A seller who authorizes a third-party telemarketer to market the seller’s goods or services may be held vicariously liable if the telemarketer violates the Telephone Consumer Protection Act (TCPA), the Federal Communications Commission held in a May 9 declaratory ruling.

The FCC’s ruling interprets two subsections of the TCPA. The first subsection — 47 U.S.C. § 227(b) — includes several restrictions, including a general prohibition on making calls to landline or mobile telephones using a prerecorded message without  the recipient’s prior express consent. Section 227(b)(3) allows individuals or companies to bring private lawsuits “based on a violation of this subsection” or the FCC’s implementing regulations.

A separate portion of the TCPA — 47 U.S.C. § 227(c) — authorizes the FCC to set up a national Do Not Call registry, which the FCC did in coordination with the Federal Trade Commission several years ago. Section 227(c)(5) authorizes private lawsuits by individuals who receive “more than one telephone call within any 12-month period by or on behalf of the same entity” in violation of the Do Not Call rules.

Last week’s declaratory ruling came in response to questions referred to the FCC by two federal courts in two separate TCPA-based lawsuits.

Continue Reading FCC Confirms That Sellers Can Be Liable for Telemarketer TCPA Violations

The Federal Trade Commission has sent letters to more than 90 different companies who develop mobile apps that the FTC claims may be directed to children.  The letters emphasize that the FTC has not evaluated the apps or the companies’ practices to determine if they comply with the current or revised COPPA Rule.  Instead, the letters remind these

California Attorney General Kamala Harris failed in her first attempt to sue a company for failing to post a privacy policy on a mobile app.

Harris alleged that Delta Airlines violated the California Online Privacy Protection Act (“CalOPPA”) by failing to include a privacy policy on its mobile app- The lawsuit, in the California Superior Court in San Francisco, was the first enforcement action under CalOPPA since it came into force in 2004.

On Thursday, the district court granted Delta’s motion to dismiss the complaint, concluding that the Airline Deregulation Act (ADA) pre-empts the state’s claims. The ADA provides that “a State….may not enact or enforce a law, regulation, or other provision having the force and effect of law related to a price, route, or service of an air carrier.” Courts have construed the scope of preemption by the ADA broadly, and the majority of courts which have considered the issue have held that the ADA preempts the application of state consumer protection laws to airlines. See Morales v. Trans World Airlines, 504 U.S. 374 (1992). The judge decided that the operation of a mobile app for air travel services is “related to price, route or service of an air carrier” and thus agreed with Delta’s argument that the California AG’s claim is pre-empted.
Continue Reading Delta succeeds in dismissing California AG’s first CalOPPA case

China’s Ministry of Internet and Information Technology (“MIIT”) has promulgated a new regulation targeting manufacturers of mobile smart devices (such as smart phones) that prohibits them from preinstalling certain apps that raise privacy, security, or prohibited content concerns.  Entitled “Notice Regarding Strengthening the Management of Network Access for Mobile Smart Terminals,” the new regulation forbids mobile smart device manufacturers from pre-installing any app that:

  • collects or modifies a user’s personal information without express notification and user consent;
  • accesses a network without express notification or consent, causing unauthorized bandwidth use, monetary loss, information disclosure, or other negative consequences;
  • affects the smart device’s normal operations or the safe operation of the telecommunications network;
  • contains content restricted by PRC law (e.g., obscene, anti-government, or hate speech); or
  • infringes a user’s personal information, safety, legitimate rights or interests, or prejudices the security of network information.


Continue Reading China Regulates Smart Device Manufacturers’ Use of Pre-installed Apps

Speaking at a seminar hosted by the International Association of Privacy Professionals, Assistant Director Chris Olsen and Senior Attorney Peder Magee, both of the Federal Trade Commission’s Division of Privacy and Identity Protection, provided a useful overview of the FTC’s recent enforcement actions and current enforcement priorities.  Based on this discussion, the following infographic identifies the

At a recent forum in New York, a team of Covington lawyers addressed the growing concern among companies that their most valuable assets could leave the building on a thumb drive in an employee’s pocket or be disclosed through an employee’s use of a social media site.  Addressing this threat involves many disciplines

By Dan Cooper and Philippe Bradley

This week the Article 29 Working Party released its Opinion 2/2013 on apps on smart devices (WP 202), a 30-page report on mobile app privacy and data protection considerations. This development follows on the Working Party’s Statement on the draft General Data Protection Regulation on 27 February 2013 (which we previously discussed here). 

The report sets out several sets of prescriptive, but non-binding, recommendations that target app developers, app stores, OS and device manufacturers, and other third party participants in app ecosystems, such as advertisers and network operators that bundle apps with devices. 

This short post sets out a summary of some of the report’s less conventional prescriptions and recommendations, which could present participants in the European digital/mobile ecosystem with significant compliance challenges.

Continue Reading EU Data Protection Working Party Sets Out App Privacy Recommendations

On March 12, 2013, the Federal Trade Commission (FTC) released new guidance for online advertisers, providing specific tips and examples of how to make disclosures clear and conspicuous, and, therefore, not deceptive in the context of emerging technologies, space-constrained screens, and social media platforms.

The guidelines—titled “.com Disclosures:  How to Make Effective Disclosures in Digital Advertising”—update prior guidance known as “Dot Com Disclosures,” which was released in 2000.  The updated guidelines emphasize that consumer protection laws apply to commercial activities across all mediums, including on computers, mobile devices, and tablets.


Continue Reading FTC Releases New Guidance For Online Advertising Disclosures

Last Friday, the Federal Trade Commission released a report, Paper, Plastic…or Mobile?, on the use of mobile payments.  The report follows a workshop hosted by the FTC in April 2012 that explored innovative mobile payment products and services, the potential benefits offered by mobile payments, and the concerns they raise.  For purposes of the report, mobile payments generally include four types of payment processes:  (1) near field communication (NFC) technologies, (2) mobile applications, (3) online checkout wallets, and (4) mobile carrier billing (charging of payments directly to a mobile phone bill).

The report focuses on the primary areas where the increasing use of mobile payments raises concerns, including dispute resolution, data security, and privacy.  The report also highlights special concerns regarding mobile carrier billing and international mobile payments.

Continue Reading FTC Issues Report on Mobile Payments

Mobile device manufacturer HTC America has settled Federal Trade Commission (“FTC”) charges that the company failed to take reasonable steps to secure the software it developed for its smartphones and tablet computers, introducing security flaws that placed sensitive information about millions of consumers at risk.  The settlement requires HTC America to develop and release software