China Proposes Amendments to Consumer Protection Law

In April 2013, the People’s Republic of China’s General Office of the National People’s Congress published a draft amendment to the Law on the Protection of Consumer Rights and Interests (the “ Proposed Amendment”) and solicited public comments on the Proposed Amendment until May 31, 2013. The Proposed Amendment includes provisions that affect the collection and use of consumer personal information.

Continue reading…

Tags: China, Consumer Protection, Information Security, International, Service Provider

FTC Reminds Companies of Impending COPPA Deadline

On May 15, 2013, the Federal Trade Commission announced that it sent educational letters to over 90 businesses that appear to collect personal information from children under the age of 13, reminding them of the impending July 1 deadline for compliance with the updated Children’s Online Privacy Protection Rule (the “Rule”). The letters were sent to domestic and foreign companies that may be collecting information from children that is now considered “personal information” under the Children’s Online Privacy Protection Act (“COPPA”) but was not previously considered “personal information.” The definition of “personal information” under COPPA was expanded to include (1) photos, videos and audio recordings of children; and (2) persistent identifiers that may recognize users over time and across various websites and online services (e.g., cookies and IP addresses).

Continue reading…

Tags: Consumer Protection, Cookies, COPPA, Enforcement, Federal Trade Commission, Online Privacy, U.S. Federal Law

Obama Administration Considering Electronic Surveillance Proposal to Address “Going Dark” Problem

The Obama Administration is in the process of finalizing its review of a statutory electronic surveillance proposal initially developed by the FBI, and is expected to support the introduction of a modified version as legislation. The proposal addresses concerns raised by law enforcement and national security agencies regarding the widening gap between their legal authority to intercept real-time electronic communications pursuant to a court order, and the practical difficulties associated with actually intercepting those communications. According to the government, this gap increasingly prevents the agencies from collecting Internet-based phone calls, emails, chats, text messages and other communications of terrorists, spies, organized crime groups, child pornography distributors and other dangerous actors. The FBI refers to this as the “going dark” problem.

Continue reading…

Tags: Congress, Cybersecurity, Federal Communications Commission, Foreign Intelligence Surveillance Act, Information Security, Obama, Online Privacy, Paul Tiao, Telecommunications, Wiretap

UK ICO Report Highlights Uncertainty on Cost of Data Protection Reform

On May 14, 2013, London Economics published the results of an independent survey commissioned by the UK Information Commissioner’s Office (“ICO”) to help understand the challenges that the European Commission’s proposed General Data Protection Regulation (the “Proposed Regulation”) may present to UK businesses (the “Report”).

Continue reading…

Tags: Christopher Graham, EU Regulation, European Union, Information Commissioners Office, International, Security Breach, United Kingdom

Sotto Speaks on CBS News on the Right to Be Forgotten

On May 10, 2013, CBS News interviewed two cybersecurity authorities to discuss the growing debate of privacy online. In the feature, entitled “Should there be a ‘right to be forgotten’ online?,” Lisa J. Sotto, partner and head of the Privacy and Data Security practice at Hunton & Williams LLP, talked about the problem of individuals’ rights to delete their online activity. She pointed out that the U.S. has no comprehensive online privacy law, and instead has a framework “comprised of a patchwork quilt of laws.”

Tags: Cybersecurity, Lisa Sotto, Multimedia Resources, Online Privacy, Right to Be Forgotten

California AG’s Mobile App Case Against Delta Dismissed

A state court has dismissed the California Attorney General’s claims that Delta Air Lines Inc. (“Delta”) violated the California Online Privacy Protection Act by failing to have an appropriately posted privacy policy for its mobile application, Bloomberg reports. The California AG sued Delta in December as part of an enforcement campaign that began with the issuance of warning letters to approximately 100 operators of mobile apps, including Delta. According to the Bloomberg report, a basis for the dismissal was the federal Airline Deregulation Act, under which a state “may not enact or enforce a law, regulation, or other provision having the force and effect of law related to a price, route, or service of an air carrier that may provide air transportation under this subpart.” 49 U.S.C. § 41713.

Tags: California, Enforcement, Mobile App, Online Privacy, Personally Identifiable Information, Privacy Policy, State Attorneys General, U.S. Federal Law, U.S. State Law

FTC Sends Warning Letters to Data Brokers Regarding FCRA Violations

On May 7, 2013, the Federal Trade Commission announced that it issued letters to ten data broker companies warning that their practices could violate prohibitions against selling consumer information under the Fair Credit Reporting Act (“FCRA”). The FTC identified the ten data broker companies after a test-shopping operation that indicated these companies were willing to sell consumer information without adhering to FCRA requirements.

Continue reading…

Tags: Consumer Protection, Credit Report, Cross-Border Data Flow, Data Protection Authority, FCRA, Federal Trade Commission, Financial Privacy, Information Security, Online Privacy

GPEN and CNIL Review Online Privacy Notices During Internet Sweep

On May 6, 2013, the Global Privacy Enforcement Network (“GPEN”) announced its first “Internet Privacy Sweep,” in which 19 data protection authorities are participating. This joint effort, which runs May 6-12, 2013, involves a review of the information notices posted online by major websites.

Continue reading…

Tags: CNIL, Data Protection Act, Data Protection Authority, Data Transfer, European Union, Events, France, International, Online Privacy

German Court Rules Apple’s Privacy Policy Violates German Law

On April 30, 2013, the regional court of Berlin enjoined Apple Sales International, which is based in Ireland, (“Apple”) from relying on eight of its existing standard data protection clauses in contracts with customers based in Germany. The court also prohibited Apple’s future use of such clauses.

Continue reading…

Tags: Advertisement, Anonymization, Apple Inc., Behavioral Advertising, Cross-Border Data Flow, Data Protection Act, Enforcement, European Union, Geolocation, Germany, International, Marketing, Opt-In Consent, Privacy Policy, Service Provider

German Parliament Passes New Telecom User Data Access Bill

On May 3, 2013, the German Federal Council (Bundesrat) passed a new bill regarding access to telecom user data, such as names, addresses, passwords and credit card PIN codes. This comes after the German Federal Diet (Bundestag) passed the German government’s bill on March 21, 2013, which amends, among other laws, Germany’s Federal Telecommunications Act.

Continue reading…

Tags: Enforcement, European Union, Germany, International, Telecommunications
Archives