Enacted in 1996, the Children’s Online Privacy Protection Act (COPPA) is the nation’s longest standing and most comprehensive statute aimed at regulating the collection, use and sharing of the personal information of...more
In an effort to “combat the online sale of stolen, counterfeit, and dangerous consumer products,” Congress passed the Integrity, Notification, and Fairness in Online Retail Marketplaces for Consumers Act (the “INFORM...more
The FTC recently published a policy statement with its enforcement priorities for the misuse of biometric information. To be clear, there are no new federal laws that specifically regulate the collection or use of biometric...more
5/30/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Data Protection ,
Employees ,
Facial Recognition Technology ,
Federal Contractors ,
Federal Trade Commission (FTC) ,
FTC Act ,
Independent Contractors ,
Policy Statement ,
Section 5 ,
State Privacy Laws
The proliferation of health apps and connected devices that allow individuals to track their health conditions, treatment, medications, fitness, fertility, sleep, mental health, diet and other vital areas has led to increased...more
3/30/2023
/ Advertising ,
Breach Notification Rule ,
Civil Monetary Penalty ,
Data Collection ,
Department of Health and Human Services (HHS) ,
Enforcement ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Technology ,
HIPAA Privacy Rule ,
Medical Devices ,
OCR ,
PHI ,
Popular
The Illinois Supreme Court recently clarified when a Biometric Information Privacy Act (BIPA) claim accrues: each time, and not just the first time, a person’s biometric information is collected without consent. BIPA requires...more
3/7/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Employer Liability Issues ,
Employment Litigation ,
Fingerprints ,
IL Supreme Court ,
Illinois ,
Personally Identifiable Information ,
Privacy Laws ,
State and Local Government
On December 19, 2022, the Federal Trade Commission (FTC) announced a settlement with Epic Games Inc. (Epic) over its wildly popular game “Fortnite.” The settlement requires Epic to pay $275 million in penalties to resolve...more
1/11/2023
/ Best Practices ,
COPPA ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Online Gaming ,
Online Safety for Children ,
Personal Information ,
Risk Management
In September 2022, California Governor Gavin Newsom signed into law the California Age Appropriate Design Code Act (CAADCA). Beginning July 1, 2024, the act will require businesses that provide online services or features...more
12/16/2022
/ Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Governor Newsom ,
Impact Assessments ,
Mobile Apps ,
New Legislation ,
Online Gaming ,
Online Safety for Children ,
Privacy Laws ,
Regulatory Agenda ,
State Privacy Laws ,
Webinars
In a much-anticipated ruling this week addressing the confluence of website scraping and computer hacking law, the U.S. Court of Appeals for the Ninth Circuit became the latest federal court to limit the reach of the Computer...more
4/22/2022
/ Appeals ,
Computer Fraud and Abuse Act (CFAA) ,
Copyright ,
Copyright Infringement ,
Data Collection ,
Databases ,
Injunctive Relief ,
LinkedIn ,
Terms and Conditions ,
Unauthorized Access ,
Unfair Competition ,
Van Buren v United States ,
Web Scraping ,
Website Owner Liability
The United Kingdom’s Information Commissioner’s Office (ICO) finalized a new Code of Practice (the Code) in September 2020, which applies to most companies that offer online services to or otherwise collect personal data from...more
2/5/2021
/ Certifications ,
COPPA ,
Data Collection ,
Data Protection ,
EU ,
EU Data Protection Laws ,
General Data Protection Regulation (GDPR) ,
Information Commissioner's Office (ICO) ,
Minor Children ,
Online Safety for Children ,
Personal Data ,
Privacy and Electronic Communications Regulation 2003 (PECR). ,
Privacy Disclosures ,
Privacy Laws ,
UK
When Apple announced that one of the major focuses of iOS 14 would be enhancing user privacy, many in the tech community had questions. How would these changes be rolled out? How would they affect not only the mobile...more
11/3/2020
/ Advertising ,
App Developers ,
Apple ,
Consent ,
Data Collection ,
Data Privacy ,
Data-Sharing ,
Disclosure ,
Mobile Apps ,
Online Privacy Protection Act ,
Online Safety for Children
On September 4, 2019, the U.S. Federal Trade Commission announced Google and YouTube will pay a record $170 million as part of a settlement over allegations that YouTube violated the Children’s Online Privacy Protection Act...more
9/23/2019
/ Communications Decency Act ,
COPPA ,
Cybersecurity ,
Data Collection ,
Federal Trade Commission (FTC) ,
Google ,
Mobile Apps ,
Online Advertisements ,
Online Safety for Children ,
Parental Consent ,
User-Generated Content ,
Website Owner Liability ,
Websites ,
YouTube
On February 27, 2019, the U.S. Federal Trade Commission announced a record-setting $5.7 million fine to popular short-form video sharing platform TikTok, formerly known as Musical.ly, as part of a consent order over...more
3/12/2019
/ COPPA ,
Data Collection ,
Due Diligence ,
Enforcement Actions ,
Extraterritoriality Rules ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Mergers ,
Online Safety for Children ,
Parental Consent ,
Privacy Policy ,
Website Owner Liability
In a highly anticipated ruling, the Illinois Supreme Court on January 25, 2019, held that plaintiffs who violated the Illinois Biometric Information Privacy Act — which regulates the collection of biometric information such...more
1/30/2019
/ Actual Injuries ,
Amusement Parks ,
Appeals ,
Article III ,
Biometric Information ,
Biometric Information Privacy Act ,
Data Collection ,
Data Privacy ,
