Privacy and Information Security Law Blog

Tag Archives: Privacy Policy

California AG’s Mobile App Case Against Delta Dismissed

Posted on May 10, 2013 by Hunton & Williams LLP

A state court has dismissed the California Attorney General’s claims that Delta Air Lines Inc. (“Delta”) violated the California Online Privacy Protection Act by failing to have an appropriately posted privacy policy for its mobile application, Bloomberg reports. The California AG sued Delta in December as part of an enforcement campaign that began with the issuance of warning letters to approximately 100 operators of mobile apps, including Delta. According to the Bloomberg report, a basis for the dismissal was the federal Airline Deregulation Act, under which a state “may not enact or enforce a law, regulation, or other provision having the force and effect of law related to a price, route, or service of an air carrier that may provide air transportation under this subpart.” 49 U.S.C. § 41713.

Tags: California, Enforcement, Mobile App, Online Privacy, Personally Identifiable Information, Privacy Policy, State Attorneys General, U.S. Federal Law, U.S. State Law

German Court Rules Apple’s Privacy Policy Violates German Law

Posted on May 8, 2013 by Hunton & Williams LLP

On April 30, 2013, the regional court of Berlin enjoined Apple Sales International, which is based in Ireland, (“Apple”) from relying on eight of its existing standard data protection clauses in contracts with customers based in Germany. The court also prohibited Apple’s future use of such clauses.

Tags: Advertisement, Anonymization, Apple Inc., Behavioral Advertising, Cross-Border Data Flow, Data Protection Act, Enforcement, European Union, Geolocation, Germany, International, Marketing, Opt-In Consent, Privacy Policy, Service Provider

FTC Issues Updated FAQs Addressing COPPA Compliance Requirements

Posted on April 26, 2013 by Hunton & Williams LLP

On April 25, 2013, the Federal Trade Commission released an updated version of its frequently asked questions regarding the Children’s Online Privacy Protection Act of 1998 (“COPPA”). The revised FAQs, entitled Complying with COPPA: Frequently Asked Questions (A Guide for Business and Parents and Small Entity Compliance Guide), provide general information on COPPA’s requirements and also include new guidance on the recent amendments to the Children’s Online Privacy Protection Rule (“COPPA Rule”).

Tags: COPPA, Federal Trade Commission, Geolocation, Internet, Mobile App, Online Privacy, Personally Identifiable Information, Privacy Policy, Social Security Number

German Federal Office for Information Security Issues Guidance on Consumerization and BYOD

Posted on February 7, 2013 by Hunton & Williams LLP

On February 4, 2013, the German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik or “BSI”) published a paper (in German) providing an overview of the information technology risks inherent in consumerization and bring your own device (“BYOD”) strategies. The Paper responds to what the BSI views as a growing trend of employees making personal use of employer IT systems as well as using their personal IT devices for work purposes.

Tags: BYOD, Encryption, European Union, Germany, Information Security, International, Mobile Device, Privacy Policy, Workplace Privacy

FTC Issues Staff Report on Mobile Privacy Disclosures and Announces Settlement with Social Networking Service for Mobile App Privacy Violations

Posted on February 1, 2013 by Hunton & Williams LLP

On February 1, 2013, the Federal Trade Commission issued a new report entitled Mobile Privacy Disclosures: Building Trust Through Transparency. The report makes recommendations “for the major participants in the mobile ecosystem as they work to improve mobile privacy disclosures,” offering specific recommendations for mobile platforms, app developers, advertising networks and other third parties operating in this space. The FTC’s report also makes mention of the Department of Commerce’s National Telecommunications and Information Administration’s efforts to engage in a multistakeholder process to develop an industry code of conduct for mobile apps.

Tags: Consent Order, Consumer Protection, COPPA, Department of Commerce, Enforcement, Facebook, Federal Trade Commission, Information Security, Jon Leibowitz, Mobile App, Mobile Device, National Telecommunications and Information Administration, Obama, Online Privacy, Penalty, Privacy Policy, Social Media, Twitter

EU Parliament Committee Rapporteur Issues Draft Report on Proposed Amendments to the EU Commission’s Draft General Data Protection Regulation

Posted on January 10, 2013 by Hunton & Williams LLP

On January 10, 2013, the rapporteur to the EU Parliament’s Committee on Civil Liberties, Justice and Home Affairs (“LIBE”), Jan Philipp Albrecht, presented his draft report (the “Report”) on the proposed amendments to the European Commission’s proposed General Data Protection Regulation (the “Proposed Regulation”) to the LIBE Committee.

