On February 23, 2016, the Federal Trade Commission (FTC) announced a settlement with computer hardware maker ASUSTeK Computer, Inc. (ASUS). The ASUS settlement highlights the FTC’s position regarding security in the connected device market: connected
Continue Reading WSGR Alert: FTC Settles with Manufacturer of Home Network Routers over Alleged Data Security Flaws

ThinkstockPhotos-479430151-webOn December 15, 2015, the European Parliament and the Council of the European Union reached a political agreement on the text of the EU General Data Protection Regulation (GDPR).1 This is a major step toward the official adoption of the GDPR, which is now expected in Spring 2016. The GDPR will have a significant impact on how EU and non-EU businesses can collect and process the personal data of EU individuals. This article discusses the key elements of the GDPR.
Continue Reading EU Reaches Political Agreement on New Data Protection Regulation

The Internet has transformed the ways that we access, consume, and use information. For years, debates have raged in both the United States and Europe over so-called “network neutrality”—the extent to which the government should require entities that provide Internet access services to treat the content that they transmit equally. In the past several months, there have been significant events with regard to network neutrality laws in the U.S. and the EU. Regulators in both jurisdictions have promulgated sweeping rules that impose new obligations on companies that operate in the telecommunications sector. This article provides an overview and high-level comparison of the new legal framework in both jurisdictions, and offers some key takeaways for companies affected by network neutrality laws on both sides of the Atlantic.
Continue Reading The FCC’s Open Internet Order and the EU’s Network Neutrality Regulation: A Comparison and Key Takeaways for Players in the Telecommunications Sector

ThinkstockPhotos-178868654The Federal Trade Commission (FTC) recently approved a new method for website operators and mobile application developers (“operators”) to obtain parental consent to collect personal information from children.1 Under this new method, which is the first to use biometric identifiers to verify that a parent is providing consent for a child, the FTC will permit operators to use facial recognition technology to compare an image of the person providing consent with an image of verified photo identification, such as a drivers’ license or passport. If the two images match, the user is verified and can provide consent for the child to use the website or mobile application.
Continue Reading FTC Approves Facial Recognition as Method of Obtaining Parental Consent to Collect Children’s Information

President Obama signed the Fixing America’s Surface Transportation Act (FAST Act) into law on December 4, 2015. The FAST Act not only provides long-term funding for highway and infrastructure improvements and other transportation projects, but also includes several privacy- and security-related provisions, including an important provision that may reduce consumer confusion and industry compliance costs by eliminating annual privacy notice requirements for financial institutions in certain circumstances.
Continue Reading FAST Act Eases GLBA Compliance Burdens for Many Companies, Addresses Transportation and Infrastructure Privacy and Cybersecurity Issues