Lindsey Tonsager

Lindsey Tonsager

Lindsey Tonsager helps national and multinational clients in a broad range of industries anticipate and effectively evaluate legal and reputational risks under federal and state data privacy and communications laws.

In addition to assisting clients engage strategically with the Federal Trade Commission, the U.S. Congress, and other federal and state regulators on a proactive basis, she has experience helping clients respond to informal investigations and enforcement actions, including by self-regulatory bodies such as the Digital Advertising Alliance and Children’s Advertising Review Unit.

Ms. Tonsager’s practice focuses on helping clients launch new products and services that implicate the laws governing the use of endorsements and testimonials in advertising and social media, the collection of personal information from children and students online, behavioral advertising, e-mail marketing, artificial intelligence the processing of “big data” in the Internet of Things, spectrum policy, online accessibility, compulsory copyright licensing, telecommunications and new technologies.

Ms. Tonsager also conducts privacy and data security diligence in complex corporate transactions and negotiates agreements with third-party service providers to ensure that robust protections are in place to avoid unauthorized access, use, or disclosure of customer data and other types of confidential information. She regularly assists clients in developing clear privacy disclosures and policies―including website and mobile app disclosures, terms of use, and internal social media and privacy-by-design programs.

Subscribe to all posts by Lindsey Tonsager

NLRB Finds DISH Network Social Media Policy Unlawful

The National Labor Relations Board (NLRB) continues to be active in considering whether companies’ social media policies run afoul of U.S. labor laws.  In the latest decision implementing the approach reflected in a series of NLRB reports analyzing employer social media policies under the National Labor Relations Act (NLRA), an administrative law judge found that it is impermissible … Continue Reading

FTC Proposes Additional Revisions to COPPA Rule

Earlier this morning, the FTC proposed additional revisions to the rule implementing the Children’s Online Privacy Protection Act (“COPPA”).  COPPA governs the online collection, use, and disclosure of children’s personal information by (1) operators of websites and online services that are directed to children under the age of 13 and (2) operators of general audience … Continue Reading

Study Finds Top Mobile Apps More Transparent About Privacy Practices

According to a recent study released by the Future of Privacy Forum (FPF), the number of mobile apps with privacy policies has grown rapidly since September 2011. The study examined the top 25 free and 25 paid apps in the Apple iOS, Google Play, and Kindle Fire app stores, for a total of 150 apps.  Of the apps reviewed, the study found … Continue Reading

European Data Protection Supervisor Issues Opinion on Children’s Privacy

The European Data Protection Supervisor (“EDPS”) has issued an opinion on Europe’s strategy for protecting children on the Internet.  The European Commission consults with the EDPS on a variety of data protection issues.  However, the opinions of the EDPS are not legally binding.  Among other things, the EDPS expressed support for:  The implementation of technical tools, such as … Continue Reading

New Jersey AG Settles COPPA Suit Against Mobile App Developer

The New Jersey Attorney General and Division of Consumer Affairs have announced a settlement with 24x7digital, the developer of the “TeachMe” mobile apps for preschool through second-grade children, to resolve claims that the company violated the federal Children’s Online Privacy Protection Act (“COPPA”).    The state alleged that children were encouraged to submit their full names, along with a photograph, … Continue Reading

Federal Communications Commission Seeks Comments on Mobile Privacy

The Federal Communications Commission (“FCC”) has released a Public Notice seeking comments on the steps wireless phone carriers are taking to protect the privacy and data security of customer information that is stored on consumers’ mobile devices and on how existing laws apply to the carriers’ information practices.  Section 222 of the Communications Act and the FCC’s … Continue Reading

FTC Refers Children’s Privacy Case Back To CARU

The FTC has decided not to pursue an enforcement action against Clearwater Aquarium for alleged violations of the Children’s Online Privacy Protection (“COPPA”) Rule.  In February 2012, the Children’s Advertising Review Unit (“CARU”) referred the Clearwater Aquarium’s website to the FTC for review under COPPA after the Aquarium reportedly did not respond to CARU’s inquiry.  CARU … Continue Reading

Court Dismisses Video Privacy Suit Against Sony

A judge in the Northern District of California recently agreed with the Seventh Circuit that the Video Privacy Protection Act (“VPPA”) does not provide a private right of action premised solely on an allegedly unauthorized retention of information.  Plaintiffs sued Sony Computer Entertainment America LLC (“SCEA”) and Sony Network Entertainment International LLC (“SNEI”) for alleged violations of the … Continue Reading

Supreme Court Precludes Recovery for Mental and Emotional Distress in Privacy Act Claims

This week the U.S. Supreme Court held in Federal Aviation Administration v. Cooper that an individual harmed by a federal agency’s violation of the Privacy Act cannot recover damages unless he or she is able to prove an economic loss.  Under the Privacy Act, federal agencies are prohibited from disclosing “any record which is contained … Continue Reading

Do Not Track Kids Bill Gains Cosponsors

Over the last few weeks, a number of cosponsors have been added to the Do Not Track Kids Act of 2011 (H.R. 1895), bringing the total number of cosponsors to 29.  The bill was introduced by Rep. Markey and Rep. Barton on May 13, 2011.  Earlier this month, the two members also hosted a Congressional briefing to discuss how … Continue Reading

