Consumer Protection Connection

Consumer Protection
Connection

Category Archives: Privacy

Subscribe to Privacy RSS Feed

Internal Reforms Announced for FTC’s Bureau of Consumer Protection

Posted in Privacy
The Federal Trade Commission’s Bureau of Consumer Protection is about to undergo reform, according to FTC Acting Chairman Maureen Ohlhausen. In a press release issued on July 17, the FTC stated that the changes are part of an ongoing initiative to simplify information requests and improve transparency that began last April, when Ohlhausen announced new… Continue Reading

FTC Announces Date for PrivacyCon 2018 and Call for Presentations

Posted in Privacy
The Federal Trade Commission (FTC) has announced that its third annual PrivacyCon will take place in Washington, D.C., on February 28, 2018.  The conference will bring together researchers, academics, industry representatives, consumer advocates, and government representatives to explore an array of consumer privacy and data security issues, with a particular focus on emerging technologies, such… Continue Reading

Are Your Security Tools Up to Date?

Posted in Cybersecurity, Data Security, Privacy
The effects of the massive cyberattack using ransomware known as “Wanna Cry” are still being felt all over the world. Tens of thousands of organizations have been infected, including the UK’s National Health Service, which ran some services on an emergency-only basis the day the attack began in earnest. Some security experts surmise that the… Continue Reading

FTC Seeks Comments on Proposed Changes to TRUSTE’s COPPA Safe Harbor Program

Posted in Privacy
In a Federal Register notice, the FTC has asked for comments on intended changes to TRUSTe’s existing safe harbor program under the Children Online Privacy Protection Act (COPPA). TRUSTe proposed the changes following its settlement earlier this month with the New York Attorney General over allegations that the compliance and security company did not adequately… Continue Reading

TRUSTe Settles COPPA Safe Harbor Enforcement Action with NYAG

Posted in Privacy
TRUSTe has settled allegations by the New York Attorney General that it did not adequately assess whether companies certified under its Children’s Online Privacy Protection Act (COPPA) Safe Harbor seal program allowed third party sites to track children. TRUSTe agreed to pay $100,000 and will be required to adopt new procedures to make its COPPA… Continue Reading

FCC Takes Initial Step to Give Privacy, Security Authority Back to FTC

Posted in Privacy
On March 1, the Federal Communications Commission (FCC) granted a temporary stay of one of the broadband privacy rules adopted in October of last year. That rule, which pertains to data security, would otherwise take effect on March 2. Newly installed FCC Chairman Ajit Pai and Federal Trade Commission (FTC) Acting Chair Maureen Ohlhausen issued… Continue Reading

Sealed: Three IT Companies Settle FTC Deceptive APEC Privacy Claims

Posted in Advertising, Privacy
If a business advertises it is a member of a privacy program, even a voluntary one, it had better be, according to the Federal Trade Commission (FTC). In separate but related complaints, the FTC alleged that three businesses – software provider Sentinel Labs Inc., private messaging app developer SpyChatter Inc., and cybersecurity software company Vir2us… Continue Reading

Smart TV Tracking Without Permission? Not So Clever

Posted in Privacy
Have you ever had the niggling suspicion your television was watching you?  Apparently, if it was made by smart technology manufacturer VIZIO, it very well may have been.  In a $2.2 million settlement with the Federal Trade Commission (FTC) and the New Jersey Attorney General, VIZIO acknowledged that it collected and sold data from 11… Continue Reading

Turn, Inc. Settles with FTC Over Deceptive Consumer Tracking

Posted in Privacy
In 2015, Verizon found itself in hot water over charges it was using a “super cookie” that continued to operate even when users believed they had opted out of mobile phone data tracking. Verizon allegedly then sent the data obtained to a third party for targeted advertising purposes without its customers’ consent. Verizon settled with… Continue Reading

Another State AG Weighs in on Children’s Privacy

Posted in Privacy
Texas Attorney General (AG) Ken Paxton announced a settlement with an app developer over concerns that the developer’s apps infringed children’s privacy. The developer, Juxta Labs, Inc., offers a range of mobile apps and games.  According to the AG’s press release, the company’s apps and social media were easy for children of any age to… Continue Reading

FCC Grants TCPA Relief to Energy Utilities and Schools

Posted in Data Security, Privacy
On August 4, 2016, the Federal Communications Commission (FCC) released a Declaratory Ruling granting in part two separate petitions that were filed last year – one by the Edison Electric Institute and American Gas Association, and another by Blackboard, Inc. – regarding application of the Telephone Consumer Protection Act of 1991 (TCPA) to certain types… Continue Reading

Shielded: EU Approves Privacy Pact with the U.S., Fee Schedule Proposed

Posted in Cybersecurity, Privacy
The European Commission (EC) approved the EU–U.S. Privacy Shield on Tuesday, July 12, after European Union member states, through the Article 31 committee, approved the pact the previous week (more on the draft adequacy decision back in March here and the earlier agreement laying out the Privacy Shield here). The decision will allow U.S. companies that… Continue Reading

