On February 26, 2018, the U.S. Court of Appeals for the Ninth Circuit issued an en banc decision in FTC v. AT&T holding that the Federal Trade Commission (FTC) Act’s “common carrier” exemption is activity-based, reversing the panel’s decision that the exemption is status-based, which would have opened a large enforcement gap for telecommunications companies like AT&T. This is an important decision in terms of FTC jurisdiction: it means that the FTC can and will continue to regulate common carriers to the extent that they provide non-common-carrier services, such as mobile internet services.
Section 5 of the FTC Act gives the commission enforcement authority over unfair and deceptive acts or practices, but exempts “common carriers subject to the Acts to regulate commerce.” Unsurprisingly, the question of whether a company qualifies as a “common carrier” under the exemption is a loaded and complicated one. If an entity falls within the exemption, the FTC cannot bring an enforcement action against it for conduct it considers harmful to consumers. Conversely, companies that fall outside the exemption are subject to FTC regulation, leaving them open to liability for unfair or deceptive conduct, and requiring that they comply with a long list of FTC rules.
Continue Reading “Two Cops on the Beat is Nothing Unusual”: Ninth Circuit Reverses Panel Decision, Rules FTC Act’s “Common Carrier” Exemption is Activity-Based
On February 27, 2018, the Federal Trade Commission (FTC) announced
On February 5, 2018, the Federal Trade Commission (FTC) announced its most recent Children’s Online Privacy Protection Act (COPPA) case against Explore Talent, an online talent agency marketed to aspiring actors and models.
2018 promises to be an interesting year in the world of privacy and cybersecurity. In this article, we highlight a few of the most notable developments we expect this year, including major developments in Europe, changes and pending cases at the Federal Trade Commission (FTC), notable U.S. Supreme Court cases scheduled to be decided this year, and some areas of legislation that actually may become law in the U.S.
The Federal Trade Commission (FTC) has provided new guidance on how it will enforce the Children’s Online Privacy Protection Act (COPPA) against companies collecting voice recordings from children, loosening the rules on how companies can collect and use voice data. Under the guidance, online services covered by COPPA can now collect voice recordings from children without obtaining verifiable parental consent so long as they collect and use the voice recording solely as a replacement for written words, such as to perform a search or fulfill a verbal instruction or request, and maintain the file for only the brief period of time necessary for that purpose. The FTC’s publication builds on previous FTC guidance making clear that COPPA applies to Internet of Things devices, including connected children’s toys. The publication marks the first time that the FTC has publicly signaled that it will refrain from bringing enforcement actions in circumstances where it believes COPPA has been violated.
On December 12, 2017, the Federal Trade Commission (FTC) held a workshop to examine consumer injury in the context of privacy and data security. The motivation for the workshop, according to Acting FTC Chairman Maureen Ohlhausen, was to help the FTC better understand consumer informational injury, weigh effectively the benefits of intervention against its inevitable costs, and to help guide the future application of the substantial injury prong of the FTC’s unfairness standard. A variety of panelists from a wide range of backgrounds, including business, academia, and consumer advocacy, addressed questions such as how to best characterize these injuries, how to accurately measure such injuries and their prevalence, and what factors businesses and consumers consider when evaluating the trade-offs between providing information and potentially increasing their exposure to injuries.