Tag Archives: Personally Identifiable Information

Representative Stearns Introduces Consumer Privacy Protection Act

Posted on April 15, 2011 by Hunton & Williams LLP

On April 13, 2011, Representative Cliff Stearns (R-FL) introduced the Consumer Privacy Protection Act of 2011 (the “Act”), which seeks to “protect and enhance consumer privacy” both online and offline by imposing certain notice and choice requirements with respect to the collection and use of personal information.

Continue reading…

Tags: , , , , , , ,

Senators Kerry and McCain Introduce the Commercial Privacy Bill of Rights Act of 2011

Posted on April 12, 2011 by Hunton & Williams LLP

On April 12, 2011, U.S. Senators John Kerry (D-MA) and John McCain (R-AZ) introduced the Commercial Privacy Bill of Rights Act of 2011 (the “Act”) to “establish a regulatory framework for the comprehensive protection of personal data for individuals under the aegis of the Federal Trade Commission.”  The bill applies broadly to entities that collect, use, transfer or store the “covered information” of more than 5,000 individuals over a consecutive 12-month period.  Certain provisions of the bill would direct the FTC to initiate rulemaking proceedings within specified timeframes, but the bill also imposes requirements directly on covered entities. Continue reading…

Tags: , , , , , , , , , , , ,

Netflix Sued for Allegedly Violating Movie Renters’ Privacy

Posted on March 18, 2011 by Hunton & Williams LLP

On March 11, 2011, Virginia resident Peter Comstock filed a class action complaint against Netflix, Inc. in the United States District Court for the Northern District of California.  According to the complaint, Netflix “tracks its users’ viewing habits with respect to both videos watched over the Internet…and physical movies ordered through the Internet and watched at home,” while encouraging “subscribers to rank the videos they watch.”  The complaint alleges that Netflix’s practice of maintaining customer movie rental history and recommendations, “long after subscribers cancel their Netflix subscription,” violates the federal Video Privacy Protection Act (“VPPA”), and California’s Customer Records Act and Unfair Competition Law.  In addition, the complaint alleges that Netflix’s failure to properly store user information and its sale of customer data to third parties led to its unjust enrichment and a breach of its fiduciary duty.  Comstock and the putative class are seeking both an injunction to stop Netflix’s current practices and monetary damages. Continue reading…

Tags: , , , , ,

Senator Kerry’s Senior Advisor Provides Key Insight into Forthcoming Privacy Bill

Posted on December 10, 2010 by Hunton & Williams LLP

On December 10, 2010, Senior Advisor to U.S. Senator John Kerry (D-Mass.), Daniel Sepulveda, briefed the Centre for Information Policy Leadership at Hunton & Williams LLP (the “Centre”) members on Senator Kerry’s forthcoming privacy legislation.  The bill, which will be introduced next Congress, aims to establish a regulatory framework for the comprehensive protection of individuals’ personal data that authorizes rulemakings by the Federal Trade Commission. Continue reading…

Tags: , , , , , , , ,

FTC Issues Landmark Privacy Report

Posted on December 1, 2010 by Hunton & Williams LLP

On December 1, 2010, the Federal Trade Commission released its long-awaited report on online privacy entitled “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Businesses and Policymakers.”  Observers expected the report to address the concept of privacy by design, the burdens placed on consumers to read and understand privacy notices and make privacy choices, the provision of individual access to personal data and the rights of consumers with respect to Internet tracking.  The FTC report introduces a privacy framework to “establish certain common assumptions and bedrock protections on which both consumers and businesses can rely as they engage in commerce.”  It includes the following elements: Continue reading…

Tags: , , , ,

FTC Consumer Protection Head Shares New Vision for Consumer Privacy

Posted on September 30, 2010 by Hunton & Williams LLP

David Vladeck, the head of the Bureau of Consumer Protection at the Federal Trade Commission, shared his vision for consumer privacy protection with an audience at the IAPP’s Privacy Academy on September 30, 2010.  Mr. Vladeck began by reminding the audience that the FTC is aggressively enforcing on privacy and data security matters, having brought 29 cases to date.  Where possible, the FTC joins forces with other federal regulators, such as the Department of Health and Human Services, to seek broad relief that the FTC could not otherwise get on its own.  Mr. Vladeck indicated that the FTC also works closely with the states, citing a recent case in which the FTC filed concurrent settlements with 36 state attorneys general.  Mr. Vladeck stated that the FTC plans to continue to bring cases to ensure that companies “reasonably” safeguard information.

