Inside Privacy

Contact:Email

In a new post on the Covington Inside Tech Media Blog, our colleagues discuss how the pandemic is driving connected and automated vehicle (CAV) initiatives at the federal and state levels.  At the federal level, NHTSA and Congress have recently expressed support for utilizing CAV technology to address pandemic-related challenges.  In California, a privacy bill

On May 5, 2020, the Seventh Circuit held that violations of the section 15(b) disclosure and informed consent provisions of the Illinois Biometric Information Privacy Act, 740 ILCS 14/1 et seq. (“BIPA”) constitute “an invasion of personal rights that is both concrete and particularized” for the purposes of establishing Article III standing to sue in federal courts.  However, the Seventh Circuit also held that the alleged harms associated with violations of section 15(a) of BIPA were insufficient to establish Article III standing.  Section 15(a) mandates public disclosure of a retention schedule and guidelines for permanent destruction of collected biometric information.

Covington has previously discussed developments in BIPA litigation, which has proliferated in recent years with the advancement of relevant technologies.  The increase in BIPA litigation has been accompanied by a rise in disputes over the nature of the harm required to sustain an action, both in state and federal courts.  Although this issue was seemingly resolved at the state-level by the Illinois Supreme Court’s 2019 Rosenbach decision, federal courts have continued to grapple with the issue for the purposes of Article III standing.
Continue Reading Seventh Circuit Rules on Article III Standing Issues in Illinois BIPA Lawsuit, Allowing Case to Proceed in Federal Court

Yesterday, the Supreme Court heard oral argument (by telephone) in Barr v. American Association of Political Consultants, a case that centers on the constitutionality of the Telephone Consumer Protection Act (TCPA), and, more specifically, the prohibition on transmitting automated calls or texts to mobile telephone numbers without prior express consent.  Given the litigious environment surrounding the TCPA, the case has important potential implications for businesses that communicate with consumers in this manner.  A transcript of the argument is available here, and a recording is available here.
Continue Reading Supreme Court Hears Argument Regarding Constitutionality of TCPA

The Eleventh Circuit has issued a unanimous decision in Medley v. Dish Network, LLC, holding that the Telephone Consumer Protection Act (TCPA) does not permit consumers to unilaterally revoke their consent to receive automated calls or texts, if that consent is given in a bargained-for contract.  The decision could have important implications for businesses that rely on consent to send consumers automated calls and texts.
Continue Reading Eleventh Circuit Holds that TCPA Consent Revocation is Limited When Given as Part of a Bargained-For Contract

In a new post on the Covington Digital Health blog, our colleagues discuss the Department of Health and Human Services (“HHS”) announcement of enforcement discretion to “permit compliance flexibilities” for the implementation of the interoperability final rules issued on March 9th, 2020.  The final rules are intended to improve patient access to electronic health information

Yesterday, the Federal Communications Commission (FCC) took additional steps to implement the various mandates in the TRACED Act (discussed here and here), which was enacted late last year to help combat illegal robocalls.  Specifically, the FCC yesterday released a notice of proposed rulemaking (NPRM) that seeks comment on how best to eliminate “one-ring scams.”  Included in the NPRM is a proposed rule that would permit voice service providers to block callers suspected of transmitting such scam calls.
Continue Reading FCC Continues TRACED Act Implementation, Proposes to Expand Scope of Permissible Call Blocking

The Brazil Senate unanimously approved a bill today that would delay implementation of the Brazil General Law for Data Protection, or LGPD, until January 1, 2021 and enforcement of fines and penalties until August 1, 2021.  The LGPD is currently scheduled to take effect on August 15, 2020.

The draft bill — one of four pending in the Senate that propose to delay implementation of the LGPD — is broad in scope, encompassing not only the LGPD, but also statutes of limitations and sanctions for certain anti-competitive conduct.  Senator Antonio Anastasia, the sponsor of the bill, explained that the bill is intended to give businesses an opportunity to focus on other urgent matters arising from the COVID-19 pandemic.
Continue Reading Brazil Senate Approves Bill Delaying LGPD Enforcement

With the adoption of two recent orders, the Federal Communications Commission (“FCC”) continues to implement the TRACED Act.  In the first of these orders, the FCC established a deadline by which certain voice services provides must adopt and implement the SHAKEN/STIR call authentication framework.  In the second of these orders, the FCC established the registration process for an industry “traceback” consortium.  These actions build on the FCC’s prior implementation efforts, which we discussed here and here.
Continue Reading FCC Continues Implementation of TRACED Act with SHAKEN/STIR Mandate and Industry Traceback Consortium

In a new post on the Covington Digital Health blog, our colleagues discuss two recent final rules aimed at improving patient access to electronic health information (EHI) and standardizing modes of exchange for EHI.  Among other things, the rules are intended to prevent so-called “information blocking” and to provide patients with greater control over their