Archives: United States

Subscribe to United States RSS Feed

OCR Steps Up HIPAA Enforcement Following Breaches of Protected Health Information

The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services has been busy.  In addition to its recent efforts to begin audits of covered entities and business associates, OCR has announced a slew of enforcement actions against covered entities for alleged HIPAA violations.… Continue Reading

Senate Panel Passes “Internet of Things” Bill

Yesterday, the Senate Commerce Committee passed a bill meant to increase government involvement in the development of the “Internet of Things” (IoT). By a voice vote, the committee approved the Developing Innovation and Growing the Internet of Things (DIGIT) Act, sponsored by Sen. Deb Fischer (R-Neb.), Sen. Kelly Ayotte (R-N.H.), Sen. Cory Booker (D-N.J.), and … Continue Reading

Seventh Circuit, Relying on Defendant’s Post-Breach Statements, Allows Data Breach Class Action to Proceed

Last week, the Seventh Circuit handed down another friendly ruling for data breach class action plaintiffs, reversing a district court’s dismissal of a class action complaint over a 2014 data breach at P.F. Chang’s restaurants.  In reversing the district court’s holding that the plaintiffs had not demonstrated Article III standing, the Seventh Circuit ruled that … Continue Reading

House Judiciary Committee Approves Email Privacy Act

In a unanimous vote, the House Judiciary Committee approved the Email Privacy Act, a long-awaited update to the 30-year-old Electronic Communications Privacy Act (ECPA).  The proposed changes would strengthen the privacy protections for email and other cloud-storage services by closing a loophole that allowed law enforcement to access older data without obtaining a warrant.  The … Continue Reading

FTC Releases Online Tool to Help Health App Developers Identify Applicable Laws

A new post on the Covington eHealth blog discusses the new web-based interactive tool released by the FTC, in conjunction with HHS and the FDA, to assist mobile health app developers in navigating applicable federal laws and regulations in the areas of advertising and marketing, medical devices, and data security and privacy.  As part of … Continue Reading

NTIA Release Requests for Comments on IoT Issues

Yesterday, the National Telecommunications and Information Administration (NTIA), part of the U.S. Department of Commerce, issued a Request For Public Comment (RFC) seeking comment on the benefits, challenges, and potential roles for the government in fostering the advancement of the Internet of Things (IoT). NTIA issued the RFC as part of the Commerce Department’s Digital … Continue Reading

FCC Releases NPRM on Broadband Privacy Rules

Last Friday, the Federal Communications Commission (“FCC”) released its much-anticipated Notice of Proposed Rulemaking (NPRM) setting forth and seeking comment on proposed rules to govern the privacy practices of broadband internet access service providers (BIAS providers).  Among other things, the NPRM outlines the FCC’s proposed rules for broadband privacy policies, the level of customer approval … Continue Reading

FCC Votes to Proceed With Broadband Privacy Proposal

At its open meeting today, the Federal Communications Commission (FCC) voted to proceed with a proposed rulemaking to regulate the privacy practices of broadband Internet Service Providers (ISPs).  The 3-2 vote was divided along party lines. Democratic Chairman Tom Wheeler, and Democratic Commissioners Jessica Rosenworcel and Mignon Clyburn voted in favor of the proposal.  Republican … Continue Reading

FTC Issues Warning Letters to App Developers Using Technology That Could Monitor What Users Watch on TV

Yesterday, the Federal Trade Commission (“FTC”) announced that it issued warning letters to mobile app developers that installed software created by an entity called Silverpush that could allow third parties to monitor the television-viewing habits of consumers who have downloaded the mobile apps of those developers.  The letters were sent to 12 developers whose apps … Continue Reading

FTC Settles With Lord & Taylor Over Native Advertisement and “Influencer” Promotion

By Megan Rodgers The FTC today announced that it reached a settlement with Lord & Taylor over a native advertisement and promotion that relied on social media “influencers” to promote a particular product. This was the first native advertising settlement reached by the FTC since it issued its Policy Statement on Native Advertising in December … Continue Reading

