On October 27, 2023, the Federal Trade Commission (FTC) announced it is amending the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) to include a requirement for non-bank financial institutions to report certain data breaches and other security events to the agency.… Continue Reading
On October 24, 2023, a bipartisan coalition of 33 states’ attorneys general filed suit against Meta Platforms, Inc., alleging in a lengthy complaint that Meta’s social media platform features are unsafe and designed to induce young users’ compulsive and extended use.[1] According to the complaint, which is currently heavily redacted, Meta engaged in a four-part … Continue Reading
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited proposed rule regulating “Personal Financial Data Rights” (the proposed rule). The proposed rule implements Section 1033 of the Dodd-Frank Act, which provides consumers the right to access and port their financial information between banks and other financial entities. CFPB Director Rohit Chopra stated that the proposal … Continue Reading
Last week, the Federal Trade Commission (FTC) announced a proposed rule that would regulate a broad range of “junk fees” in consumer goods and services, from resort fees associated with travel and lodging, to delivery fees associated with meal and grocery delivery, to convenience fees associated with financial services (the proposed rule). The proposed rule would generally … Continue Reading
On November 15, 2022, the Federal Trade Commission (FTC) announced it is extending the deadline for covered financial institutions to comply with the updated Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) by six months. The FTC originally published updates to the Safeguards Rule in October 2021. Under the updated rule, covered financial institutions had until … Continue Reading
On October 19, 2022, the Federal Trade Commission (FTC) held a virtual event to explore the concept of “blurred” advertising in digital media and its impact on children. As the FTC is considering updates to rules related to both the Children’s Online Privacy Protection Act (COPPA) and advertising, Chair Lina Khan suggested that children are … Continue Reading
On August 10, 2022, the Consumer Financial Protection Bureau (CFPB) issued a final Interpretive Rule stating that the Consumer Financial Protection Act (CFPA) applies to companies engaged in targeted advertising of financial products and services. Because the CFPB considers these companies to be covered by the CFPA, they would be subject to civil money penalties … Continue Reading
On June 3, 2022, members of the U.S. Congress released a bipartisan, bicameral discussion draft of a comprehensive national data privacy and data security framework. The draft is notable in that it reflects a compromise on the two issues that have for years vexed lawmakers angling for federal privacy legislation: preemption and private right of … Continue Reading
As a fintech company, platform offering payment services, or a cryptocurrency business, you may be used to operating in uncharted waters; the Consumer Financial Protection Bureau (CFPB), however, is ready to start drawing some maps. It has announced that it will begin to exercise its supervisory authority over non-bank consumer financial entities that the CFPB has reason … Continue Reading
On April 19, 2022, the BBB National Programs’ Center (BBB NP) for Industry Self-Regulation launched the TeenAge Privacy Program (TAPP) Roadmap, a new operational framework to help companies develop digital products and services attuned to privacy risks facing teenage consumers. In the United States, children 12 and under are protected by the Children’s Online Privacy … Continue Reading
On February 16, 2022, the Federal Trade Commission (FTC) filed a proposed settlement order in federal court in its case against WW International, Inc (formerly known as Weight Watchers International, Inc.) and its subsidiary Kurbo, Inc. (Kurbo) to resolve allegations that the defendants violated the Children’s Online Privacy Protection Act and its implementing rules (COPPA).1 The … Continue Reading
On November 26, 2021, the Court of Justice of the European Union (CJEU) held[1] that the display of advertising messages in an email inbox, in a form similar to an email, constitutes direct marketing and requires users’ consent under the ePrivacy Directive.[2] The CJEU also held that this practice constitutes ‘persistent and unwanted solicitations’ under … Continue Reading
On October 27, 2021, the Federal Trade Commission (FTC) released a final rule that updates the Safeguards Rule of the Gramm-Leach-Bliley Act (Final Rule). This Final Rule comes after the FTC sought comment on proposed changes to the Safeguards Rule in 2019 and held a public workshop in 2020.… Continue Reading
In Liu v. Securities & Exchange Commission,1 the Supreme Court upheld, but circumscribed, the Securities and Exchange Commission’s (SEC’s) disgorgement authority by holding 8-1 that the SEC may seek disgorgement through its equitable relief power only if the award does not exceed a wrongdoer’s net profits and is awarded to victims. Although this decision is important in … Continue Reading
In a notice issued July 17, 2019, the Federal Trade Commission (FTC) is seeking public comment on a wide range of issues related to the Children’s Online Privacy Protection Act and implementing Rule (COPPA). The FTC has also announced a public workshop to review the COPPA Rule, to be held on October 7, 2019.… Continue Reading
On May 22, 2019, WSGR and the Future of Privacy Forum (FPF) co-hosted an event focusing on advertising technology and how to overcome the challenges of complying with evolving global privacy requirements. Jules Polonetsky from FPF opened the program, focusing on the evolution of online advertising, from contextual to programmatic behavioral advertising. WSGR attorneys Lydia … Continue Reading
Recently, Vermont became the first state to enact legislation that regulates data brokers who buy and sell personal information. Under the new law, data brokers in Vermont will now have to register with the state, adopt standard security measures, and provide information to the state regarding their data collection practices. The law was passed in … Continue Reading
The U.S. District Court for the Northern District of California recently ruled that a certified class action on behalf of Illinois Facebook users alleging that the social network unlawfully collects biometric data from photo tagging will go forward, denying both parties’ summary judgment motions. This case is one of the first major tests of the … Continue Reading
In a novel interpretation of the Federal Trade Commission (FTC) Act, the U.S. District Court for the District of Delaware recently held in FTC v. Shire ViroPharma that the FTC had failed to plead the facts necessary to invoke its authority to sue for permanent injunction in federal court because it did not allege an … Continue Reading
The Federal Trade Commission (FTC) recently granted a petition by Sears Holding Management requesting that the FTC reopen and modify a 2009 FTC order settling charges that Sears failed to disclose adequately the scope of consumers’ personal information it collected via a downloadable software app. Sears’ 2009 Order On August 31, 2009, the FTC entered … Continue Reading
On February 5, 2018, the Federal Trade Commission (FTC) announced its most recent Children’s Online Privacy Protection Act (COPPA) case against Explore Talent, an online talent agency marketed to aspiring actors and models.1 According to the FTC’s complaint, the company provided a free platform for users to find information about auditions, casting calls, and other … Continue Reading
The Federal Trade Commission (FTC) is seeking public comment on a petition by Sears Holding Management requesting that the FTC reopen and modify a 2009 FTC order settling charges that Sears failed to disclose adequately the scope of consumers’ personal information it collected via a downloadable software app. For more information, click here to see our … Continue Reading
On September 5, 2017, the Federal Trade Commission (FTC) announced that it and 32 state attorneys general had settled charges with Lenovo, Inc., regarding the company’s practice of pre-loading advertising software on its laptops that compromised consumers’ cybersecurity and privacy.1 In many respects, the case was reasonably straightforward: the facts as alleged were clear, and … Continue Reading
As connected devices become ubiquitous, it comes as no surprise that interactive toys that connect to the internet are more popular than ever. At the same time, regulators have taken note of the privacy and security concerns raised by lawmakers and privacy advocates about the proliferation of smart toys that collect personal information from kids. … Continue Reading