Fingerprints ,
IL Supreme Court ,
Injunctive Relief ,
Liquidated Damages ,
Parental Consent ,
Personally Identifiable Information ,
Private Right of Action ,
Putative Class Actions ,
Risk Mitigation ,
Standing ,
Statutory Violations
The Pennsylvania Supreme Court recently held that employers have “a legal duty to safeguard” the personal data of their employees which is stored on internet-accessible computer systems and that the economic loss doctrine...more
12/20/2018
/ Breach of Duty ,
Breach of Implied Contract ,
Class Action ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Storage ,
Duty to Protect ,
Economic Damages ,
Economic Loss Doctrine ,
Employer Liability Issues ,
Hackers ,
Identity Theft ,
Negligence ,
PA Supreme Court ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Reasonable Care ,
Remand ,
Reversal
A federal district court in the Northern District of Illinois dismissed a putative class action alleging violations of the Illinois Biometric Information Privacy Act — known as the BIPA — holding that the allegation of a mere...more
8/17/2018
/ Actual Injuries ,
Article III ,
Biometric Information ,
Collective Bargaining Agreements (CBA) ,
Consent ,
Data Collection ,
Dismissals ,
Fingerprints ,
Labor Disputes ,
Popular ,
Preemption ,
Putative Class Actions ,
Railway Labor Act ,
Standing ,
Subject Matter Jurisdiction ,
Timekeeping
What You Need to Know Now -
• The new law takes effect January 1, 2020, but there’s a lot to do so you need to start work now.
• The new law expands the definition of personal information and gives California consumers...more
7/17/2018
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Rights ,
Data Security ,
Data-Sharing ,
Disclosure Requirements ,
Enforcement ,
Governor Brown ,
Minors ,
New Legislation ,
Notice Requirements ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Private Right of Action ,
Right to Delete ,
Statutory Damages ,
Third-Party Service Provider ,
Vendors
Overview (10. – 6.) -
10. The European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. It applies to the processing of “personal data” of EU citizens and residents (a/k/a “data...more
6/20/2018
/ Consent ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Subjects Rights ,
e-Discovery ,
Electronically Stored Information ,
Encryption ,
EU ,
EU Data Protection Laws ,
Exceptions ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Third-Party Service Provider
The Federal Trade Commission on Jan. 8 announced its first settlement of alleged violations of the Children’s Online Privacy Protection Act arising from internet-connected toys. The FTC complaint against VTech followed the...more
1/24/2018
/ Children's Products ,
Children's Toys ,
Connected Items ,
COPPA ,
Data Breach ,
Data Collection ,
Data Security ,
Federal Trade Commission (FTC) ,
Internet of Things ,
Online Safety for Children ,
Personally Identifiable Information ,
Popular ,
Regulatory Violations ,
Settlement
The U.S. Court of Appeals for the Ninth Circuit held in Eichenberger v. ESPN that allegations that the Video Privacy Protection Act was violated are sufficient to establish Article III standing, but that the definition of...more
12/7/2017
/ Appeals ,
Article III ,
Consumer Privacy Rights ,
Data Collection ,
ESPN ,
Internet ,
Internet Streaming ,
Personally Identifiable Information ,
Roku ,
Standing ,
Television Programming ,
VPPA
The U.S. Court of Appeals for the Second Circuit on Nov. 21, 2017, affirmed the dismissal of a putative class action alleging violations of the Illinois Biometric Information Privacy Act for failing to allege a material risk...more
The Federal Trade Commission on October 23, 2017, provided guidance on how it will enforce the Children’s Online Privacy Protection Act (COPPA) with respect to audio recordings of children. This comes as part of a wave of...more
11/17/2017
/ App Developers ,
Audio Recording ,
Children's Toys ,
COPPA ,
Data Collection ,
Data Protection ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Internet ,
Mobile Apps ,
Parental Consent ,
Popular ,
Risk Management ,
Smart Devices ,
Websites
Last week, the U.S. Court of Appeals for the Eleventh Circuit held that allegations that personally identifiable information was disclosed without consent in violation of the Video Privacy Protection Act were sufficient to...more
5/3/2017
/ Article III ,
CNN ,
Corporate Counsel ,
Data Collection ,
Digital Media ,
Injury-in-Fact ,
Mobile Apps ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Prior Express Consent ,
Putative Class Actions ,
Spokeo v Robins ,
Standing ,
Subscribers ,
VPPA ,
Web Tracking
Privacy Shield – An Early Reflection -
EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more
10/25/2016
/ Article III ,
Cable Communications Protection Act (CCPA) ,
Confidential Information ,
COPPA ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Collection ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Equal Employment Opportunity Commission (EEOC) ,
EU ,
EU-US Privacy Shield ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
Injury-in-Fact ,
International Data Transfers ,
IP Addresses ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy ,
Standing ,
Video Privacy Protection Act ,
VPPA ,
Wellness Programs
New amendments to the Children’s Online Privacy Protection Rule go into effect today, July 1, 2013. Amongst the significant changes introduced by the new Rule, the newly expanded definition of “personal information” and new...more
A California Superior Court judge has dismissed with prejudice a privacy suit brought by California Attorney General Kamala Harris against Delta Airlines. The complaint, filed in December of 2012, alleged that Atlanta-based...more