Archives: Privacy Policies

Subscribe to Privacy Policies RSS Feed

Forever 21 Faces Point-of-Sale Data Collection Class Action Lawsuit

Fast fashion retailer Forever 21 Retail Inc. faces a putative class action lawsuit alleging that the retailer violated California law by requesting and recording shoppers’ credit card numbers and personal identification information at the point-of-sale. Forever 21 shopper Tamar Estanboulian filed the lawsuit on September 7 in U.S. District Court for the Central District of … Continue Reading

FTC Settlement Requires Fandango and Credit Karma to Establish Comprehensive Security Programs to Protect Consumers’ Sensitive Personal Information

The Federal Trade Commission (“FTC”) has approved final orders settling charges against Fandango and Credit Karma that the companies misrepresented the security of their mobile apps and failed to protect the transmission of consumers’ sensitive personal information.  The FTC specifically alleged that, although the companies made security promises to consumers that their information was adequately … Continue Reading

Court Grants in Part and Denies in Part Yahoo’s Motion to Dismiss ECPA Claims

On Tuesday, August 12, 2014, the Northern District of California’s Judge Lucy Koh issued an order granting in part and denying in part Yahoo’s motion to dismiss claims that it violated federal and California anti-wiretapping laws. The putative class action, In re Yahoo Mail Litig., alleges that Yahoo’s practice of intercepting, scanning, analyzing, collecting, and … Continue Reading

Federal Trade Commission Releases Report on Mobile Shopping Apps: Finds Insufficient Disclosures to Consumers

Today, the Federal Trade Commission (“FTC”) issued a staff report examining the consumer-protection implications of popular shopping apps.  These services are intended to ease and enhance the shopping experience by allowing consumers to, for example, compare prices in-store across retailers, collect and redeem deals, or pay for purchases while shopping in brick-and-mortar stores.  The FTC … Continue Reading

Covington at #SXSW: If “Big Data Is the New Oil” Then “Privacy Is the New Green”

South by Southwest (“SXSW”) Interactive kicked off last week, and Covington was there to cover privacy and big data’s big buzz, a topic which dominated much of the conference.  Among the events that took place last Friday were “Big Data Inverted: The Best Candy from Strangers?” and “Privacy Under the Covers: The Naked Truth.”  The … Continue Reading

FTC Announces $32.5M Settlement with Apple, Inc., May Be Seen as Expanding its “Unfairness” Authority

The Federal Trade Commission (“FTC”) recently announced a settlement with Apple, Inc. over allegations that the company billed parents and other account holders for children’s in-app activities without obtaining the account holders’ express and informed consent. The FTC’s complaint alleged that Apple’s failure to obtain express and informed consent prior to each in-app purchase constituted … Continue Reading

Google Fined by the CNIL for Privacy Breaches as European Regulators Continue Investigation

On January 8, 2014, the French data protection authority, the Commission nationale de l’informatique et des libertés (CNIL), announced that it was imposing a fine of €150,000 on Google, as well as a requirement that Google, within eight days of the decision, publicize the fine on its own website (at www.google.fr) for a period of … Continue Reading

Berlin Court Condemns Google, Strikes Provisions in Privacy Policy and Terms

On Tuesday, 19 November, the Regional Court of Berlin ruled against Google in a case brought by the Federation of German Consumer Associations (vzbv).  The vzbv had initiated an action for injunction against Google, requesting it to stop using certain clauses in its Terms of Use and Privacy Policy.  In Germany, consumer associations have a … Continue Reading

European Regulators and the Eternal Cookie Debate

By Dan Cooper and Mark Young This week, the Article 29 Working Party (the “WP29”) released an opinion paper on what constitutes “consent” for purposes of complying with the EU’s “cookie” rules — rules that were revised to include a consent requirement nearly four years ago.  The paper will be relevant to website providers that … Continue Reading

DAA to Website Operators: Provide “Enhanced Notice” of OBA by January 1

Earlier this week, the organization that enforces the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioral Advertising issued a “Compliance Warning” to website operators, advising them to provide “enhanced notice” on every web page where data is being collected or used for online behavioral advertising (“OBA”) by January 1, 2014.  The DAA defines OBA as … Continue Reading

Revised OECD Privacy Guidelines Strengthen Accountability Principle

The Organization for Economic Cooperation and Development (“OECD”) has revised its Guidelines governing the Protection of Privacy and Transborder Flows of Personal Data. The revision has been triggered by changes in personal data usage as well as new approaches to privacy protection since the adoption of the first Guidelines back in 1980, which were the … Continue Reading

World Wide Web Consortium Tracking Protection Working Group Names Two New Chairs

The World Wide Web Consortium (“W3C”) Tracking Protection Working Group (“TPWG”) on Wednesday announced the addition of two new chairs to spearhead its efforts to craft an online tracking mechanism. The new chairs, Center for Democracy and Technology Director Justin Brookman, and Adobe Systems, Inc. Carl Cargill will be joining Intel Corp.’s Matthias Schunter in … Continue Reading

Digital Advertising Alliance Leaves Do Not Track Group

The Digital Advertising Alliance (“DAA”) on Tuesday announced that it will withdraw from the World Wide Web Consortium (“W3C”) tracking protection working group (“TPWG”), saying that the TPWG has “reached the end of its useful life.” In a letter to the TPWG (full text available here), DAA Managing Director Lou Mastria explained that: “After more … Continue Reading