Tags: Adequacy, Article 29 Working Party, Binding Corporate Rules, Data Controller, Data Protection Authority, Data Transfer, EU Data Protection Directive, EU Member States, EU Regulation, European Commission, European Union, International, Privacy Policy, Right to Be Forgotten, Safe Harbor, Security Breach

California AG Sues Delta for Failure to Post a Privacy Policy on Its Mobile App

Posted on December 7, 2012 by Hunton & Williams LLP

On December 6, 2012, California Attorney General Kamala D. Harris announced a lawsuit against Delta Air Lines, Inc. (“Delta”) for violations of the California Online Privacy Protection Act (“CalOPPA”). The suit, which the Attorney General filed in the San Francisco Superior Court, alleges that Delta failed to conspicuously post a privacy policy within Delta’s “Fly Delta” mobile application to inform users of what personally identifiable information is collected and how it is being used by the company. CalOPPA requires “an operator of a commercial Web site or online service that collects personally identifiable information through the Internet about individual consumers residing in California who use or visit its commercial Web site or online service,” such as a mobile application, to post a privacy policy that contains the elements set out in CalOPPA. According to Attorney General Harris’ complaint, Delta has operated the “Fly Delta” application for smartphones and other electronic devices since at least 2010. The complaint alleges that “[d]espite collecting substantial personally identifiable information (“PII”) such as user’s full name, telephone number, email address, frequent flyer account number and PIN code, photographs, and geo-location, the Fly Delta application does not have a privacy policy. It does not have a privacy policy in the application itself, in the platform stores from which the application may be downloaded, or on Delta’s website.”

Tags: California, Enforcement, Online Privacy, Penalty, Personally Identifiable Information, Privacy Policy, State Attorneys General, U.S. State Law

FTC Settles Charges of “History Sniffing”

Posted on December 6, 2012 by Hunton & Williams LLP

On December 5, 2012, the Federal Trade Commission announced that the online advertising company Epic Marketplace, Inc. (“Epic”) agreed to settle charges that it engaged in “history sniffing” to secretly and illegally collect information about consumers’ interest in sensitive medical and financial issues. History sniffing is the practice of determining whether a consumer has previously visited a webpage by checking how a browser displays a hyperlink. The consent order requires Epic to destroy all data collected from history sniffing and bars Epic from engaging in history sniffing in the future.

Tags: Advertisement, Behavioral Advertising, Consent Order, Consumer Protection, Cookies, Enforcement, Federal Trade Commission, Marketing, Online Privacy, Privacy Policy

ICC UK Releases Updated Cookie Guidance

Posted on November 28, 2012 by Hunton & Williams LLP

On November 27, 2012, the International Chamber of Commerce of the United Kingdom (“ICC UK”) released the second edition of its cookie guidance (the “Guidance”). The ICC UK released the first edition of the Guidance in April of this year, and has produced this latest version to take into account updated guidance released by the UK Information Commissioner’s Office (“ICO”), the Article 29 Working Party Opinion 04/2012 on cookie consent exemption and new UK advertising rules on online behavioral advertising.

Continue reading…

Tags: Advertisement, Article 29 Working Party, Behavioral Advertising, Consent, Consumer Protection, Cookies, European Union, Information Commissioners Office, International, Online Privacy, Opt-In Consent, Privacy Policy, United Kingdom

Time Running Out for Mobile App Operators Targeted by California Attorney General

Posted on November 26, 2012 by Hunton & Williams LLP

In late October 2012, California Attorney General Kamala D. Harris began sending letters to approximately 100 mobile app operators, informing them that they are not in compliance with the California Online Privacy Protection Act (“CalOPPA”). Pursuant to CalOPPA, “an operator of a commercial Web site or online service that collects personally identifiable information through the Internet about individual consumers residing in California who use or visit its commercial Web site or online service” must post a privacy policy that contains specified elements. A mobile app arguably could be an “online service” under CalOPPA, which provides that an online service operator that collects “personally identifiable information” and “fails to post its policy within 30 days after being notified of noncompliance” is in violation of CalOPPA. The law affects a wide range of mobile app operators because of its very broad definition of “personally identifiable information,” which includes any “individually identifiable information about an individual consumer collected online by the operator from that individual and maintained by the operator in an accessible form,” such as a name, an email address or any other identifier “that permits the physical or online contacting of a specific individual.”

Tags: California, Mobile App, Mobile Device, Online Privacy, Personally Identifiable Information, Privacy Policy, State Attorneys General, U.S. State Law

Privacy and Information Security Law Blog - Global privacy and information security law updates and analysis

Tag Archives: Privacy Policy

California AG’s Mobile App Case Against Delta Dismissed

German Federal Office for Information Security Issues Guidance on Consumerization and BYOD

EU Parliament Committee Rapporteur Issues Draft Report on Proposed Amendments to the EU Commission’s Draft General Data Protection Regulation

California AG Sues Delta for Failure to Post a Privacy Policy on Its Mobile App

Time Running Out for Mobile App Operators Targeted by California Attorney General

Published By Hunton & Williams

Search

Subscribe

Topics

Recent Updates

Blogroll

Stay Connected

Privacy News