By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in Data Security,PrivacyOnline talent search company Explore Talent just landed in the spotlight of the Federal Trade Commission (FTC). The Vegas-based company was charged with violating the Children’s Online Privacy Protection Act (COPPA), which requires that companies collecting information online must obtain informed, verifiable parental consent before collecting any information from a child under 13. The company… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in Data Security,PrivacyIn the latest round of the ongoing battle between Austrian privacy activist Max Schrems and Facebook, the European Court of Justice (CJEU) ruled that Schrems did not have standing to bring claims on behalf of Austrian consumers over Facebook’s alleged violations of users’ privacy rights. The court did, however, allow for Schrems to continue with… Continue Reading
By Sheila Millar and Tracy Marshall on Posted in PrivacyNearly one year after it was first warned its privacy practices were inadequate under European law, popular messaging platform WhatsApp has been cited with privacy deficiencies for a second time. The Article 29 Data Protection Working Party (WP29), which is made up of data regulators from EU Member States and the Commission, sent a letter… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in PrivacyThe Federal Trade Commission’s Bureau of Consumer Protection is about to undergo reform, according to FTC Acting Chairman Maureen Ohlhausen. In a press release issued on July 17, the FTC stated that the changes are part of an ongoing initiative to simplify information requests and improve transparency that began last April, when Ohlhausen announced new… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in PrivacyThe Federal Trade Commission (FTC) has announced that its third annual PrivacyCon will take place in Washington, D.C., on February 28, 2018. The conference will bring together researchers, academics, industry representatives, consumer advocates, and government representatives to explore an array of consumer privacy and data security issues, with a particular focus on emerging technologies, such… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in Cybersecurity,Data Security,PrivacyThe effects of the massive cyberattack using ransomware known as “Wanna Cry” are still being felt all over the world. Tens of thousands of organizations have been infected, including the UK’s National Health Service, which ran some services on an emergency-only basis the day the attack began in earnest. Some security experts surmise that the… Continue Reading
By Tracy Marshall and Sheila Millar on Posted in PrivacyNew Mexico is the 48th state to enact a data breach law. That law, the Data Breach Notification Act (HB15), is scheduled to take effect on June 16, 2017. Alabama and South Dakota are now the only states without a data breach notification law. The New Mexico law is like other state breach notification laws… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in PrivacyIn a Federal Register notice, the FTC has asked for comments on intended changes to TRUSTe’s existing safe harbor program under the Children Online Privacy Protection Act (COPPA). TRUSTe proposed the changes following its settlement earlier this month with the New York Attorney General over allegations that the compliance and security company did not adequately… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in PrivacyTRUSTe has settled allegations by the New York Attorney General that it did not adequately assess whether companies certified under its Children’s Online Privacy Protection Act (COPPA) Safe Harbor seal program allowed third party sites to track children. TRUSTe agreed to pay $100,000 and will be required to adopt new procedures to make its COPPA… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in PrivacyOn March 1, the Federal Communications Commission (FCC) granted a temporary stay of one of the broadband privacy rules adopted in October of last year. That rule, which pertains to data security, would otherwise take effect on March 2. Newly installed FCC Chairman Ajit Pai and Federal Trade Commission (FTC) Acting Chair Maureen Ohlhausen issued… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in Advertising,PrivacyIf a business advertises it is a member of a privacy program, even a voluntary one, it had better be, according to the Federal Trade Commission (FTC). In separate but related complaints, the FTC alleged that three businesses – software provider Sentinel Labs Inc., private messaging app developer SpyChatter Inc., and cybersecurity software company Vir2us… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in PrivacyHave you ever had the niggling suspicion your television was watching you? Apparently, if it was made by smart technology manufacturer VIZIO, it very well may have been. In a $2.2 million settlement with the Federal Trade Commission (FTC) and the New Jersey Attorney General, VIZIO acknowledged that it collected and sold data from 11… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in PrivacyIn 2015, Verizon found itself in hot water over charges it was using a “super cookie” that continued to operate even when users believed they had opted out of mobile phone data tracking. Verizon allegedly then sent the data obtained to a third party for targeted advertising purposes without its customers’ consent. Verizon settled with… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in PrivacyTexas Attorney General (AG) Ken Paxton announced a settlement with an app developer over concerns that the developer’s apps infringed children’s privacy. The developer, Juxta Labs, Inc., offers a range of mobile apps and games. According to the AG’s press release, the company’s apps and social media were easy for children of any age to… Continue Reading