Bill Adding Do-Not-Track Disclosures to CalOPPA Passes California Senate

Last week the California Senate unanimously approved a bill requiring that operators of commercial websites and online services that collect personal information disclose how they respond to “do-not-track” signals from web browsers and whether they allow third parties to engage in online tracking.  The legislation, which was introduced by Assemblyman Al Muratsuchi, has been sponsored … Continue Reading

Article Reports on Practice of Tracking Merchandise Returns and Associated Privacy Issues

Earlier this week, the Huffington Post’s Jennifer Kerr reported on the practice of tracking of merchandise returns by retailers.  According to the article, some retailers track merchandise returns to identify “chronic returners or gangs of thieves trying to make off with high-end products that are returned later for store credit.”  The article notes that many … Continue Reading

Korea Strengthens Protection for ‘Resident Registration Numbers’ (RRNs): Leaks May Face a Fine of up to 0.5 Billion Korean Won

On July 30, 2013, the Korean Ministry of Security and Public Administration (MOSPA) announced several amendments to the Personal Information Protection Act (PIPA) concerning collection and use of ‘Resident Registration Numbers’ (RRNs) – Korea’s national identification numbers. The PIPA is a general legal framework for personal information protection and is complemented by several sector-specific laws. … Continue Reading

Korea Strengthens Protection for ‘Resident Registration Numbers’ (RRNs): Leaks May Face a Fine of up to 0.5 Billion Korean Won

On July 30, 2013, the Korean Ministry of Security and Public Administration (MOSPA) announced several amendments to the Personal Information Protection Act (PIPA) concerning collection and use of ‘Resident Registration Numbers’ (RRNs) – Korea’s national identification numbers. The PIPA is a general legal framework for personal information protection and is complemented by several sector-specific laws. … Continue Reading

FTC Reminds Mobile App Developers To Comply With Revised Children’s Privacy Requirements By July 1

The Federal Trade Commission has sent letters to more than 90 different companies who develop mobile apps that the FTC claims may be directed to children.  The letters emphasize that the FTC has not evaluated the apps or the companies’ practices to determine if they comply with the current or revised COPPA Rule.  Instead, the letters remind these … Continue Reading

Delta succeeds in dismissing California AG’s first CalOPPA case

California Attorney General Kamala Harris failed in her first attempt to sue a company for failing to post a privacy policy on a mobile app. Harris alleged that Delta Airlines violated the California Online Privacy Protection Act ("CalOPPA") by failing to include a privacy policy on its mobile app- The lawsuit, in the California Superior Court in San Francisco, was the first enforcement action under CalOPPA since it came into force in 2004. On Thursday, the district court granted Delta's motion to dismiss the complaint, concluding that the Airline Deregulation Act (ADA) pre-empts the state's claims. The ADA provides that "a State....may not enact or enforce a law, regulation, or other provision having the force and effect of law related to a price, route, or service of an air carrier." Courts have construed the scope of preemption by the ADA broadly, and the majority of courts which have considered the issue have held that the ADA preempts the application of state consumer protection laws to airlines. See Morales v. Trans World Airlines, 504 U.S. 374 (1992). The judge decided that the operation of a mobile app for air travel services is "related to price, route or service of an air carrier" and thus agreed with Delta's argument that the California AG's claim is pre-empted.… Continue Reading

DOT shifts consumer protection focus to privacy

The DOT announced today that the fourth in a series of public meetings of the Advisory Committee on Aviation Consumer Protection will focus on privacy issues. This DOT Committee has been working on various rulemaking and enforcement initiatives affecting consumer protection in air travel, but this will be the first time that privacy practices and use of data have been made the central topic of a Committee meeting. The DOT supervises airlines privacy practices because airlines are subject to sector-specific oversight (the FTC Act provides that air carriers are among the businesses excepted from the FTC's authority to regulate unfair or deceptive business practices).… Continue Reading

5 Privacy and Data Security Measures That Can Protect Your Company Against Trade Secret Theft

At a recent forum in New York, a team of Covington lawyers addressed the growing concern among companies that their most valuable assets could leave the building on a thumb drive in an employee’s pocket or be disclosed through an employee’s use of a social media site.  Addressing this threat involves many disciplines beyond trade … Continue Reading

Proposed California “Right to Know” Act Would Require Broad Disclosures To CA Residents

A bill titled the “Right to Know Act of 2013” (AB 1291), which was first introduced by Assembly Member Bonnie Lowenthal this past February, continues to gather momentum in the California legislature.  The Right to Know Act would repeal and re-write Cal. Civ. Code § 1798.83 (often referred to as the California Shine the Light law) … Continue Reading

FTC Annual Report Reveals Identity Theft — Not Privacy — Is Top Consumer Complaint

Yesterday the FTC released its annual report of consumer complaints, highlighting identity theft as the leading category of complaints, with 18% of the total.  The 2012 report analyzes complaints received by the FTC, certain other federal agencies, state law enforcement agencies, and non-governmental organizations such as the Better Business Bureau.  After identity theft, consumers filed the … Continue Reading
LexBlog