Privacy

Subscribe to Privacy via RSS

The Children’s Online Privacy Protection Act (COPPA) prohibits companies from collecting personal information from children under the age of 13 without first providing notice to parents and obtaining their verifiable consent. The Federal Trade Commission’s (FTC) recent settlements with Yelp and TinyCo serve as a reminder to mobile app developers that the failure to consider COPPA when developing and testing mobile apps can have serious consequences.
Continue Reading COPPA Looms Large for Mobile Apps

Online interest-based advertising, sometimes called behavioral advertising, is big business. Advertisers—and the technology companies that make this business possible—use information collected from a particular computer or device, over time and across others’ websites, to predict preferences and target and display advertising that is most likely to interest the user.

With encouragement from the Federal Trade Commission,1 online advertising industry organizations adopted a set of “Self-Regulatory Principles for Online Behavioral Advertising (OBA Principles),”2 which apply to members of those organizations: the ad networks, advertising agencies, service providers, and web publishers that engage in or facilitate the collection of online user data across websites for purposes of interest-based advertising. The Better Business Bureau (BBB) enforces the OBA Principles through its Online Interest-Based Advertising Accountability Program (Accountability Program). Recent action by the BBB reflects its commitment to vigorously enforce the OBA Principles.
Continue Reading Better Business Bureau Keeps Promise of Vigorous Enforcement of Online Interest-Based Advertising Accountability Program

ThinkstockPhotos-149480786-webThe European data protection regulators, the Article 29 Working Party (WP29), recently issued two guidance papers which clarify the data protection legal framework applicable to the Internet of Things (IoT) and to the use of device fingerprinting. Both opinions underline WP29’s current focus on data-driven innovations. This article highlights the key takeaways from these two opinions.
Continue Reading EU Data Protection Regulators Issue Guidance on the Internet of Things and Device Fingerprinting

ThinkstockPhotos-87341406-webThis article is the first in a series of articles that will discuss the importance of privacy and data security considerations in the transactional context.

Data privacy and data security continued to capture headlines and boardroom attention in 2014, as the EU “right to be forgotten” ruling, the Sony cyberattack,1 new laws and lawsuits, and investor pressure on executives and boards regarding cybersecurity issues 2 provided continued worries for legal departments, executives, and directors.3 The ongoing coverage of these incidents has caused many legal departments, executive teams, and boards of directors to become more familiar with data privacy and security risks. Many businesses are taking steps to reduce their risk exposure by reviewing and enhancing their privacy and data security programs, ensuring that they maintain appropriate cyber insurance, and working with service providers, vendors, customers, and employees to minimize the likelihood of becoming the next target of a cyberattack or class action litigation.
Continue Reading Privacy and Data Security in Transactions: What’s the Deal?

During the past decade, there has been an explosion in class action litigation under the Telephone Consumer Protection Act (TCPA),1 a well-intended statute meant to address abusive telemarketing practices. As of late, many of these suits are based on calls or text messages to cell phones. The TCPA prohibits non-emergency calls (interpreted by the FCC to include text messages) to a cell phone made using an “automatic telephone dialing system” without the prior express consent of the called party.2 A perceived ambiguity in what type of equipment qualifies as an “automatic telephone dialing system” has fueled these litigation fires and has led to hundreds of cases being filed against companies that do not use telemarketing equipment but communicate with their users or facilitate their users’ communications via text message. An end to the litigation explosion in this area may be just around the corner as federal appellate courts consider the issue.
Continue Reading Appellate Courts to Address What Constitutes an “Automatic Telephone Dialing System” Under the TCPA

In August 2014, the Federal Trade Commission (FTC) published a staff report that evaluates the consumer disclosures made by a number of popular mobile shopping applications and makes recommendations to the providers and users of those apps.1 The FTC staff did not address or find any fault with app platforms, like Google Play or Apple’s App Store, with respect to the consumer disclosures of those apps. This report follows the FTC staff’s March 2013 mobile payment report that recommended mobile payment providers convey clear policies regarding fraudulent and unauthorized charges, encouraged all stakeholders to raise consumer awareness about mobile payment security, and stressed the applicability of its general privacy recommendations to companies in the mobile payment marketplace.2
Continue Reading FTC Recommends Improved Transparency and Security in Mobile Shopping Apps