On June 30, 2020 the Federal Trade Commission (FTC) announced that it reached a settlement in its litigation against NTT Global Data Centers (formerly RagingWire Data Centers) over allegations that the company misled...more
On June 19, 2020, the Federal Trade Commission (FTC) submitted to Congress two reports that Congress requested in connection with the spending bill that funds the FTC. One of these reports (the "Resources Report") describes...more
On January 8, 2019, the California Department of Justice, Office of the Attorney General, held the first of six public forums regarding the implementation of the California Consumer Privacy Act (CCPA). The CCPA, effective...more
The UK's pending exit from the European Union on March 29, 2019, will have far-reaching effects on many business activities, including the processing of personal data. While the ultimate legal implications are subject to...more
In a surprising twist, the California legislature rushed last week to pass one of the most comprehensive privacy laws in the country. The bill was introduced only a week prior, and within hours of passage, it was signed into...more
The U.S. Court of Appeals for the Eleventh Circuit recently released its highly anticipated decision in the long-running case pitting the now-defunct medical laboratory LabMD against the Federal Trade Commission (FTC),...more
On April 12, 2018, the Federal Trade Commission (FTC) announced that it was withdrawing its proposed August 2017 privacy and data security settlement with Uber Technologies and issuing a new and expanded proposed settlement....more
In yet another round of Schrems versus Facebook, on January 25, 2018, the Court of Justice of the European Union (CJEU) ruled that privacy activist Max Schrems is a consumer with regard to his Facebook profile despite his...more
The Federal Trade Commission (FTC) is seeking public comment on a petition by Sears Holding Management requesting that the FTC reopen and modify a 2009 FTC order settling charges that Sears failed to disclose adequately the...more
The expanding use of mobile technologies, cloud computing, and the Internet of Things has greatly increased the amount of available consumer data. The ability to efficiently process this information has the potential to...more
On October 3, 2017, the High Court of Ireland issued its decision in Data Protection Commissioner vs Facebook and Schrems1 concerning the validity of the EU Standard Contractual Clauses (SCCs)—a mechanism used by a very large...more
On August 15, 2017, the Federal Trade Commission (FTC) announced that it had reached an agreement with Uber Technologies to settle allegations that the ride-sharing company had deceived consumers by failing to live up to its...more
On September 5, 2017, the Federal Trade Commission (FTC) announced that it and 32 state attorneys general had settled charges with Lenovo regarding the company's practice of pre-loading software on its laptops that...more
The EU Parliament Committee in charge of reviewing the EU Commission's Proposal for an e-Privacy Regulation (Proposal) released a Draft Report proposing amendments this week....more
6/23/2017
/ Bluetooth ,
Data Protection ,
Do Not Call List ,
e-Privacy Directive ,
Electronic Communications ,
Encryption ,
EU ,
General Data Protection Regulation (GDPR) ,
Opt-In ,
Web Tracking ,
Wifi
The W-2 phishing scams are back. Fraudsters have learned that W-2 phishing scams can be highly effective when targeting businesses while they are handling and sending employee income-tax-related documents early in a new year....more
As expected, the Federal Communications Commission (FCC) has handed down sweeping new privacy and security rules for Internet service providers (ISPs). On Thursday, October 27, 2016, a sharply divided commission voted to...more
10/28/2016
/ Breach Notification Rule ,
Broadband ,
Data Collection ,
Dispute Resolution ,
FCC ,
Harmonization Rules ,
Internet Service Providers (ISPs) ,
Open Internet Rules ,
Opt-Outs ,
Prior Express Consent ,
Privacy Policy ,
Telecommunications
On July 26, 2016, the body of European Data Protection Authorities (DPAs)—the "Article 29 Working Party" (WP29)—issued a statement commending the improvements made to the EU-U.S. Privacy Shield (Privacy Shield). Although the...more
On July 12, 2016, the EU Commission and the U.S. Secretary of Commerce announced the adoption of the EU-U.S. Privacy Shield (Privacy Shield). This announcement follows today's adequacy decision by the College of EU...more
7/13/2016
/ Binding Corporate Rules ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Commission ,
International Data Transfers ,
Model Contracts ,
Ombudsman ,
Schrems I & Schrems II ,
U.S. Commerce Department ,
US-EU Safe Harbor Framework
On July 6, 2016, the European Parliament adopted the first-ever pan-European law on cyber security. The law, entitled the "Directive on the Security of Network and Information Systems" (NIS Directive), imposes security...more
On June 30, 2016, the Federal Trade Commission (FTC) issued an interim final rule that substantially increases the maximum civil penalties for violations of the competition and consumer protection laws enforced by the FTC...more
The Consumer Financial Protection Bureau (CFPB) recently brought its first data security enforcement action, adding itself to the growing list of federal regulators tackling data security issues. The CFPB’s enforcement action...more
Two recent developments have significantly increased the already uncertain legal landscape surrounding transatlantic data flows. Earlier today, the EU Parliament voted out a resolution calling on the European Commission (EU...more
On April 14, 2016, the European Parliament formally adopted the General Data Protection Regulation (GDPR). With this vote, the new EU data protection legal framework will become legally effective in two years and 20 days from...more
On April 13, 2016, the body of European Data Protection Authorities (DPAs)—the "Article 29 Working Party" (WP29)—issued its opinion on the new EU-U.S. Privacy Shield.1 The WP29 acknowledged that progress has been made with...more
On February 23, 2016, the Federal Trade Commission (FTC) announced a settlement with computer hardware maker ASUSTeK Computer, Inc. (ASUS).1 The ASUS settlement highlights the FTC’s position regarding security in the...more