Inside Privacy

Contact:Email

Earlier this week, the Federal Communications Commission’s (FCC’s) Consumer and Government Affairs Bureau released a Declaratory Ruling clarifying the agency’s interpretation of the “Automatic Telephone Dialing System” (an “autodialer” or “ATDS”) definition in the Telephone Consumer Protection (TCPA).  The Ruling clarified that, in the context of a call or text message platform, the definition does not turn on whether the platform is used by others to transmit a large volume of calls or text messages; instead, the relevant inquiry is whether, in this context, the platform is capable of transmitting calls or text messages without a user manually dialing each such call or text message.

The Declaratory Ruling was issued in response to a Petition filed by the P2P Alliance  seeking confirmation that its text messaging platform is not an autodialer and therefore not subject to the TCPA’s ATDS-related consent requirements.  These requirements generally prohibit using an ATDS to call or text a mobile number without the recipient’s consent.  The Petition stated that the text messaging platform at issue required users of the platform “to actively and affirmatively manually dial each recipient’s number and transmit each message one at a time.”  The Petition also stated that recipients generally would provide their consent to receive such messages by providing their mobile numbers to the platform’s users.
Continue Reading FCC Issues Two TCPA Declaratory Rulings, One Clarifying Autodialer Definition

In a new post on the Covington Energy & Environment Blog, our colleagues discuss the Federal Energy Regulatory Commission’s Notice of Inquiry on updating reliability standards related to cybersecurity, especially given the threat of a coordinated cyberattack targeting geographically distributed generation resources.  The Commission also issued a staff paper that
Continue Reading FERC Requests Comments on Grid Cybersecurity Initiatives

In a new post on the Covington Inside Tech Media Blog, our colleagues discuss how the pandemic is driving connected and automated vehicle (CAV) initiatives at the federal and state levels.  At the federal level, NHTSA and Congress have recently expressed support for utilizing CAV technology to address pandemic-related challenges.  
Continue Reading IoT Update: COVID-19 Drives Forward Connected and Automated Vehicle Legislative and Regulatory Efforts

On May 5, 2020, the Seventh Circuit held that violations of the section 15(b) disclosure and informed consent provisions of the Illinois Biometric Information Privacy Act, 740 ILCS 14/1 et seq. (“BIPA”) constitute “an invasion of personal rights that is both concrete and particularized” for the purposes of establishing Article III standing to sue in federal courts.  However, the Seventh Circuit also held that the alleged harms associated with violations of section 15(a) of BIPA were insufficient to establish Article III standing.  Section 15(a) mandates public disclosure of a retention schedule and guidelines for permanent destruction of collected biometric information.

Covington has previously discussed developments in BIPA litigation, which has proliferated in recent years with the advancement of relevant technologies.  The increase in BIPA litigation has been accompanied by a rise in disputes over the nature of the harm required to sustain an action, both in state and federal courts.  Although this issue was seemingly resolved at the state-level by the Illinois Supreme Court’s 2019 Rosenbach decision, federal courts have continued to grapple with the issue for the purposes of Article III standing.
Continue Reading Seventh Circuit Rules on Article III Standing Issues in Illinois BIPA Lawsuit, Allowing Case to Proceed in Federal Court

Yesterday, the Supreme Court heard oral argument (by telephone) in Barr v. American Association of Political Consultants, a case that centers on the constitutionality of the Telephone Consumer Protection Act (TCPA), and, more specifically, the prohibition on transmitting automated calls or texts to mobile telephone numbers without prior express consent.  Given the litigious environment surrounding the TCPA, the case has important potential implications for businesses that communicate with consumers in this manner.  A transcript of the argument is available here, and a recording is available here.
Continue Reading Supreme Court Hears Argument Regarding Constitutionality of TCPA

The Eleventh Circuit has issued a unanimous decision in Medley v. Dish Network, LLC, holding that the Telephone Consumer Protection Act (TCPA) does not permit consumers to unilaterally revoke their consent to receive automated calls or texts, if that consent is given in a bargained-for contract.  The decision could have important implications for businesses that rely on consent to send consumers automated calls and texts.
Continue Reading Eleventh Circuit Holds that TCPA Consent Revocation is Limited When Given as Part of a Bargained-For Contract

In a new post on the Covington Digital Health blog, our colleagues discuss the Department of Health and Human Services (“HHS”) announcement of enforcement discretion to “permit compliance flexibilities” for the implementation of the interoperability final rules issued on March 9th, 2020.  The final rules are intended to improve patient
Continue Reading HHS Announces Enforcement Discretion Over the Implementation of Interoperability Final Rules Due to COVID-19 Public Health Emergency

Yesterday, the Federal Communications Commission (FCC) took additional steps to implement the various mandates in the TRACED Act (discussed here and here), which was enacted late last year to help combat illegal robocalls.  Specifically, the FCC yesterday released a notice of proposed rulemaking (NPRM) that seeks comment on how best to eliminate “one-ring scams.”  Included in the NPRM is a proposed rule that would permit voice service providers to block callers suspected of transmitting such scam calls.
Continue Reading FCC Continues TRACED Act Implementation, Proposes to Expand Scope of Permissible Call Blocking

The Brazil Senate unanimously approved a bill today that would delay implementation of the Brazil General Law for Data Protection, or LGPD, until January 1, 2021 and enforcement of fines and penalties until August 1, 2021.  The LGPD is currently scheduled to take effect on August 15, 2020.

The draft bill — one of four pending in the Senate that propose to delay implementation of the LGPD — is broad in scope, encompassing not only the LGPD, but also statutes of limitations and sanctions for certain anti-competitive conduct.  Senator Antonio Anastasia, the sponsor of the bill, explained that the bill is intended to give businesses an opportunity to focus on other urgent matters arising from the COVID-19 pandemic.
Continue Reading Brazil Senate Approves Bill Delaying LGPD Enforcement

With the adoption of two recent orders, the Federal Communications Commission (“FCC”) continues to implement the TRACED Act.  In the first of these orders, the FCC established a deadline by which certain voice services provides must adopt and implement the SHAKEN/STIR call authentication framework.  In the second of these orders, the FCC established the registration process for an industry “traceback” consortium.  These actions build on the FCC’s prior implementation efforts, which we discussed here and here.
Continue Reading FCC Continues Implementation of TRACED Act with SHAKEN/STIR Mandate and Industry Traceback Consortium