Header graphic for print
Inside Privacy Updates on Developments in Global Privacy & Data Security from Covington & Burling LLP

Category Archives: United States

Subscribe to United States RSS Feed

GAO Report Details CFPB’s Large-Scale Data Collection Practices, Identifies Shortcomings

Posted in Financial Privacy, United States

This week, the Government Accountability Office (“GAO”) released a report recommending eleven actions the Consumer Financial Protection Bureau (“CFPB”) should take to enhance the privacy and security of its ongoing data collections.  The report also provides a detailed look at the increasingly large volume of information that CFPB collects, and how the agency’s data collection… Continue Reading

FTC Public Workshop On Big-Data Discrimination: Assessing the Current Environment

Posted in Federal Trade Commission, United States

On Monday, the FTC hosted a public workshop on the topic of big data and discrimination entitled, “Big Data: A Tool for Inclusion or Exclusion?” The first panel, which explored today’s big-data landscape, featured the following speakers from government, industry, and academia: Kristin Amerling, Chief Investigative Counsel and Director of Oversight at the U.S. Senate… Continue Reading

What the FTC’s Latest COPPA Settlements Mean for Mobile Apps

Posted in Children's Privacy, Federal Trade Commission, Mobile, Social Media, Uncategorized

Making good on its warnings that mobile apps will be an enforcement priority under the revised Children’s Online Privacy Protection Act (“COPPA”) Rule, the FTC has announced two settlements with mobile app developers: TinyCo., the developer of several child-directed mobile apps, will pay $300,000 to settle charges that it violated COPPA by collecting children’s email addresses through its mobile app… Continue Reading

Privacy Weekend: Provocative Articles We’re Reading Now

Posted in Federal Trade Commission, Privacy Weekend, United States

It’s shaping up to be a big data weekend, for those of us who try to find some interesting weekend reading away from the crush of the day-to-day schedule.  If you’re thinking about Monday’s FTC workshop on the impact of big-data analytics on vulnerable communities, a bit of weekend reading about the intersection between technology… Continue Reading

Forever 21 Faces Point-of-Sale Data Collection Class Action Lawsuit

Posted in Litigation, Privacy Policies, United States

Fast fashion retailer Forever 21 Retail Inc. faces a putative class action lawsuit alleging that the retailer violated California law by requesting and recording shoppers’ credit card numbers and personal identification information at the point-of-sale. Forever 21 shopper Tamar Estanboulian filed the lawsuit on September 7 in U.S. District Court for the Central District of… Continue Reading

Client Event: “Data Protection & Privacy Law – 2nd Edition,” September 23, 2014

Posted in Cybersecurity, Data Breaches, Data Security, United States

Covington will be hosting a book launch for the 2014 title ‘Data Protection & Privacy Law 2nd Edition’, edited by Monika Kuschewsky, in partnership with The European Lawyer (Thomson Reuters) on September 23, 2014 in Brussels. The event will comprise a half-day workshop followed by a drinks reception. We are pleased to confirm that the… Continue Reading

Federal Judge Denies Motion to Reconsider FACTA Lawsuit Dismissal

Posted in Financial Privacy, Litigation, United States

A New York federal judge last week affirmed his earlier dismissal of a civil action alleging that a restaurant chain willfully violated the Fair and Accurate Credit Transactions Act (“FACTA”). FACTA requires businesses that accept credit cards to redact from customers’ receipts the card’s expiration date and all but the last five digits of the… Continue Reading

Google to Refund Consumers at Least $19 Million to Settle FTC Complaint It Unlawfully Billed Parents for Children’s Unauthorized In-App Charges

Posted in Federal Trade Commission, United States

The Federal Trade Commission (“FTC”) announced on Thursday, September 4 that Google has agreed to settle charges and refund no less than $19 million to consumers whose children were allegedly deceived into making mobile purchases through the Android app store. Google offers thousands of apps for free or a specific dollar amount through its Google… Continue Reading

FCC Adopts Consent Decree Regarding Verizon CPNI Opt-Out Notices

Posted in Federal Communications Commission, United States

A Consent Decree adopted by the FCC’s Enforcement Bureau on September 2 settles the FCC’s inquiry into allegations that Verizon failed to provide some customers with required notices about Verizon’s use of Customer Proprietary Network Information (CPNI) and took too long to notify the FCC after discovering the error. Under the Consent Decree, Verizon will… Continue Reading

Schedule of Panelists for FTC’s Upcoming Big Data & Discrimination Workshop

Posted in Advertising & Marketing, Emerging Technologies, Federal Trade Commission, Health Privacy, Marketing, United States

As we have previously reported, in less than two weeks the FTC will host its anticipated workshop on big data and discrimination.  Today the FTC announced a full agenda and panelists for the September 15th event, “Big Data: A Tool for Inclusion or Exclusion?” which will take place in Washington, D.C., at the Constitution Center. … Continue Reading

‘Video Rental Privacy Act’ Covers Magazines, Court Holds

Posted in Advertising & Marketing, State Legislatures

A federal court opinion released this week is a reminder that Michigan’s Video Rental Privacy Act (VRPA) may apply to far more than just videos. The Michigan VRPA restricts the disclosure of customers’ personal information by companies “engaged in the business of selling at retail, renting, or lending books or other written materials, sound recordings,… Continue Reading

FTC Settlement Requires Fandango and Credit Karma to Establish Comprehensive Security Programs to Protect Consumers’ Sensitive Personal Information

Posted in Cybersecurity, Data Breaches, Data Security, Federal Trade Commission, Financial Privacy, Privacy Policies