Report Finds Advertising Companies Comply With Self-Regulatory Standards

The Network Advertising Initiative (“NAI”), a coalition of more than 80 online advertising companies committed to self-regulation, released a report this week finding that there is a high degree of compliance with the NAI’s Self-Regulatory Code of Conduct, which governs the use of consumer data for purposes of online behavioral advertising.   In particular, the report concludes that NAI’s … Continue Reading

FTC Report Calls For More Notice Involving Mobile Apps Directed To Kids, Warns Enforcement Could Come Over Next Six Months

The FTC staff released a report today calling for participants in the mobile app ecosystem — including app developers, app stores, and third parties who collect data through mobile apps — to provide better privacy notices to parents about mobile apps directed to children, and warning that over the next six months, staff will be conducting additional reviews … Continue Reading

California AG Files Suit Regarding Plastic “Biodegradable” and “Recyclable” Claims

Last week, the California Attorney General brought its first suit under California’s environmental marketing law, which restricts the labeling of plastic food or beverage containers as “biodegradable.” The Attorney General claims that a plastics company’s statements that its microbial additive results in the “first truly biodegradable and recyclable” plastic bottle and that the bottle will break down … Continue Reading

Right of Publicity Suit Against Facebook Dismissed

Last week, U.S. District Judge Richard Seeborg dismissed a putative class action against Facebook alleging that the company violated users’ rights of publicity by using their names and pictures for its Friend Finder service.  The Judge concluded that the class failed to demonstrate that they suffered any injury as a result of the service.  The Judge … Continue Reading

FCC Adopts Rules Implementing the Protecting Children in the 21st Century Act

The Federal Communications Commission has adopted rules implementing the Protecting Children in the 21st Century Act. Like the Act, the FCC’s rules require elementary and secondary schools that have applied for discounted Internet access services through the FCC’s E-rate program to certify that the school’s Internet safety policy provides for the education of minors about appropriate online behavior, including … Continue Reading

FTC Settles First COPPA Complaint Against Mobile App Developer

Resolving the FTC’s first complaint against a mobile app developer under the Children’s Online Privacy Protection Act (“COPPA”), W3 Innovations, LLC, a developer of children’s games for the iPhone and iPod touch, has agreed to pay $50,000 to settle allegations that it collected and disclosed the personal information of thousands of children under the age of 13 without first providing … Continue Reading

FTC Commissioner Brill Warns Enforcement Actions Coming for Mobile Apps

Speaking at the American Bar Association’s annual meeting in Toronto, Commissioner Brill informed the audience that “We will soon be seeing some enforcement actions on [mobile] apps.”  Commissioner Brill emphasized that Section 5 of the FTC Act, which prohibits unfair or deceptive acts or practices, applies to mobile applications and criticized many app developers for … Continue Reading

Senator Franken Focuses on Privacy of Geolocation Data

Among the numerous federal privacy and data security bills that have been introduced in Congress over the last four months, Senator Franken’s “Location Privacy Protection Act” (S. 1223) focuses specifically on the collection of geolocation data by covered entities through mobile devices.  The bill would prohibit entities that offer or provide services to certain mobile devices from collecting and … Continue Reading

Supreme Court Reaffirms Application of First Amendment to Children

Last week, the Supreme Court issued its much anticipated decision in the Brown v. Entertainment Merchant’s Association case.  Justice Scalia, writing for Justices Kennedy, Ginsburg, Sotomayor, and Kagan, held that a California law restricting the sale or rental of violent video games to minors, and mandating “18” labels for such games, violates the First Amendment. The decision is not … Continue Reading

FTC Seeks Comment on Aristotle’s COPPA Safe Harbor Application

The Children’s Online Privacy Protection Act (“COPPA”) provides a safe harbor for companies that comply with FTC-approved self-regulatory guidelines.  Since COPPA’s enactment, the FTC has approved proposals submitted by CARU, ESRB, TRUSTe, and Privo, Inc.   Aristotle, which operates the Integrity suite of age and identity verification services, recently filed an application with the FTC to become an FTC-approved safe harbor program.  … Continue Reading

FCC Drafting a Report on Location-Based Services

The Federal Communications Commission is seeking public comment on the use of location-based services in connection with a forthcoming staff report.  Comments are due to the FCC by July 8, 2011. The agency also is teaming up with the Federal Trade Commission to host an educational forum on June 28, 2011, to help consumers understand the … Continue Reading

Senator Rockefeller Asks Mobile Companies About Children’s Privacy

Senator Rockefeller, Chairman of the Senate Commerce Committee, has asked Apple, Google, and the Association for Competitive Technology to respond to questions to help determine whether the applications running on their mobile platforms comply which the Children’s Online Privacy Protection Act (COPPA). COPPA requires operators of certain websites and online services to obtain parental consent … Continue Reading

FTC Settles COPPA Charges Against Virtual World Operators

The Federal Trade Commission today reached a $3 million settlement with 20 operators of online virtual worlds.  The settlement is the largest civil penalty that the FTC has obtained to date for a violation of the Children’s Online Privacy Protection Act (COPPA).  The FTC alleged that the operators collected children’s ages and email addresses during … Continue Reading

Covington’s Lindsey Tonsager To Speak at the Privacy & Data Protection USA Conference

Lindsey Tonsager, an associate in Covington’s Privacy & Data Security Group, will be speaking on recent developments in the areas of children’s privacy and social networking at the upcoming Privacy & Data Protection USA conference.  The conference will be held at Loyola University in Chicago on Tuesday, May 24, 2011.  Government officials, business executives, sales and marketing directors, and legal experts will gather to discuss … Continue Reading
LexBlog