By Tracy Marshall on Posted in Data Security,PrivacyOn August 4, 2016, the Federal Communications Commission (FCC) released a Declaratory Ruling granting in part two separate petitions that were filed last year – one by the Edison Electric Institute and American Gas Association, and another by Blackboard, Inc. – regarding application of the Telephone Consumer Protection Act of 1991 (TCPA) to certain types… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in Cybersecurity,PrivacyThe European Commission (EC) approved the EU–U.S. Privacy Shield on Tuesday, July 12, after European Union member states, through the Article 31 committee, approved the pact the previous week (more on the draft adequacy decision back in March here and the earlier agreement laying out the Privacy Shield here). The decision will allow U.S. companies that… Continue Reading
By Sheila Millar and Tracy Marshall on Posted in Data Security,Privacy,RegulationsWe have updated our summary of state data breach notification laws in light of recent amendments to some of the laws since our last update in September 2015. Notably, Tennessee amended its data breach notification law, the Identity Theft Deterrence Act, effective July 1, 2016, by eliminating an encryption safe harbor and requiring that affected… Continue Reading
By Keller and Heckman on Posted in Data Security,PrivacyThe new European Union General Data Protection Regulation (GDPR) (Regulation 2016/679, Apr. 27, 2016) will replace the Data Protection Directive (Directive 95/46/EC) effective May 25, 2018. The GDPR has been a long time coming, and introduces a host of new requirements for companies that use or process data in the EU, or simply use or… Continue Reading
By Sheila Millar, Douglas Behr, Tracy Marshall and Nathan Cardon on Posted in Cybersecurity,Data Security,Litigation,PrivacyJoe Ravi | CC-BY-SA 3.0 Last year, we noted that the Supreme Court had granted certiorari in a case that could limit the ability of plaintiffs to sue defendants over bare statutory violations without the showing of actual injury. The case implicates a wide variety of statutes that grant monetary awards to successful plaintiffs on… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in Legislation,Privacy,RegulationsThe new General Data Protection Regulation (GDPR) (Regulation 2016/69, Apr. 27, 2016), approved by the European Parliament and the Council of the European Union, was formally published in the Official Journal of the European Union on May 4, 2016, and will replace the Data Protection Directive (Directive 95/46/EC) effective May 28, 2018. This new set… Continue Reading
By Keller and Heckman on Posted in Events,PrivacyEven as advertising to kids gets more complicated, the basic principles remain the same. This week, Children’s Advertising Review Unit (CARU), an independent self-regulatory organization within the Council of Better Business Bureaus (CBBB) which monitors children’s advertising and helps marketers vet ads and campaigns, is hosting its annual conference, “Reimagining Children’s Advertising: Getting it Right… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in Cybersecurity,PrivacyContinuing its tradition of active involvement in digital economy questions, the Department of Commerce’s (DOC) National Telecommunications and Information Administration (NTIA) issued a request for public comment on questions posed by the growth of the Internet of Things (IoT). The explosive growth of connected products, anticipated to reach 25 billion by 2020, is one reason… Continue Reading
By Douglas Behr and Nathan Cardon on Posted in Data Security,Litigation,PrivacyAvailability of insurance is often among the first questions that arises when a company encounters a data breach or other Internet-related problem involving company records, even where the company lacks a cyberinsurance policy. The federal Fourth Circuit Court of Appeals recently affirmed a ruling by a District Court that required insurance coverage for an inadvertent… Continue Reading
By Sheila Millar, Tracy Marshall and Nathan Cardon on Posted in Privacy,RegulationsAt its Open Meeting yesterday, the Federal Communications Commission (FCC) adopted a Notice of Proposed Rulemaking (NPRM) that would apply the privacy protections in Section 222 of the Communications Act to broadband Internet Service Providers (ISPs). The text of the NPRM, which reportedly seeks public comment on more than 500 questions relating to privacy and… Continue Reading
The new General Data Protection Regulation (GDPR) (Regulation 2016/69, Apr. 27, 2016), approved by the European Parliament and the Council of the European Union, was formally published in the Official Journal of the European Union on May 4, 2016, and will replace the Data Protection Directive (Directive 95/46/EC) effective May 28, 2018. This new set… Continue Reading
Continuing its tradition of active involvement in digital economy questions, the Department of Commerce’s (DOC) National Telecommunications and Information Administration (NTIA) issued a request for public comment on questions posed by the growth of the Internet of Things (IoT). The explosive growth of connected products, anticipated to reach 25 billion by 2020, is one reason… Continue Reading
Availability of insurance is often among the first questions that arises when a company encounters a data breach or other Internet-related problem involving company records, even where the company lacks a cyberinsurance policy. The federal Fourth Circuit Court of Appeals recently affirmed a ruling by a District Court that required insurance coverage for an inadvertent… Continue Reading