Header graphic for print
Inside Privacy Updates on Developments in Global Privacy & Data Security from Covington & Burling LLP

Category Archives: United States

Subscribe to United States RSS Feed

FTC Commissioner Argues for Balanced Approach to Unfairness Cases

Posted in Federal Trade Commission, United States

As the Federal Trade Commission takes an increasingly broad view of its authority to regulate privacy and consumer protection, one of the agency’s five commissioners is calling for a more cautious approach. In a speech today to TechFreedom and the International Center for Law and Economics in Washington, D.C., Commissioner Joshua D. Wright disagreed with… Continue Reading

New Version of USA Freedom Act Introduced

Posted in Congress, Uncategorized, United States

By David Fagan, Richard Hertling, and Kate Goodloe Senate Judiciary Chairman Patrick J. Leahy introduced a new version of the Uniting and Strengthening America by Fulfilling Rights and Ensuring Effective Discipline Over Monitoring Act of 2014 (the “USA FREEDOM Act” or “Act”) in the Senate on Tuesday, more than two months House of Representatives passed… Continue Reading

House of Representatives Passes Three Cybersecurity Bills

Posted in Congress, Cybersecurity, Uncategorized, United States

By David Fagan, Richard Hertling, and Sumon Dantiki On July 28, 2014, the U.S. House of Representatives (“House”) passed three cybersecurity bills, the National Cybersecurity and Critical Infrastructure Protection Act of 2014 (H.R. 3696) (“NCCIP Act”), the Critical Infrastructure Research and Development Advancement Act (H.R. 2952) (“CIRDA Act”), and the Homeland Security Cybersecurity Boots-on-the-Ground Act… Continue Reading

The Case for Not Overregulating Drones

Posted in Congress, United States

On the International Association of Privacy Professionals’ Privacy Perspectives blog, Covington privacy associate Jeff Kosseff shares his thoughts about the potential newsgathering uses of drones, and the dangers of overregulating them.

Executive Order on Drone Privacy

Posted in United States

By Gabriel Slater and Kurt Wimmer As reported in the press, President Obama plans to issue an Executive Order authorizing the Commerce Department’s National Telecommunications and Information Administration (“NTIA”) to coordinate the development of privacy guidelines for commercial drone operations. More specifically, we understand that NTIA would coordinate a “multi-stakeholder process” — a procedure used… Continue Reading

FTC Staff Updates COPPA FAQs on Verifiable Parental Consent Methods

Posted in Children's Privacy, Federal Trade Commission, Uncategorized, United States

The FTC staff has posted revisions to three Frequently Asked Questions (“FAQs”) related to obtaining verifiable parental consent under its COPPA Rule. For a comparison of the old and new FAQs, click here. Although the changes (which include a new FAQ H.16) may appear substantial, they mostly reaffirm the FTC’s longstanding position that the agency’s… Continue Reading

FTC Sues Amazon Over Allegedly Unauthorized In-App Purchases

Posted in Federal Trade Commission, Uncategorized

By: Nora Diamond The Federal Trade Commission (“FTC”) brought suit last week against Amazon.com for allegedly collecting unauthorized in-app charges in connection with children’s apps. The FTC alleges that, by failing to require the account holder to enter a password before allowing a charge, Amazon unfairly billed parents for millions of dollars in unauthorized purchases…. Continue Reading

Court Denies Company’s Request for Identity of Online Commenter

Posted in Litigation, United States

A New York state trial court last week rejected a publicly traded company’s request to obtain the identity of an individual who anonymously wrote negative comments about the company on an online financial bulletin board. In February 2014, an individual with the pseudonym “Pump Terminator” posted an article about Nanoviricides, Inc. on www.seekingalpha.com, a financial… Continue Reading

Florida Enacts Stringent Breach Notice Law

Posted in Data Breaches, Data Security, State Legislatures, United States

Last Friday, Florida’s governor signed into law the Florida Information Protection Act of 2014 (“FIPA”), a bill repealing Florida’s existing data security breach notice law and replacing it with what will be one of the nation’s most stringent breach notice laws.  This post summarizes the key aspects of the new law, which becomes effective July… Continue Reading

Wyndham Data Breach Ruling Cleared for Potential Appeal to Third Circuit

Posted in Federal Trade Commission, Litigation

U.S. District Court Judge Esther Salas ruled on Monday that the U.S. Court of Appeals for the Third Circuit can review her conclusion that Section 5 of the Federal Trade Commission Act provides the FTC with authority to bring actions arising from companies’ data security violations. In April of this year, Judge Salas denied Wyndham… Continue Reading

Eleventh Circuit: Warrant Required to Obtain Cell Site Location Information

Posted in Litigation, United States

The Eleventh Circuit ruled on June 11 that cell site location information—which can reveal the location of a cell phone user, based on his proximity to cell phone towers—is protected by the Fourth Amendment and can only be obtained with a warrant.  That ruling sets the stage for continued battles over Fourth Amendment protections for… Continue Reading

Senate Subcommittee Examines “Stalking Apps” Bill

Posted in Federal Trade Commission, Uncategorized

This week, the Senate Judiciary Subcommittee on Privacy, Technology and the Law held a hearing to discuss the Location Privacy Protection Act of 2014, a bill reintroduced in March by Senator Al Franken (D-MN).  Most concerned with the potential for misuse and abuse of location data for purposes of stalking and perpetrating domestic violence, Senator… Continue Reading

