Archives: Data Privacy and Protection

Subscribe to Data Privacy and Protection RSS Feed

Facebook Implements Additional Measures to Prevent Discriminatory Practices in Targeted Advertisements

Responding to news reports that journalists were able to purchase advertising on Facebook targeted to ethnic groups, Facebook announced several new changes to the company’s advertising products. The move highlights heightened scrutiny of advertising practices surrounding the increasing use of big data in many aspects of marketing and advertising. Facebook’s response grew out of a … Continue Reading

A Gentle Reminder from the FCC: Autodialed Text Messages Fall Under TCPA Restrictions

Last week, the FCC’s Enforcement Bureau issued an enforcement advisory reiterating its position that autodialed text messages must comply with requirements set forth in the Telephone Consumer Protection Act (TCPA).  Though it is unclear what prompted this specific advisory (perhaps, the upcoming holiday season), the Enforcement Bureau issued the warning in order to promote understanding … Continue Reading

FTC’s New Guidelines Provide Agency View on Data Breach Response

On October 25, the Federal Trade Commission released “Data Breach Response: A Guide for Business,” its latest guidance on data privacy and security regulation. The Guide seeks to help businesses comprehend the Agency’s understanding of both legal requirements and best practices, although what is legally required versus what is encouraged continues to be challenging for … Continue Reading

New Privacy Rules for Internet Service Providers

On October 27, 2016, the FCC adopted a new set of privacy and data security regulations applicable to “broadband service providers and other telecommunications carriers.” The rules place new restrictions on internet service providers’ (“ISPs”) ability to use and share their customers’ data. The Commission established two data classifications: (1) sensitive information, and (2) non-sensitive … Continue Reading

Google Makes Ad-Tracking Change in its Privacy Policy

In 2007, Google bought online ad network DoubleClick, which uses cookies to collect and store data about Google users from their browsing history, to best place clients’ ads. This past June, Google revised its privacy policy to state that users’ activities on other sites tracked by DoubleClick “may be associated with [their] personal information.”  This … Continue Reading

Lyft Faces Second Wave of TCPA Litigation for Sending Autodialed Texts

Lyft, Inc. – the popular ride hailing service featuring the iconic pink moustache – is facing a second class action lawsuit in California alleging violations under the Telephone Consumer Protection Act (“TCPA”). The complaint alleges that Lyft sent unwanted and unsolicited text messages to cellphones using an automated dialing system without first obtaining express written consent … Continue Reading

White House Announces New Privacy Officer

Last week, the Office of Management and Budget created a new dedicated position for privacy within the Office of Information and Regulatory Affairs (“OIRA”). The privacy position will streamline the United States Government’s privacy practices, including: Leading efforts to develop and implement consistent, comprehensive and forward-looking Federal privacy policies, strategies and practices across agencies; Collaborating … Continue Reading

NBA Team Sued By Fans Over Mobile Application

Earlier this week, a putative class action was brought against the NBA’s Golden State Warriors concerning the team’s mobile application. According to the complaint, the free app provides an interactive experience for fans by delivering scores, news and other information relevant to the Golden State Warriors. The plaintiffs allege that the app contains certain Bluetooth beacon software … Continue Reading

Privacy Watchdogs File Complaint With FTC over WhatsApp’s Privacy Policy Change

Yesterday, the Electronic Privacy Information Center (“EPIC”) and the Center for Digital Democracy (“CDD”) filed a complaint with the Federal Trade Commission against WhatsApp, Inc. According to the complaint, WhatsApp posted an entry on its company blog on August 25, 2016 announcing an update to its Terms of Service and Privacy Policy. The updated Privacy … Continue Reading

What’s Next for International Privacy? The European Union’s Safe Harbor Ruling: A Practical Discussion of the Impact and Solutions

Fallout remains from the Court of Justice of the European Union ruling declaring the long standing EU-US Safe Harbor framework invalid. The decision will have widespread implications on how global corporations manage the international transfer of data. This webinar will offer practical solutions to companies to mitigate risks while transferring data across global borders. What … Continue Reading

Knowing Your Customer a Little Too Well

I hate shopping.  I know what I want and I do a surgical strike.  In and out; no soldier left behind. But most normal people browse a bit.  That’s where Nomi Technologies came into the picture.  Nomi’s technology allows retailers to track consumers’ movements through their stores.  How does it work?  According to a complaint … Continue Reading

FTC Report Offers Privacy and Security Guidance for ‘Internet of Things’

On Tuesday, January 27, the FTC issued a 71-page Staff Report on the privacy and security issues with the Internet of Things.  As we’ve noted in our previous blog posts, the Internet of Things (“IoT”) refers to the growing ability of everyday devices to monitor and communicate information through the Internet.  This FTC Staff Report … Continue Reading

Privacy Push for Mobile Apps

Twenty-three privacy authorities worldwide, including several members of the Global Privacy Enforcement Network, issued a joint open letter to seven app marketplace operators, urging them to improve access to privacy information on mobile apps for users. Specifically, the letter addresses providing users with privacy practice information, informing users about the collection and use of data, and implementing protections to ensure privacy practice transparency.… Continue Reading

Latest FTC Settlement Determines Yelp Had ‘Actual Knowledge’ of Collecting Children’s Info

Yelp recently settled allegations made by the FTC that it violated the Children's Online Privacy Protection Act (COPPA) Rule, and has agreed to pay a $450,000 civil penalty for the violation, according to an FTC press release. The Yelp case underscores that online services that ask for users' ages in the registration process will be deemed as having "actual knowledge" of that information. Therefore, whether a site is directed to children or not, a registration process including an age field effectively turns the process into an "age filter," and may put the site at risk of violating COPPA.… Continue Reading