The Federal Trade Commission (“FTC”) has approved final orders settling charges against Fandango and Credit Karma that the companies misrepresented the security of their mobile apps and failed to protect the transmission of consumers’ sensitive personal information.  The FTC specifically alleged that, although the companies made security promises to consumers that their information was adequately… Continue Reading

Court Grants in Part and Denies in Part Yahoo’s Motion to Dismiss ECPA Claims

Posted in Litigation, Privacy Policies, United States

On Tuesday, August 12, 2014, the Northern District of California’s Judge Lucy Koh issued an order granting in part and denying in part Yahoo’s motion to dismiss claims that it violated federal and California anti-wiretapping laws. The putative class action, In re Yahoo Mail Litig., alleges that Yahoo’s practice of intercepting, scanning, analyzing, collecting, and… Continue Reading

The FTC’s Agenda to Tackle Big Data and Discrimination

Posted in Advertising & Marketing, Emerging Technologies, Federal Trade Commission, Financial Institutions, Mobile, Online, United States

Last Friday, the FTC announced an agenda for its upcoming workshop, “Big Data: A Tool for Inclusion or Exclusion?” which will take place on Monday, Sept. 15, starting at 8:00 a.m.  As we’ve previously reported, the workshop will build on recent efforts by the FTC and other government agencies to understand how new technologies affect… Continue Reading

Federal Trade Commission Releases Report on Mobile Shopping Apps: Finds Insufficient Disclosures to Consumers

Posted in Data Security, Emerging Technologies, Federal Trade Commission, Financial Privacy, Privacy Policies, Technology Transactions

Today, the Federal Trade Commission (“FTC”) issued a staff report examining the consumer-protection implications of popular shopping apps.  These services are intended to ease and enhance the shopping experience by allowing consumers to, for example, compare prices in-store across retailers, collect and redeem deals, or pay for purchases while shopping in brick-and-mortar stores.  The FTC… Continue Reading

Federal Appellate Court to Consider FTC Data Security Authority

Posted in Data Security, Federal Trade Commission, United States

The U.S. Court of Appeals for the Third Circuit this week agreed to consider whether the Federal Trade Commission has the authority to regulate companies’ data security practices. On Tuesday, the Third Circuit granted Wyndham Hotel and Resorts’ petition for interlocutory review of Judge Esther Salas’s denial of a motion to dismiss a FTC lawsuit… Continue Reading

FTC Commissioner Argues for Balanced Approach to Unfairness Cases

Posted in Federal Trade Commission, United States

As the Federal Trade Commission takes an increasingly broad view of its authority to regulate privacy and consumer protection, one of the agency’s five commissioners is calling for a more cautious approach. In a speech today to TechFreedom and the International Center for Law and Economics in Washington, D.C., Commissioner Joshua D. Wright disagreed with… Continue Reading

New Version of USA Freedom Act Introduced

Posted in Congress, Uncategorized, United States

By David Fagan, Richard Hertling, and Kate Goodloe Senate Judiciary Chairman Patrick J. Leahy introduced a new version of the Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act of 2014 (the “USA FREEDOM Act” or “Act”) in the Senate on Tuesday, more than two months House of Representatives passed… Continue Reading

House of Representatives Passes Three Cybersecurity Bills

Posted in Congress, Cybersecurity, Uncategorized, United States

By David Fagan, Richard Hertling, and Sumon Dantiki On July 28, 2014, the U.S. House of Representatives (“House”) passed three cybersecurity bills, the National Cybersecurity and Critical Infrastructure Protection Act of 2014 (H.R. 3696) (“NCCIP Act”), the Critical Infrastructure Research and Development Advancement Act (H.R. 2952) (“CIRDA Act”), and the Homeland Security Cybersecurity Boots-on-the-Ground Act… Continue Reading

The Case for Not Overregulating Drones

Posted in Congress, United States

On the International Association of Privacy Professionals’ Privacy Perspectives blog, Covington privacy associate Jeff Kosseff shares his thoughts about the potential newsgathering uses of drones, and the dangers of overregulating them.

Executive Order on Drone Privacy

Posted in United States

By Gabriel Slater and Kurt Wimmer As reported in the press, President Obama plans to issue an Executive Order authorizing the Commerce Department’s National Telecommunications and Information Administration (“NTIA”) to coordinate the development of privacy guidelines for commercial drone operations. More specifically, we understand that NTIA would coordinate a “multi-stakeholder process” — a procedure used… Continue Reading

FTC Staff Updates COPPA FAQs on Verifiable Parental Consent Methods

Posted in Children's Privacy, Federal Trade Commission, Uncategorized, United States

The FTC staff has posted revisions to three Frequently Asked Questions (“FAQs”) related to obtaining verifiable parental consent under its COPPA Rule. For a comparison of the old and new FAQs, click here. Although the changes (which include a new FAQ H.16) may appear substantial, they mostly reaffirm the FTC’s longstanding position that the agency’s… Continue Reading

FTC Sues Amazon Over Allegedly Unauthorized In-App Purchases

Posted in Federal Trade Commission, Uncategorized

By: Nora Diamond The Federal Trade Commission (“FTC”) brought suit last week against Amazon.com for allegedly collecting unauthorized in-app charges in connection with children’s apps. The FTC alleges that, by failing to require the account holder to enter a password before allowing a charge, Amazon unfairly billed parents for millions of dollars in unauthorized purchases…. Continue Reading

Court Denies Company’s Request for Identity of Online Commenter

Posted in Litigation, United States

A New York state trial court last week rejected a publicly traded company’s request to obtain the identity of an individual who anonymously wrote negative comments about the company on an online financial bulletin board. In February 2014, an individual with the pseudonym “Pump Terminator” posted an article about Nanoviricides, Inc. on www.seekingalpha.com, a financial… Continue Reading