Header graphic for print
Inside Privacy Updates on Developments in Global Privacy & Data Security from Covington & Burling LLP

Category Archives: United States

Subscribe to United States RSS Feed

FTC Highlights Importance of Post-Breach Cooperation with Law Enforcement

Posted in Cybersecurity, Data Breaches, Data Security, Federal Trade Commission

Yesterday, the FTC published a blog post outlining what companies should expect if they find themselves as the subject of an FTC data security investigation.  In addition to highlighting the different phases of the FTC’s investigative process, the FTC’s discussed the types of information that it seeks as well as the questions it wants answered. … Continue Reading

Draft House Cures Legislation Would Amend Federal Privacy Laws (Second Post in a Series)

Posted in Congress, Health Privacy

As we discussed in a prior post, the April 29, 2015, draft House 21st Century Cures bill would make several changes to federal health privacy law. This post focuses on provisions that would allow remote access to PHI for purposes preparatory to research and that would permit individuals to make a one-time authorization of the… Continue Reading

Ninth Circuit Asks California Supreme Court to Define the Scope of Song-Beverly Act

Posted in Litigation

The U.S. Court of Appeals for the Ninth Circuit on Tuesday asked the California Supreme Court to resolve a longstanding dispute over the interpretation of a retail privacy statute.  If the state court rules on the issue, its decision could affect the ability of California retailers to collect information from consumers who make in-store payments using… Continue Reading

Draft House Cures Legislation Would Amend Federal Privacy Laws (First Post in a Series)

Posted in Congress, Health Privacy

On April 29, 2015, the U.S. House Energy and Commerce Committee released a revised discussion draft of the 21st Century Cures Act (“Cures”). The Cures bill would make several changes to existing federal privacy regulations promulgated under the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health… Continue Reading

Groups Weigh In On Drone Privacy

Posted in United States

By Rani Gupta More than 50 commenters have offered their thoughts on privacy and transparency issues regarding non-government use of unmanned aircraft systems, better known as drones or UAS. The comments responded to a request by the National Telecommunications and Information Administration.  As we previously reported, the NTIA is planning a multi-stakeholder process to formulate… Continue Reading

Supreme Court to Consider Whether Actual Harm is Required to Recover Under the Fair Credit Reporting Act

Posted in Litigation

On Monday, the U.S. Supreme Court granted certiorari and agreed to consider Robins v. Spokeo, Inc., in which the U.S. Court of Appeals for the Ninth Circuit held that Thomas Robins had adequately alleged Article III standing to sue website operator Spokeo, Inc. (“Spokeo”) under the Fair Credit Reporting Act (FCRA), 15 U.S.C. § 1681… Continue Reading

FCC’s Agenda for April 28th Broadband Consumer Privacy Public Workshop

Posted in Federal Communications Commission

The FCC has announced its agenda and panelists for its public workshop on protecting the privacy of consumers who use broadband Internet access services, which will be held on April 28. FCC Chairman Tom Wheeler will give opening remarks and Matt Blaze, Associate Professor of Computer and Information Science at the University of Pennsylvania, will… Continue Reading

House Passes Cybersecurity Information Sharing Bills

Posted in Congress, United States

Yesterday the U.S. House of Representatives passed the National Cybersecurity Protection Advancement Act (NCPAA), a bill that would provide liability protections for companies sharing cyber threat information with the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC).  A related bill, the Protecting Cyber Networks Act (PCNA), was passed by the House on… Continue Reading

FTC Announces First Consent Order With a Retail Tracking Company

Posted in Federal Trade Commission

The Federal Trade Commission (“FTC”) today announced that it has entered into a proposed consent order with Nomi Technologies (“Nomi”), marking the agency’s first action against a retail tracking company.  The announcement comes one year after the agency held a workshop on mobile device tracking in the retail environment.  Although the action may indicate increased… Continue Reading

House Committees Approve Information Sharing and Data Breach Notice Bills, Setting Stage for Floor Vote

Posted in Congress, Cybersecurity, Data Breaches, Data Security, United States

Earlier this week, an information-sharing bill and a data breach bill passed through committee votes in the House, setting the stage for potentially significant legislative action on key cybersecurity issues in the near future.  On Tuesday, the House Homeland Security Committee approved the National Cybersecurity Protection Advancement Act by a unanimous voice vote, following a… Continue Reading

Court Grants Summary Judgment on VPPA Claims Against Hulu Based on Lack of ‘Knowing’ Disclosure

Posted in United States

On Tuesday, March 31, the U.S. District Court for the Northern District of California granted Hulu’s motion for summary judgment in a complaint alleging that Hulu had violated the Video Privacy Protection Act (VPPA) by sharing user information with Facebook.  In granting summary judgment, the court found no genuine issue of material fact regarding whether… Continue Reading

Danielle Citron Discusses Legal Remedies for Online Harassment

Posted in United States

At a talk today with members of Covington’s Privacy and Data Security Group, Danielle Citron highlighted the need for more remedies for victims of online harassment, including women harassed by so-called revenge pornography. Citron, a professor at the University of Maryland School of Law, focuses on information privacy law and is the author of Hate… Continue Reading

