Following Mark Zuckerberg’s opening keynote at Mobile World Congress on Monday, Federal Communications Commission (“FCC”) Chairman Tom Wheeler took the stage yesterday.  As Wheeler’s first public appearance at an industry event since the FCC’s landmark vote last week to enforce net neutrality, the keynote was expected to be closely followed by global counterparts, and InsidePrivacy had a front-row seat from Barcelona.

Wheeler’s conversation with Director General of the GSMA Anne Bouverot covered a range of topics, including net neutrality, spectrum auctions, and more widely, the role of regulation as it relates to investment and innovation.  Of primary interest, of course, was the topic of regulation as it pertains to Open Internet rules.  On this subject, Wheeler began by reframing the notion that last week’s 3-2 vote was a close one, stating, “We had 50% more votes than they did, is the way I look at it.”  This year’s Mobile World Congress, therefore, was a victory lap as some have termed it — or sales pitch — allowing Wheeler to explain and defend the FCC’s new net neutrality rules.
Continue Reading FCC Chairman Speaks at Industry Event for First Time Since Net Neutrality Vote

The International Association of Privacy Professionals hosted its annual Privacy Academy, at which one panel, “Data Brokers Demystified,” specifically focused on regulation of the data-broker industry.  The panelists included Janis Kestenbaum from the Federal Trade Commission, Jennifer Glasgow from Acxiom, and Pam Dixon from the World Privacy Forum.  Emilio Cividanes from Venable also participated.

Major Conclusions of the FTC Report (Janis Kestenbaum)

  • Data brokers operate with a fundamental lack of transparency.  They engage in extensive collection of information about nearly every US consumer, profiles of which are composed of billions of data elements.
  • Much data collection occurs without consumer awareness and uses a wide variety of online and offline sources, such as social networks, blogs, individual purchases and transactions with retailers, state and federal governments, events requiring registration, and magazine subscriptions.
  • The practice of “onboarding”–where offline data is onboarded onto an online cookie and is used to market to consumers online–is increasingly common.
  • Some data collected is sensitive, but even non-sensitive data is sometimes used to make “sensitive inferences” about (for example) health status, income, education, ethnicity, religion, and political ideology.  Consumers are often segmented into “clusters” based on these inferred characteristics.
  • For regulators, some of these clusters are concerning.  For example, one cluster is entitled “Urban Scramble” and contains high concentrations of low-income ethnic minorities.
  • Congress should create a centralized portal where consumers can go online and access individual data brokers’ websites to opt out and access and correct their information.  For consumer-facing entities, like retailers, consumers must be given some kind of choice before data is sold to a data broker, and when that data is sensitive, the choice should be in the form of an opt in.
    Continue Reading IAPP Privacy Academy: “Data Brokers Demystified”

As of March 1, 2012, all companies storing the personal information of Massachusetts residents with a third-party service provider must contractually require the service provider to maintain data security measures “consistent” with the Massachusetts data security regulations.  (You can read our overview of these regulations here.)

Among other things, those regulations—most of which took

The Department of Education has amended the implementing regulations for the Family Educational Rights and Privacy Act (“FERPA”).  According to the Department, the new regulations are intended to “safeguard student privacy while giving states the flexibility to share school data.”   

Among other things, the new regulations:

  • Make it easier for educational authorities to share educational