach of fiduciary duty, gross negligence, negligence, unjust enrichment, and payment under mistake in fact.” In plain English? Wells Fargo approved loans that it then certified as eligible for FHA insurance when they were in fact not, putting the government on the hook for hundreds of millions of dollars to settle insurance claims on the faulty loans. (BuckleySandler) (Orrick

    On a related note, the Consumer Financial Protection Bureau is considering a rule change that would provide lenders with safe harbor from lawsuits related to mortgages that meet specific standards. (Saul Ewing

    —- 

    @lancegodard