State Data Breach Notification Laws – Overview of Requirements for Responding to a Data Breach (Updated June 2016)

Posted in Data Security, Privacy, Regulations
We have updated our summary of state data breach notification laws in light of recent amendments to some of the laws since our last update in September 2015. Notably, Tennessee amended its data breach notification law, the Identity Theft Deterrence Act, effective July 1, 2016, by eliminating an encryption safe harbor and requiring that affected… Continue Reading

Preparing for the EU General Data Protection Regulation: A Checklist for Businesses

Posted in Data Security, Privacy
The new European Union General Data Protection Regulation (GDPR) (Regulation 2016/679, Apr. 27, 2016) will replace the Data Protection Directive (Directive 95/46/EC) effective May 25, 2018.  The GDPR has been a long time coming, and introduces a host of new requirements for companies that use or process data in the EU, or simply use or… Continue Reading

Supreme Court Requires Plaintiffs to Show Harm or Risk of Harm, Not Bare Procedural Violation, to Get Statutory Damages

Posted in Cybersecurity, Data Security, Litigation, Privacy
Joe Ravi | CC-BY-SA 3.0 Last year, we noted that the Supreme Court had granted certiorari in a case that could limit the ability of plaintiffs to sue defendants over bare statutory violations without the showing of actual injury. The case implicates a wide variety of statutes that grant monetary awards to successful plaintiffs on… Continue Reading

GDPR Publication Starts Countdown to May 2018 Compliance Date for New Privacy Rules

Posted in Legislation, Privacy, Regulations
The new General Data Protection Regulation (GDPR) (Regulation 2016/69, Apr. 27, 2016), approved by the European Parliament and the Council of the European Union, was formally published in the Official Journal of the European Union on May 4, 2016, and will replace the Data Protection Directive (Directive 95/46/EC) effective May 28, 2018. This new set… Continue Reading

Millar to Lead Toy Marketing Panel at CARU

Posted in Events, Privacy
Even as advertising to kids gets more complicated, the basic principles remain the same. This week, Children’s Advertising Review Unit (CARU), an independent self-regulatory organization within the Council of Better Business Bureaus (CBBB) which monitors children’s advertising and helps marketers vet ads and campaigns, is hosting its annual conference, “Reimagining Children’s Advertising: Getting it Right… Continue Reading

NTIA Steps into IoT Debate

Posted in Cybersecurity, Privacy
Continuing its tradition of active involvement in digital economy questions, the Department of Commerce’s (DOC) National Telecommunications and Information Administration (NTIA) issued a request for public comment on questions posed by the growth of the Internet of Things (IoT). The explosive growth of connected products, anticipated to reach 25 billion by 2020, is one reason… Continue Reading

Appeals Court Agrees That Health Solutions Provider’s Insurance Requires Defense in Data Disclosure Class Action

Posted in Data Security, Litigation, Privacy
Availability of insurance is often among the first questions that arises when a company encounters a data breach or other Internet-related problem involving company records, even where the company lacks a cyberinsurance policy. The federal Fourth Circuit Court of Appeals recently affirmed a ruling by a District Court that required insurance coverage for an inadvertent… Continue Reading

FCC Adopts Broadband Privacy NPRM

Posted in Privacy, Regulations
At its Open Meeting yesterday, the Federal Communications Commission (FCC) adopted a Notice of Proposed Rulemaking (NPRM) that would apply the privacy protections in Section 222 of the Communications Act to broadband Internet Service Providers (ISPs). The text of the NPRM, which reportedly seeks public comment on more than 500 questions relating to privacy and… Continue Reading

The FCC Continues Privacy Push with Draft Proposal Regulating ISP Customers’ Data

Posted in Data Security, Privacy, Regulations
On the heels of the Open Internet Order adopted by the Federal Communications Commission (FCC) last year, FCC Chairman Tom Wheeler has circulated a Notice of Proposed Rulemaking (NPRM) to fellow Commissioners that would apply the privacy protections of the Communications Act to broadband Internet access services. Wheeler’s proposal will be voted on at the… Continue Reading

FCC Settles Probe into Verizon’s Use of “Supercookies”

Posted in Privacy, Regulations
On March 7, 2016, the Enforcement Bureau of the Federal Communications Commission (FCC) entered into a Consent Decree with Verizon Wireless relating to the company’s use of Unique Identifier Headers (UIDH) for targeted advertising purposes.  UIDH are commonly referred to as “supercookies” because they cannot be deleted.  This concludes the FCC’s investigation into whether Verizon… Continue Reading

European Commission Releases Draft Text of Adequacy Decision on EU-U.S. Privacy Shield

Posted in Data Security, Privacy
On February 29, 2016, the European Commission’s (EC) released a much anticipated draft adequacy decision on the EU–U.S. Privacy Shield.  With this and enactment of the Judicial Redress Act last week (see our post here), the European Union came yet another step closer to finalizing the agreement between the EU and the U.S. to enable… Continue Reading
.
Consumer Protection Connection