Mr. Vladeck noted three key areas for future enforcement.  The FTC will (1) bring more cases involving “pure” privacy, i.e., cases involving practices that attempt to circumvent consumers’ understanding of a company’s information practices and consumer choices; (2) focus enforcement efforts on new technologies (Mr. Vladeck noted that, to assist staff attorneys in bringing these sorts of cases, the FTC has hired technologists to assist and also have created mobile labs to respond to the proliferation of smart phones and mobile apps); and (3) increase international cooperation on privacy issues (Mr. Vladeck cited the FTC’s recently-announced participation in the Global Privacy Enforcement Network).

Continue reading…

Tags: , , , , ,

Online Ad Network Sued Over Tracking Using Flash Cookies

Posted on August 27, 2010 by Hunton & Williams LLP

On August 18, 2010, a complaint was filed in the U.S. District Court for the Central District of California, alleging that Specific Media, Inc. violated the Computer Fraud and Abuse Act, as well as state privacy and computer security laws, by failing to provide adequate notice regarding its online tracking practices.  The suit, brought by six web users, seeks class action status and over $5 million in damages, and cites Specific Media’s use of Flash cookies to re-create deleted browser cookies as one of the offending practices.

Continue reading…

Tags: , , , ,

Washington Court Rules that IP Addresses Are Not Personally Identifiable Information

Posted on July 10, 2009 by Hunton & Williams LLP

In a closely-watched case, the U.S. District Court for the Western District of Washington recently held that Internet Protocol (“IP”) addresses do not constitute personally identifiable information (“PII”). The plaintiffs in Johnson v. Microsoft Corp. brought a class action suit against Microsoft claiming that the collection of consumer IP addresses during the Windows XP installation process violated the XP End User License Agreement. The Agreement stated that Microsoft would not collect PII without the user’s consent. The plaintiffs referenced Microsoft’s own online glossary to support their claim that IP addresses should be considered PII. The glossary defined “personally identifiable information” as “[a]ny information relating to an identified or identifiable individual. Such information may include…IP address.” In granting summary judgment in favor of Microsoft, U.S. District Court Judge Richard Jones found that “[i]n order for ‘personally identifiable information’ to be personally identifiable, it must identify a person. But an IP address identifies a computer.”

Continue reading…

Tags: , , , ,

Federal Trade Commission Issues Behavioral Advertising Report

Posted on February 12, 2009 by Hunton & Williams LLP

As part of its ongoing efforts to examine evolving internet marketing practices, earlier today the Federal Trade Commission released a report on self-regulation of online behavioral advertising.  This report analyzes the comments received from interested parties in response to proposed self-regulatory principles issued by the Commission in December 2007.  It covers a wide range of issues including the increasingly blurred line between personally identifiable information and non-personally identifiable information and the applicability of regulations to "first party" versus contextual advertising.
 
Links to the report and the concurring statements of Commissioners Harbour and Leibowitz, as well as FTC Congressional testimony on behavioral advertising, can be found here

Tags: , , ,

California Ruling Permits Collection of ZIP Codes in Certain Credit Card Transactions

Posted on January 7, 2009 by Hunton & Williams LLP

A California state Court of Appeal has ruled that a California law barring merchants from collecting “personal identification information” in connection with certain credit card transactions does not prohibit the collection of a five-digit ZIP Code alone. Party City Corp. v. Superior Court of San Diego County, No. D053530, 2008 WL 5264023 (Cal. Ct. App. Dec. 19, 2008).

Continue reading…

Tags: , ,