AT&T Court Narrowly Interprets FTC Common Carrier Exception and Permits Throttling Case To Go Forward, Addresses Net Neutrality Issue

Posted in Federal Communications Commission, United States

As we previously reported, in January AT&T filed a Motion to Dismiss the Federal Trade Commission’s (FTC’s) complaint alleging that AT&T engaged in unfair and deceptive conduct in violation of Section 5 of the FTC Act when it “throttled” mobile broadband subscribers who were “grandfathered” into the company’s unlimited mobile data plan.  AT&T moved to… Continue Reading

FTC and Wyndham Present Arguments on Whether FTC has Declared Unreasonable Cybersecurity Practices Unfair

Posted in Federal Trade Commission

On Friday, March 27, 2015, the Federal Trade Commission and Wyndham Worldwide Corp. filed supplemental briefing in the Third Circuit regarding whether the FTC had made an adjudicative decision that the FTC Act prohibits unreasonable cybersecurity practices and, if not, whether a federal court could hear a case charging a violation of the FTC Act… Continue Reading

FCC to Hold Workshop On Broadband Privacy

Posted in Federal Communications Commission, United States

The Federal Communications Commission will hold a workshop on April 28 to explore its role in protecting the privacy of broadband Internet access users. The Commission’s recent net neutrality order applied certain privacy requirements to broadband access providers, including Section 222 of the Communications Act.  That statute requires telecommunications carriers to protect the confidentiality of… Continue Reading

House Focuses on Data Breach Bills

Posted in Congress, United States

By Ani Gevorkian The issues of data breach notification and data security issued received a fair amount of attention in the House this week:  On Wednesday, the House Energy and Commerce Subcommittee on Trade approved one data breach bill, and on Thursday, Rep.  Jim Langevin (D-RI), co-chairman of the House Cybersecurity Caucus, announced the release… Continue Reading

House Holds Internet of Things Hearing

Posted in Congress, United States

By Ani Gevorkian The Subcommittee on Commerce, Manufacturing, and Trade of the House Energy and Commerce Committee held a hearing on Tuesday entitled, “The Internet of Things: Exploring the Next Technology Frontier.” The hearing focused on the promises Internet of Things (“IoT”) technology holds, and what role Congress should play in addresses the challenges IoT… Continue Reading

Recap of Covington’s Privacy By Design Workshop

Posted in United States

As we previously reported, Covington was selected from thousands of applicants to host a Privacy by Design bootcamp and workshop during last week’s South by Southwest (“SXSW”) Interactive festival, which featured five days of compelling presentations and panels from industry leaders in emerging technology.  SXSW designs workshops in particular to provide in-depth, hands-on education taught… Continue Reading

Congressional Privacy Bill: Do Not Track Kids Act of 2015

Posted in Congress, United States

As part of our continuing coverage of the Congressional Privacy Bill, we provide below a deeper examination and explanation of Title II of the bill, the Do Not Track Kids Act of 2015.  The Do Not Track Kids Act of 2015 amends the Children’s Online Privacy Protection Act (“COPPA”) by making its protections more expansive… Continue Reading

House to Hold Hearing on Internet of Things

Posted in Congress, United States

Next Tuesday, March 24 at 11 a.m., the House Energy and Commerce Committee’s Subcommittee on Commerce, Manufacturing, and Trade will host a hearing entitled “The Internet of Things: Exploring the Next Technology Frontier.”  The hearing will follow an Internet of Things (“IoT”) showcase featuring Internet-connected products manufactured in members’ districts. Congress already has begun taking… Continue Reading

Covington at #SXSW 2015: Members of Congress Discuss Future of Privacy

Posted in Congress, United States

Although Senator Rand Paul (R-KY) may have received the most attention for his attendance at South by Southwest (“SXSW”) Interactive, many other members of Congress were represented this year.  Continuing our coverage of the conference, this past weekend we attended a panel on “The Future of Privacy,” featuring congressional representatives Darrell Issa (R-CA), Suzan DelBene… Continue Reading

Solicitor General Urges Supreme Court To Leave Spokeo Ruling In Place

Posted in Litigation

In the closely-watched case of Spokeo, Inc. v Robins, the Solicitor General recently filed an amicus brief urging the Court to deny certiorari and leave in place the 9th Circuit’s holding, which could encourage the rising tide of privacy class action litigation.  The Solicitor General’s brief—coauthored by the Consumer Financial Protection Bureau—argued that the dissemination… Continue Reading

Covington at #SXSW 2015: MIT Professors “Tackle Privacy”

Posted in United States

South by Southwest (“SXSW”) Interactive kicked off last week, and Covington was there once again to cover privacy.  One panel of interest that we attended, entitled “Data (in)Security: MIT Scientists Tackle Privacy,” featured MIT professors Danny Weitzner, Ronald Rivest, and Sam Madden discussing their current research and related privacy issues.  All three hail from MIT’s Computer… Continue Reading