On Thursday, the Court of Justice of the EU ordered Sweden to pay a lump sum of €3 million for failure to transpose the EU’s Data Retention Directive (the “Directive”) into national law within the prescribed period. The Directive obliges electronic communications service providers to store information about communications for a period of 6 – … Continue Reading
By Mark Young and Oliver Grazebrook The Irish Presidency of the Council of the EU has published a progress report on negotiations at Member State level on the EU CyberSecurity Strategy and proposed EU Directive on Network and Information Security (“NIS Directive”). As we summarised in this post, if enacted in its current form, the … Continue Reading
To help prepare an impact assessment on the potential effects in the UK of the proposed EU Directive on Network and Information Security (“NIS Directive”), the UK Government has launched a call for evidence to gather data. As we summarised in this post, if enacted in its current form, the NIS Directive will require companies … Continue Reading
The Federal Trade Commission (“FTC”) recently released an additional question and answer as part of its revised COPPA FAQs, which provide guidance on the FTC staff’s interpretations of the rule implementing the Children’s Online Privacy Protection Act (“COPPA”). As we previously reported, the FTC published substantial revisions to the COPPA FAQs in April in order … Continue Reading
Earlier this week, the U.S. Department of Transportation’s Advisory Committee on Aviation Consumer Protection (“ACACP”) held a meeting in Washington, D.C. to discuss data privacy and security issues relevant to the aviation industry. The meeting featured presentations by representatives of the airlines, travel agents, online travel agents, global distribution systems (“GDS”), and consumers. According to … Continue Reading
Today, the Federal Trade Commission released the agenda and panelists for the public forum it is holding on mobile security, Mobile Security: Potential Threats and Solutions, on June 4, 2013. The forum will bring together technology researchers, industry members, and academics to explore mobile malware, the security of existing and developing mobile technologies, and the roles … Continue Reading
Earlier this month, Maneesha Mithal, Associate Director of the Federal Trade Commission’s Division of Privacy and Identity Protection, testified before the U.S. Senate Subcommittee on Consumer Protection, Product Safety, and Insurance regarding consumer report accuracy and the FTC’s efforts to improve accuracy through education and enforcement. Her testimony emphasized the impact that consumer report errors may … Continue Reading
We are pleased to share that The Lawyer has recently shortlisted our London technology and media group for its TMT Team of the Year Award (2013). The publication further recognized the firm’s data protection and sports law work over the past year and our involvement in the 2012 London Olympic and Paralympic Games. We congratulate … Continue Reading
Recent news that the U.S. Justice Department obtained telephone records for two months covering more than 100 journalists working for the Associated Press has prompted lawmakers to propose new statutes meant to strengthen protections against the kinds of requests that our Jeff Kosseff described as “undermin[ing]” the “entire Fourth Estate.”… Continue Reading
A seller who authorizes a third-party telemarketer to market the seller’s goods or services may be held vicariously liable if the telemarketer violates the Telephone Consumer Protection Act (TCPA), the Federal Communications Commission held in a May 9 declaratory ruling. The FCC’s ruling interprets two subsections of the TCPA. The first subsection — 47 U.S.C. … Continue Reading
The Federal Trade Commission has sent letters to more than 90 different companies who develop mobile apps that the FTC claims may be directed to children. The letters emphasize that the FTC has not evaluated the apps or the companies’ practices to determine if they comply with the current or revised COPPA Rule. Instead, the letters remind these … Continue Reading
Businesses should take note of this week’s decision in Gormley v. Nike, Inc., a lawsuit under California’s Song-Beverly Credit Card Act, in which plaintiffs allege that Nike violated the Act by requesting ZIP codes from them during credit card transactions in Nike’s retail stores. Judge Susan Illston of the Northern District of California denied Nike’s … Continue Reading
California Attorney General Kamala Harris failed in her first attempt to sue a company for failing to post a privacy policy on a mobile app.
Harris alleged that Delta Airlines violated the California Online Privacy Protection Act ("CalOPPA") by failing to include a privacy policy on its mobile app- The lawsuit, in the California Superior Court in San Francisco, was the first enforcement action under CalOPPA since it came into force in 2004.
On Thursday, the district court granted Delta's motion to dismiss the complaint, concluding that the Airline Deregulation Act (ADA) pre-empts the state's claims. The ADA provides that "a State....may not enact or enforce a law, regulation, or other provision having the force and effect of law related to a price, route, or service of an air carrier." Courts have construed the scope of preemption by the ADA broadly, and the majority of courts which have considered the issue have held that the ADA preempts the application of state consumer protection laws to airlines. See Morales v. Trans World Airlines, 504 U.S. 374 (1992). The judge decided that the operation of a mobile app for air travel services is "related to price, route or service of an air carrier" and thus agreed with Delta's argument that the California AG's claim is pre-empted.… Continue Reading
On Tuesday, Senators Carl Levin (D-MI), John McCain (R-AZ), Jay Rockefeller (D-WV), and Tom Coburn (R-OK) introduced the “Deter Cyber Theft Act.” The Act would require the Director of National Intelligence (“DNI”) to provide relevant congressional committees with an annual report on “foreign economic and industrial espionage in cyberspace.” The report would require the DNI … Continue Reading
An important vote in the European Parliament has been postponed for the second time. The vote of the LIBE committee, the lead committee for the proposed EU General Data Protection Regulation, which was initially scheduled for the end of April, had already been postponed until the end of May 2013 (see InsidePrivacy European Parliament’s Lead … Continue Reading
On April 29, Craigslist was successful in fighting off a motion to dismiss filed by three screenscraping sites (3Taps, Padmapper and Lovely) in its pending litigation in the Northern District of California. In Craigslist Inc. v. 3Taps Inc., No. CV 12-03816 (N.D. Cal.), Craigslist sued these sites, alleging that their scraping of Craigslist content violated … Continue Reading
The Federal Trade Commission (FTC) has voted unanimously to retain the July 1, 2013 effective date for its revisions to the rule implementing the Children’s Online Privacy Protection Act (COPPA). As we previously wrote, the FTC adopted significant revisions to the COPPA rule in December 2012 and established a July 1, 2013 effective date. In … Continue Reading
Last week, the California Senate unanimously passed a bill that would give California minors the right to “remove content or information” that they submit to websites, online services, online applications, or mobile applications. The term “content or information” is not defined, and could be interpreted broadly to include any text, photos, videos, audio files, or … Continue Reading
Germany has passed a law which amends several existing laws, including the Telecommunications Act, clarifying in particular the obligations of telecommunications providers to disclose customer data to law enforcement authorities. The existing disclosure obligations relate to “customer data”, which is data of subscribers collected for the purpose of establishing, regulating the contents of, modifying or … Continue Reading
The DOT announced today that the fourth in a series of public meetings of the Advisory Committee on Aviation Consumer Protection will focus on privacy issues. This DOT Committee has been working on various rulemaking and enforcement initiatives affecting consumer protection in air travel, but this will be the first time that privacy practices and use of data have been made the central topic of a Committee meeting. The DOT supervises airlines privacy practices because airlines are subject to sector-specific oversight (the FTC Act provides that air carriers are among the businesses excepted from the FTC's authority to regulate unfair or deceptive business practices).… Continue Reading
China’s Ministry of Internet and Information Technology (“MIIT”) has promulgated a new regulation targeting manufacturers of mobile smart devices (such as smart phones) that prohibits them from preinstalling certain apps that raise privacy, security, or prohibited content concerns. Entitled “Notice Regarding Strengthening the Management of Network Access for Mobile Smart Terminals,” the new regulation forbids … Continue Reading
