Tag Archives: Notice

EU Regulators Provide Guidance on Notice and Consent under GDPR

By Mark Young, Joseph Jones and Ruth Scoles Mitchell The Article 29 Working Party (WP29) has published long-awaited draft guidance on transparency and consent under the General Data Protection Regulation (“GDPR”).  We are continuing to analyze the lengthy guidance documents, but wanted to highlight some immediate reactions and aspects of the guidance that we think … Continue Reading

Senators Reintroduce Cybersecurity Legislation for Cars and Planes

Senators Ed Markey (D-MA) and Richard Blumenthal (D-CT) reintroduced a pair of bills today relating to the cybersecurity of cars and aircraft, which would impose affirmative security, disclosure, and consent requirements on manufacturers and air carriers.  The Security and Privacy in Your Car (“SPY Car”) Act and Cybersecurity Standards for Aircraft to Improve Resilience (“Cyber … Continue Reading

FTC Issues Warning Letters to App Developers Using Technology That Could Monitor What Users Watch on TV

Yesterday, the Federal Trade Commission (“FTC”) announced that it issued warning letters to mobile app developers that installed software created by an entity called Silverpush that could allow third parties to monitor the television-viewing habits of consumers who have downloaded the mobile apps of those developers.  The letters were sent to 12 developers whose apps … Continue Reading

Bipartisan Data Security Bill Put Forth For Review

By Lala Qadir A bipartisan data security bill was unveiled last week as part of a renewed push to create standardized requirements around data breach and security issues.  Both co-sponsors of the bill, Representative Marsha Blackburn (R-TN) and Representative Peter Welch (D-VT), are members of the House Subcommittee on Commerce, Manufacturing, and Trade, and Blackburn … Continue Reading

Congressional Privacy Bill: Commercial Privacy Rights Act of 2015

By Caleb Skeath As we reported yesterday, the Congressional Privacy Bill has been released, following the release of the White House’s proposal for a privacy bill in late February.  The bill contains the Commercial Privacy Rights Act of 2015, the Congressional counterpart to the White House’s proposal, along with data breach notification provisions and the … Continue Reading

FTC Internet of Things Report Outlines Privacy and Security Recommendations for Industry

Yesterday, the Federal Trade Commission released a staff report on the Internet of Things (“IoT”) that provides best practice recommendations for addressing privacy and security risks associated with IoT products and services.  The report, Internet of Things: Privacy & Security in a Connected World, also summarizes findings from the FTC’s 2013 IoT workshop.  In the … Continue Reading

Court Dismisses CFAA, ECPA, and Other Claims in Privacy Class Action Opperman v. Path

On May 14, a judge in the Northern District of California granted in part and dismissed in part four motions to dismiss filed by defendants in the consolidated class action, Opperman v. Path (No. 3:13-CV-00453-JST). The plaintiffs alleged that apps offered by a number of developers (“App Defendants”) accessed and uploaded information from plaintiffs’ mobile … Continue Reading

California AG Sues Company for Slow Breach Response, “Public” Display of Social Security Numbers

California Attorney General Kamala Harris has sued the Kaiser Foundation Health Plan for failing to promptly notify employees about a 2011 data breach.  California’s breach notice law requires breaches of personal information to be disclosed “in the most expedient time possible and without unreasonable delay.” Harris alleges that Kaiser violated this requirement after taking too … Continue Reading

China Releases National Standard for Personal Information Collected Over Information Systems; Industry Self-Regulatory Organization Established

China’s Standardization Administration recently released a long-awaited national standard related to personal information.  Entitled Information Security Technology — Guidelines for Personal Information Protection Within Public and Commercial Services Information Systems (信息安全技术公共及商用服务信息系统个人信息保护指南) (“Guidelines”), the new standard will take effect February 1, 2013.  The Guidelines are voluntary and lack the force of law.  They nevertheless clarify key … Continue Reading

FTC Working on Privacy “Nutrition Label”; Industry Focusing on Icons

At the Wired for Change conference earlier this week, FTC Chairman Jon Leibowitz noted that the FTC is developing a “nutrition label” for data collection and use, modeled after the nutrition facts label for food and beverages.  Leibowitz reportedly said that the agency’s chief technologist and the Bureau of Consumer Protection are working to identify … Continue Reading
LexBlog