New Connecticut Law Adds Promotional SMS to State “Do Not Call” Registry Rules; Prohibits Promotional SMS to Numbers Not on State Registry Absent “Prior Express Written Consent”

Posted in Federal Communications Commission, State Legislatures

Last week, the governor of Connecticut signed into law a new requirement that extends compliance with the state’s existing Do-Not-Call registry to promotional text messages (SMS).  Specifically, the law amends the definition of a “telephonic sales call” to include a “text or media message sent by or on behalf of a telephone solicitor,” thereby prohibiting… Continue Reading

A Public Advocate for Privacy

Posted in Congress, United States

Since 1979, the United States Government has made at least 35,651 applications to the Foreign Intelligence Surveillance Court (FISC) for authority to conduct electronic surveillance and physical searches of individuals.[1]  Of those requests, only 12 have been denied; 532 requests have been formally modified.  According to one judge on the FISC, a substantially higher number… Continue Reading

FTC Data Broker Report Calls for More Transparency and Consumer Control

Posted in Federal Trade Commission, Uncategorized

The Federal Trade Commission (“FTC”) recently released a report on the data broker industry that summarizes the FTC’s findings from an investigation of nine data brokers.  The report, Data Brokers: A Call for Transparency and Accountability, recommends that Congress consider enacting legislation that promotes transparency and consumer access to information held by data brokers, and… Continue Reading

Court Dismisses CFAA, ECPA, and Other Claims in Privacy Class Action Opperman v. Path

Posted in Litigation, Mobile, United States

On May 14, a judge in the Northern District of California granted in part and dismissed in part four motions to dismiss filed by defendants in the consolidated class action, Opperman v. Path (No. 3:13-CV-00453-JST). The plaintiffs alleged that apps offered by a number of developers (“App Defendants”) accessed and uploaded information from plaintiffs’ mobile… Continue Reading

California AG Releases Online Tracking Disclosure Guidelines

Posted in Privacy Policies, United States

California Attorney General Kamala Harris today released guidelines to help websites comply with a state law that went into effect on January 1, 2014, pertaining to online tracking disclosures. The law, which amended the California Online Privacy Protection Act (“CalOPPA”) and which we previously blogged about here, requires website operators to disclose (1) how they… Continue Reading

FCC Obtains Record $7.5 Million Settlement With Sprint for Alleged Do-Not-Call Violations

Posted in Federal Communications Commission, Federal Trade Commission

Earlier this week, the FCC announced that mobile wireless company Sprint will pay $7.5 million to resolve allegations that the company failed to honor consumer requests to be placed on Sprint’s entity-specific Do-Not-Call list.  The settlement represents the largest of its kind between the FCC and a carrier. Through this settlement agreement, which follows a… Continue Reading

FCC Fines Company $2.9 Million for Political Robocalls to Cell Phones

Posted in Federal Communications Commission, United States

Last week, the Federal Communications Commission announced plans to fine Dialing Services, LLC, nearly $3 million for making illegal “robocalls” to cell phones. The FCC has specific rules for automatic telephone dialing systems, also known as “autodialers,” that have the capacity to produce, store, and dial telephone numbers using a random or sequential number generator…. Continue Reading

Senate Subcommittee Examines Online Advertising and Security

Posted in Congress, Cybersecurity, Data Security, United States

Yesterday, the U.S. Senate Permanent Subcommittee on Investigations held a hearing on “Online Advertising and Hidden Hazards to Consumer Security and Data Privacy.”  The hearing was based on a year-long investigation into a broader set of issues related to consumer privacy and security on the Internet, which narrowed over time to focus specifically on the… Continue Reading

When are Public Companies Required to Disclose that They Have Experienced a Material Data Security Breach?

Posted in Cybersecurity, Data Breaches, Data Security, United States

Recent discoveries of data security breaches have raised a perennial question for public companies:  are public companies required by law or practice to provide material updates to their investors when bad things happen?  The answer can be quite surprising.  Disclosure at the Time of the Event As a threshold matter, federal securities law does not… Continue Reading

Ninth Circuit Holds Facebook IDs and URLS Not “Content” under ECPA

Posted in Advertising & Marketing, Litigation, Mobile, Online, Social Media, United States

Last Thursday, the United States Court of Appeals for the Ninth Circuit affirmed dismissal of claims for violations of the Electronic Communications Privacy Act (“ECPA”), holding that the plaintiffs had failed to allege Facebook and Zynga disclosed the “contents” of a communication, a necessary element under the Act. The court’s ruling applies to the consolidated… Continue Reading

Snapchat Settles FTC Charges

Posted in Advertising & Marketing, Data Security, Federal Trade Commission, Mobile, Social Media

On Thursday, mobile messaging application Snapchat agreed to settle Federal Trade Commission (“FTC”) charges that it made false or misleading representations about the ephemeral nature of its messages, the collection of user information, and the nature of its security practices. The FTC Complaint alleges six counts, many of which demonstrate the Commission’s aggressive enforcement of… Continue Reading

Ten Key Take-Aways From the White House Big Data Report

Posted in Health Privacy, Privacy Policies, United States

On Thursday, the White House Big Data Working Group, led by senior presidential advisor John Podesta, released a 79-page report that outlines a number of key observations and recommendations for privacy in both the private sector and government.  Although the report does not create binding law, it provides insight into the administration’s  priorities on a… Continue Reading