Consumer Protection Connection
Keller and Heckman LLP

Consumer Protection
Connection

Category Archives: Privacy

Subscribe to Privacy RSS Feed

NIST Solicits Comments on Revised Draft IoT Cybersecurity Device Guidance

By Sheila Millar and Tracy Marshall on Posted in Privacy
On January 7, 2020, the National Institute of Standards and Technology (NIST) released a draft of revised cybersecurity recommendations for IoT devices at both the pre-market and post-market stages. NISTIR 8259, Recommendations for IoT Device Manufacturers: Foundational Activities and Core Device Cybersecurity Capability Baseline, identifies six voluntary steps manufacturers should take to account for security… Continue Reading

The EU Advocate General Opinion is Out: Standard Contractual Clauses are Valid

By Sheila Millar and Tracy Marshall on Posted in Privacy
Businesses that rely on standard contractual clauses (SSCs) to transfer personal data outside the European Economic Area (EEA) just got good news. The long-awaited decision from the EU Advocate General (AG) is here: SCCs are valid. The AG’s opinion, although non-binding, is significant for the case brought by Austrian privacy activist Max Schrems against Facebook,… Continue Reading

Reevaluating the COPPA Rule

By Sheila Millar on Posted in Privacy
In the two decades following the enactment of the Children’s Online Privacy Protection (COPPA) Rule, technological developments have changed the online landscape considerably. Recognizing this, the Federal Trade Commission (FTC) held a public workshop on October 7, 2019, to discuss whether, given the proliferation of smart devices, video games, online channels, and EdTech, the Rule,… Continue Reading

FTC Continues Enforcement of False Privacy Shield Claims

By Sheila Millar and Tracy Marshall on Posted in Privacy
Nearly three years after the EU-U.S. Privacy Shield framework replaced the U.S.-EU Safe Harbor as a mechanism to transfer personal data from the European Union to the United States, the Federal Trade Commission (FTC) continues to monitor companies’ claims regarding participation. As we previously reported, the FTC has taken actions against several companies over the… Continue Reading

FTC Settles Lax Data Security Charges with Software Seller

By Sheila Millar and Tracy Marshall on Posted in Privacy
The Federal Trade Commission (FTC) entered into a proposed settlement with LightYear Dealer Technologies, LLC (aka DealerBuilt) on June 12, 2019, over allegations of lax consumer privacy protections. While no fines were levied, the order is remarkable for its detailed and extensive requirements governing the company’s future data privacy practices and the FTC’s role in… Continue Reading

Website Hacks Result in FTC Actions for Lax Security

By Sheila Millar and Tracy Marshall on Posted in Privacy
After hacks of two websites, i-Dressup.com and ClixSense.com, resulted in the compromise of personal information for millions of users – including, in the case of i-Dressup, hundreds of thousands of children under 13 – the Federal Trade Commission (FTC) issued complaints against the websites and their operators for lax security and other privacy violations. Notably,… Continue Reading

EDPB Advises on Overlap Between the ePrivacy Directive and GDPR

By Sheila Millar and Tracy Marshall on Posted in Privacy
The European Data Protection Board (EDPB) has weighed in on the interplay between the General Data Protection Regulation (GDPR) and the ePrivacy Directive in response to questions from the Belgian Data Protection Authority (DPA). Addressing how and when each set of rules applies to processing data, the EDPB stated that “these questions concern a matter… Continue Reading

Significant Changes Ahead for COPPA?

By Sheila Millar and Tracy Marshall on Posted in Cybersecurity, Privacy
As expected, 2019 is shaping up to be the year for privacy reforms, including possible amendments to the 20-year old Children’s Online Privacy Protection Act (COPPA). Senators Edward Markey (D-Mass) and Josh Hawley (R-MO) have introduced legislation that would expand COPPA’s scope to offer new protections to minors age 13-15, establish new limitations on collecting… Continue Reading

California Consumer Privacy Act: Your at-a-glance guide to key business obligations

By Sheila Millar and Tracy Marshall on Posted in Privacy
The California Consumer Privacy Act of 2018 (CCPA) gives California residents new rights and imposes new obligations on companies doing business in California, effective January 1, 2020. Keller and Heckman LLP Privacy and Security Partners Sheila Millar and Tracy Marshall have provided an overview to help businesses understand the new requirements. Since publication of the… Continue Reading

Sheila Millar and Boaz Green Author Law360 Article “CPSC Is Shifting Toward Voluntary Standards”

By Sheila Millar and Boaz Green on Posted in Cybersecurity, Privacy, Product Safety
Sheila Millar and Boaz Green discuss CPSC’s activities in 2018 and give their predictions on possible agency actions in the coming year in the Law360 article “CPSC Is Shifting Toward Voluntary Standards” (Feb. 6). Law360 featured the article in its newsletter sections for Consumer Protection, Cybersecurity, and Product Safety. To read the full article, click… Continue Reading