Snapchat Settlement with MD AG Marks Latest State-Level Privacy Enforcement Action

Last month, Snapchat reached a settlement with the Maryland Attorney General over alleged deceptive trade practices regarding Snapchat's marketing claims that user "snaps" disappear forever. In addition, the Attorney General alleged that Snapchat had violated the Children's Online Privacy Protection Act (COPPA). This settlement follows a similar settlement between Snapchat and the Federal Trade Commission, which we reported on previously. After announcing the settlement, Attorney General Douglas F. Gansler said that "despite Snapchat's marketing claims to the contrary, no company can fully prevent content you send to someone else from being copied, shared or posted online[.]" Attorney General Gansler went on to state that companies operating online or through mobile devices have a responsibility to safeguard user privacy and to be transparent about the information they collect. According to Attorney General Gansler, Snapchat misrepresented to consumers that pictures and video messages sent using the Snapchat mobile application are only viewable temporarily, when in fact they can be captured by the recipient for future viewing or circulation. As a result of these representations, some Snapchat mobile application users may have sent pictures or video messages they would not have sent were these risks adequately disclosed. The Attorney General further alleged that Snapchat secretly collected information from users' contact lists without their consent, and that Snapchat failed to comply with COPPA by knowingly collecting the personal information of children under the age of 13 without verifiable parental consent.… Continue Reading

Online Advertising Targeted by Federal Trade Commission

On May 15, 2014, Maneesha Mithal, Associate Director of the Division of Privacy and Identity Protection at the Federal Trade Commission ("FTC" or "Commission") testified, on behalf of the FTC, before the U.S. Senate Committee on Homeland Security and Governmental Affairs addressing the Commission's work regarding three consumer protection issues affecting online advertising: (1) privacy, (2) malware and (3) data security. Below is a summary of the Commission's testimony regarding these three key areas and the Commission's advice for additional steps to protect consumers.… Continue Reading

ECJ Google Spain Decision Delivered

On May 13, the Court of Justice of the European Union delivered a groundbreaking ruling on the so-called "right to be forgotten" and the territorial application of the Data Protection Directive 95/46/EC. The Court ruled on key issues under what circumstances search engines must block certain information in the search results of the name of an individual.… Continue Reading

FTC Settlement with Snapchat – What Happens on Snapchat Stays on Snapchat?

Last Thursday, the Federal Trade Commission (FTC) announced that messaging app Snapchat agreed to settle charges that it deceived consumers with promises about the disappearing nature of messages sent through the app. The FTC case also alleged that the company deceived consumers over the amount of personal data the app collected, and the security measures taken to protect that data from misuse and unauthorized disclosure. The case alleged that Snapchat's failure to secure its Find Friends feature resulted in a security breach that enabled attackers to compile a database of 4.6 million Snapchat usernames and phone numbers.… Continue Reading

ANA Submits Comments on Big Data in Response to Request for Information

In January, President Obama called on senior government officials to lead a review of the implications of Big Data for privacy, the economy and public policy. A Federal Register Notice by the White House's Science and Technology Policy Office sought comments from industry participants on a variety of issues related to Big Data. Earlier this week, the ANA submitted its comments in response to the Notice, focusing on the public policy implications of the collection, storage, analysis, and use of Big Data. In determining what the potential concerns of Big Data are, the ANA said that the focus should be on the sensitivity and potential vulnerability to harm of the data, not the amount of data in and of itself. As an example, the ANA pointed out that, "[c]ommercial privacy issues must not be allowed to be conflated with government surveillance and potential reforms at the NSA. These issues must not be confused with interest-based advertising or online behavioral advertising (OBA)." The ANA also urged that any governmental decisions about commercial data collection and use be made "carefully, correctly and judiciously." In its comments, the ANA highlighted the progress made over the past few years by the private sector to enhance privacy protections for consumers, making specific reference to the self-regulatory efforts by the Digital Advertising Alliance.… Continue Reading

Privacy Issues Continue to Be Focus of State AGs

States continue to focus their investigation and enforcement efforts on privacy issues, with no sign that the focus will shift anytime soon. The most recent example is a $17 million settlement between 37 states (and D.C.) and Google related to Google’s use of tracking cookies on Safari browsers. For more information about this case and … Continue Reading

Legislative Roundup: CA Lawmakers Pass Three Privacy Bills

California is once again seeking to set the trend in privacy legislation, having recently passed three bills related to data privacy. One of those bills, AB 370, would mandate operators of websites and mobile apps to include disclosures in their privacy policies on how they respond to “do not track” signals or other consumer choice … Continue Reading

Privacy Concerns to be Addressed at FTC Workshop in November

In response to the mounting data privacy concerns attributed to the proliferation of smart devices, the FTC will be holding a public workshop on November 21, 2013, addressing questions over the "Internet of Things." Two public interest groups, Electronic Privacy Information Center (EPIC) and Center for Digital Democracy (CDD), have already submitted comments expressing their concerns over the privacy implications related to this topic, which include the tracking of daily behaviors and personal habits.… Continue Reading

Recent VPPA Amendments Allowing for Easier Sharing of Viewer Preferences Could Also Mean Increased Litigation

In 2012, streaming entertainment accounted for almost half of peak Internet traffic.  In 2013, the online viewing phenomenon continues to generate massive amounts of actionable information about named consumers, from interests to habits to schedule to mood.  Until now, the Video Privacy Protection Act – launched in the heyday of VHS – has blocked companies … Continue Reading
LexBlog