Recently, the Personal Data Collection and Protection Ordinance (“the Ordinance”) was introduced to the Chicago City Council. The Ordinance would require businesses to (1) obtain prior opt-in consent from Chicago residents to use, disclose or sell their personal information, (2) notify affected Chicago residents and the City of Chicago in the event of a data breach, (3) register with the City of Chicago if they qualify as “data brokers,” (4) provide specific notification to mobile device users for location services and (5) obtain prior express consent to use geolocation data from mobile applications. Continue Reading Chicago Introduces Data Protection Ordinance
On June 12, 2018, Vietnam’s parliament approved a new cybersecurity law that contains data localization requirements, among other obligations. Technology companies doing business in the country will be required to operate a local office and store information about Vietnam-based users within the country. The law also requires social media companies to remove offensive content from their online service within 24 hours at the request of the Ministry of Information and Communications and the Ministry of Public Security’s cybersecurity task force. Companies could face substantial penalties for failure to disclose information upon governmental request. In addition, the law bans internet users in Vietnam from organizing people for anti-state purposes and imposes broad restrictions on using speech to distort the country’s history or achievements. As reported in BNA Privacy Law Watch, the law will take effect on January 1, 2019.
On May 31, 2018, the Federal Trade Commission published on its Business Blog a post addressing the easily missed data deletion requirement under the Children’s Online Privacy Protection Act (“COPPA”). Continue Reading FTC Posts Blog on Data Deletion Rule under COPPA
On May 2, 2018, the Belgian Privacy Commission (the “Belgian DPA”) published its Annual Activity Report for 2017 (the “Annual Report”), highlighting its main accomplishments for the past year. Continue Reading Belgian Privacy Commission Releases 2017 Annual Activity Report
On April 27, 2018, the Federal Trade Commission issued two warning letters to foreign marketers of geolocation tracking devices for violations of the U.S. Children’s Online Privacy Protection Act (“COPPA”). The first letter was directed to a Chinese company, Gator Group, Ltd., that sold the “Kids GPS Gator Watch” (marketed as a child’s first cellphone); the second was sent to a Swedish company, Tinitell, Inc., marketing a child-based app that works with a mobile phone worn like a watch. Both products collect a child’s precise geolocation data, and the Gator Watch includes geofencing “safe zones.” Continue Reading FTC Issues Warning Letters for Potential COPPA Violations
The U.S. Department of Justice (the “DOJ”) has unsealed an indictment accusing nine Iranian nationals of engaging in a “massive and brazen cyber assault” against at least 176 universities, 47 private companies and 7 government agencies and non-governmental organizations, including the Federal Energy Regulatory Commission (“FERC”). According to the DOJ, the nationals worked for Mabna Institute, an Iranian-based company, as “hackers for hire,” stealing login credentials and other sensitive information to sell within Iran and for the benefit of the Iranian government. Continue Reading DOJ Accuses Iranian Nationals of “Brazen Cyber Assault” on Universities and Government Agencies
On February 5, 2018, the Federal Trade Commission (“FTC”) announced its most recent Children’s Online Privacy Protection Act (“COPPA”) case against Explore Talent, an online service marketed to aspiring actors and models. According to the FTC’s complaint, Explore Talent provided a free platform for consumers to find information about upcoming auditions, casting calls and other opportunities. The company also offered a monthly fee-based “pro” service that promised to provide consumers with access to specific opportunities. Users who registered online were asked to input a host of personal information including full name, email, telephone number, mailing address and photo; they also were asked to provide their eye color, hair color, body type, measurements, gender, ethnicity, age range and birth date. Continue Reading FTC Brings Its Thirtieth COPPA Case, Against Online Talent Agency
Recently, the FTC and FCC announced their intent to enter into a Memorandum of Understanding (“MOU”) under which the agencies would coordinate their efforts following the adoption of the Restoring Internet Freedom Order (the “Order”). As we previously reported, if adopted, the Order would repeal the rules put in place by the FCC in 2015 that prohibit high-speed internet service providers (“ISPs”) from stopping or slowing down the delivery of websites and from charging customers extra fees for high-quality streaming and other services. Continue Reading FTC and FCC Announce Cooperation on Repeal of Net Neutrality Rules
Recently, FCC Chairman Ajit Pai released a draft of the Restoring Internet Freedom Order (the “Order”). If adopted, the Order would repeal the rules put in place by the FCC in 2015 that prohibit high-speed internet service providers (“ISPs”) from stopping or slowing down the delivery of websites and from charging customers extra fees for high-quality streaming and other services. Continue Reading FCC Releases Plan to Repeal Net Neutrality Rules
On November 8, 2017, Sears Holding Management Corporation (“Sears”) requested that the FTC reopen and modify a 2009 Commission Order (the “Order”) settling charges that Sears inadequately disclosed the scope of consumer data collected through the company’s software application. The initial FTC complaint alleged that Sears represented to consumers that its downloadable software application would track users’ “online browsing,” but in fact tracked nearly all of the users’ Internet behavior. Sears petitioned the FTC to modify the Order’s definition of “tracking system,” which the company contends is overbroad and impracticable. The FTC is seeking public comment on Sears’ petition, which it will receive until December 8, 2017.