News outlets are reporting that the White House will appoint FTC Commissioner Edith Ramirez to lead the Commission. She would replace current FTC Chairman Jon Leibowitz, who announced his resignation in January. Ramirez’s appointment to chair the Commission would leave it evenly split between Democrats and Republicans, with one empty seat until another person is nominated … Continue Reading
The Court of Justice of the European Union (“CJEU”) in Luxembourg heard argument yesterday concerning the “right to be forgotten”—specifically, whether search engines such as Google must block search results when asked by European citizens to remove references to themselves. This particular case—which is representative of approximately 200 similar cases in Spain—came before the CJEU … Continue Reading
Yesterday the FTC released its annual report of consumer complaints, highlighting identity theft as the leading category of complaints, with 18% of the total. The 2012 report analyzes complaints received by the FTC, certain other federal agencies, state law enforcement agencies, and non-governmental organizations such as the Better Business Bureau. After identity theft, consumers filed the … Continue Reading
By Fredericka Argent and Helena Marttila-Bridge On 21 February 2013, the ICO launched a consultation on its proposal for a new code of practice regulating the press in the UK. The consultation is in response to the publication of the Leveson Report in November 2012, which recommended significant and wide-ranging changes to the structure and … Continue Reading
Mobile device manufacturer HTC America has settled Federal Trade Commission (“FTC”) charges that the company failed to take reasonable steps to secure the software it developed for its smartphones and tablet computers, introducing security flaws that placed sensitive information about millions of consumers at risk. The settlement requires HTC America to develop and release software … Continue Reading
The FTC today announced that it will host a one-day public forum on June 4, 2012, to address threats to mobile devices. The forum will involve a discussion of malware, viruses, and similar threats facing users of smartphones and other mobile technologies. The purpose of the forum will be to inform the FTC about the … Continue Reading
On Tuesday, the U.S. cybersecurity firm Mandiant released a 60-page report detailing the activities of a hacking collective it claims has direct ties to China’s military. The firm has linked the collective to cyberattacks on more than 140 organizations across 20 industries worldwide since 2006. Mandiant claims the activity—carried out by a group called the … Continue Reading
This week, the Federal Trade Commission released a study of the U.S. credit reporting industry and credit report accuracy. The study found that five percent of consumers had errors on one of their three nationwide credit reports that could lead them to pay more for financial products. The study is required under section 319 of the … Continue Reading
In his State of the Union message on Tuesday, President Obama announced that he had signed an Executive Order addressing the cybersecurity of critical infrastructure. President Obama emphasized that in the face of threats to corporate secrets, the power grid, and financial institutions, among others, “We cannot look back years from now and wonder why … Continue Reading
On February 7, 2013, the Payment Card Industry (PCI) council released a supplement to the payment card industry data security standards (PCI-DSS) on the use of cloud technologies and considerations for maintaining PCI DSS controls in cloud environments. The supplement is intended for merchants, service providers, assessors, and other entities in evaluating the use of cloud … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule published by the U.S. Department of Health and Human Services (HHS) in the Federal Register on January 25, 2013. Previous posts are available here. The regulations are effective March 26, 2013, but covered entities and business associates have until … Continue Reading
A bill reintroduced in the U.S. House of Representatives on Wednesday would prohibit employers and schools from requesting or demanding access to employees’ or students’ personal social-media accounts. The bill, titled the “Social Networking Online Protection Act,” would bar employers from requesting or requiring that employees or job applicants provide the employer access to personal … Continue Reading
This post is part of our series on key aspects of the final HITECH omnibus rule published by the U.S. Department of Health and Human Services (HHS) in the Federal Register on January 25, 2013. Previous posts are available here. The regulations are effective March 26, 2013, but covered entities and business associates have until … Continue Reading
The European Commission, together with the High Representative of the Union for Foreign Affairs and Security Policy, has today published a CyberSecurity Strategy alongside a Commission proposed Directive on Network and Information Security (“NIS”). While much of the Strategy and Directive is aimed at Member State governments (e.g., to improve capabilities and cooperation to prevent … Continue Reading
We are very pleased to announce that Jetty Tielemans, co-chair of Covington’s Global Privacy and Data Security practice group, has been appointed to the Executive Committee of the International Association of Privacy Professionals (the “IAPP”). Other members of the six-person committee include IAPP president and CEO, Trevor Hughes, and the chief privacy officers of Microsoft, … Continue Reading
On Monday, the California Supreme Court, by a slim 4-3 majority, held that California’s Song-Beverly Credit Card Act of 1971 (“Song-Beverly”) does not apply to online purchases in which a product is downloaded electronically, finding that Apple was not liable under the statute for collecting plaintiff Krescent’s telephone number and address in order to complete … Continue Reading
As a reminder, telecommunications carriers must submit their annual certifications regarding customer proprietary network information (CPNI) by March 1. CPNI is private customer information concerning telecommunications. Telecommunications carriers and providers of interconnected Voice over Internet Protocol (VoIP) must certify annually to the FCC that they comply with their obligations to protect and limit disclosure of … Continue Reading
Following a four-year term as Chairman of the Federal Trade Commission (FTC), Jon Leibowitz will step down from his role on February 15, 2013. In a statement released by the agency, Leibowitz stated that “I have been honored to head this extraordinary, bipartisan Commission and to work alongside the best staff in federal government,” and … Continue Reading
Path, a social networking mobile app, has agreed to enter into a settlement with the Federal Trade Commission (“FTC”) regarding charges that the company deceived consumers by collecting contact information from users’ mobile address books without notice and consent. The agreement also resolves charges that the company violated the Children’s Online Privacy Protection Act (“COPPA”) … Continue Reading