FTC Releases Cybersecurity Resources for Small Businesses

By Sheila Millar and Tracy Marshall on Posted in Cybersecurity, Data Security, Privacy
Small businesses face the same cybersecurity risks as large multinationals but lack a large IT infrastructure to help protect themselves. At the direction of former Federal Trade Commission (FTC) Acting Chairman Maureen Ohlhausen, the FTC launched a new cybersecurity campaign aimed at helping small businesses navigate the ever-evolving cyber landscape, coordinated with the Department of… Continue Reading

Agency Comings and Goings

By Sheila Millar, Tracy Marshall and Boaz Green on Posted in Data Security, Privacy, Product Safety
This week has seen several significant changes at the Commission level at both the Consumer Product Safety Commission (CPSC) and the Federal Trade Commission (FTC). CPSC After several months of stasis, the Senate voted to confirm Peter Feldman as a Commissioner on the CPSC, with a term expiring October 26, 2019. Feldman takes the place… Continue Reading

NIST Launches Development of Voluntary Privacy Risk Management Framework

By Sheila Millar and Tracy Marshall on Posted in Cybersecurity, Data Security, Privacy
The National Institute of Standards and Technology (NIST) has launched a collaborative effort to develop a voluntary framework that will help organizations manage privacy risks and protect consumer privacy when developing and using innovative technologies. According to NIST, a robust cybersecurity program can help manage risks, but organizations need customizable tools for addressing the challenges… Continue Reading

FTC Approves ESRB’s Updated COPPA Safe Harbor Program

By Sheila Millar and Tracy Marshall on Posted in Data Security, Privacy
The Federal Trade Commission (FTC) approved modifications to the video game industry’s Children’s Online Privacy Protection Act (COPPA) program. Earlier this year, the Entertainment Software Ratings Board (ESRB) proposed several substantive changes intended to take account of recent FTC COPPA rules and guidance. To receive FTC approval, COPPA safe harbor programs must “implement substantially similar… Continue Reading

California Company Settles with FTC over Alleged Privacy Shield Misrepresentations

By Sheila Millar and Tracy Marshall on Posted in Data Security, Privacy
If a company claims to be certified under the EU-U.S. Privacy Shield framework when it hasn’t even completed the paperwork, the Federal Trade Commission (FTC) isn’t likely to let it slide. ReadyTech, a California-based online training services company, made such a claim on its website, in violation of the FTC Act’s prohibition against deceptive acts… Continue Reading

State Data Breach Notification Laws – Overview of Requirements for Responding to a Data Breach – Updated July 2018

By Sheila Millar and Tracy Marshall on Posted in Data Security, Privacy
With the ever-changing complexity of state data breach notification laws, companies facing a data breach need resources that will help them understand the issues. This summary provides an overview of the similarities and differences in data breach laws adopted in the 50 United States and the District of Columbia and includes laws enacted since our… Continue Reading

Online Talent Company Settles with FTC Over Alleged COPPA Violations

By Sheila Millar and Tracy Marshall on Posted in Data Security, Privacy
Online talent search company Explore Talent just landed in the spotlight of the Federal Trade Commission (FTC). The Vegas-based company was charged with violating the Children’s Online Privacy Protection Act (COPPA), which requires that companies collecting information online must obtain informed, verifiable parental consent before collecting any information from a child under 13. The company… Continue Reading

European Court of Justice Throws Out Class Action in Latest Schrems Battle

By Sheila Millar and Tracy Marshall on Posted in Data Security, Privacy
In the latest round of the ongoing battle between Austrian privacy activist Max Schrems and Facebook, the European Court of Justice (CJEU) ruled that Schrems did not have standing to bring claims on behalf of Austrian consumers over Facebook’s alleged violations of users’ privacy rights. The court did, however, allow for Schrems to continue with… Continue Reading

Internal Reforms Announced for FTC’s Bureau of Consumer Protection

By Sheila Millar and Tracy Marshall on Posted in Privacy
The Federal Trade Commission’s Bureau of Consumer Protection is about to undergo reform, according to FTC Acting Chairman Maureen Ohlhausen. In a press release issued on July 17, the FTC stated that the changes are part of an ongoing initiative to simplify information requests and improve transparency that began last April, when Ohlhausen announced new… Continue Reading

FTC Announces Date for PrivacyCon 2018 and Call for Presentations

By Sheila Millar and Tracy Marshall on Posted in Privacy
The Federal Trade Commission (FTC) has announced that its third annual PrivacyCon will take place in Washington, D.C., on February 28, 2018.  The conference will bring together researchers, academics, industry representatives, consumer advocates, and government representatives to explore an array of consumer privacy and data security issues, with a particular focus on emerging technologies, such… Continue Reading
.
Consumer Protection Connection

We and our analytics and advertising providers may use cookies and similar technologies to enhance the browsing experience, facilitate sharing of content, and generate statistics about use of the website. For more information or to change your preferences, click here.

I Agree