FCC Releases TCPA Enforcement Advisory Directed to Political Campaigns

Yesterday, the FCC released an Enforcement Advisory to remind political campaigns about their obligations under the Telephone Consumer Protection Act (“TCPA”).  The Advisory did not set forth any new rules for calls and texts; rather, it confirmed existing rules and reminded political campaigns that they are subject to them. The Advisory first confirmed that prerecorded … Continue Reading

FCC Releases Fact Sheet Regarding Privacy Proposal for Broadband ISPs

Today, the Federal Communications Commission (FCC) issued a fact sheet summarizing rules Chairman Tom Wheeler is proposing to regulate the privacy practices of broadband Internet Service Providers (ISPs).   Chairman Wheeler also will be circulating today to other FCC commissioners a draft Notice of Proposed Rulemaking (NPRM), which fully sets forth the proposed rules.  That NPRM … Continue Reading

EU-U.S. Privacy Shield Package Released

By Monika Kuschewsky and Vera Coughlan Today, the European Commission published the text of the new EU-U.S. Privacy Shield (see the Commission’s press release here), which consists of: a draft adequacy decision; the EU-U.S. Privacy Shield Framework Principles issued by the U.S. Department of Commerce; and the official representations and commitments contained in separate letters … Continue Reading

SAMHSA Proposes Changes to Confidentiality Rules

On Tuesday, February 9, the Substance Abuse and Mental Health Services Administration (SAMHSA) published a proposed rule to update regulations at 42 C.F.R. Part 2 that protect the confidentiality of alcohol and drug abuse patient records.  The regulations were originally promulgated in 1975 and last substantively updated in 1987.  SAMHSA intends for these updates to … Continue Reading

FTC Settles Deception and Unfairness Charges Against ASUS Over Router Security

The FTC has cautioned that a recent settlement holds lessons for companies involved in the Internet of Things.  The settlement, announced on Tuesday, was reached with  hardware manufacturer ASUS over concerns that its router products carried certain security vulnerabilities.  Notably, in addition to alleging that ASUS’s actions violated promises to consumers, the FTC alleged that … Continue Reading

“Right to Yelp” Bill Passes Maryland State House; Federal Bill Passed Senate in December

By Hannah Lepow Maryland is poised to become the second state in the country to ban businesses from contractually prohibiting customers from posting bad reviews online.  The Nondisparagement Clauses in Consumer Contracts bill passed the state House on February 19 by an overwhelming majority and now goes on to the state Senate. Maryland’s law substantially … Continue Reading

Commerce Releases Fact Sheet on the EU-U.S. Privacy Shield

As we reported yesterday, the United States and the European Commission have reached a political agreement on a new framework for transatlantic data flows, referred to as the EU-U.S. Privacy Shield.  The U.S. Department of Commerce (“Commerce”) released a fact sheet yesterday to coincide with the announcement of the agreement. The fact sheet includes a … Continue Reading

Article 29 Working Party Reacts to the U.S.-EU Privacy Shield Agreement

On February 3rd, the Article 29 Working Party, representing Europe’s data protection authorities, published its reaction to the announcement of a new “Privacy Shield” political agreement between the European Commission and the U.S. Government.  The Privacy Shield agreement, announced on February 2nd (and further described in our blog post here), is intended to replace the … Continue Reading

Agreement Reached on New EU-U.S. Safe Harbor: the EU-U.S. Privacy Shield

By Dan Cooper, Phil Bradley-Schmieg and Joseph Jones Today (February 2nd, 2016), the European Commission and U.S. Government reached political agreement on the new framework for transatlantic data flows.  The new framework – the EU-U.S. Privacy Shield – succeeds the EU-U.S. Safe Harbor framework (for more on the Court of Justice of the European Union … Continue Reading

Judge Denies Neiman’s Motion to Dismiss Data Breach Class Action

A federal judge in the Northern District of Illinois has denied Neiman Marcus Group LLC’s (“Neiman”) motion to dismiss a consumer class action lawsuit arising from a December 2013 data breach at the retailer that exposed about 350,000 credit cards.  As we previously reported, the plaintiffs sued Neiman alleging various claims arising from fraudulent charges … Continue Reading

Senate Committee Passes Judicial Redress Act, May Assist Safe Harbor Negotiations

The Senate Judiciary Committee today successfully reported H.R. 1428, the Judicial Redress Act of 2015.  However, the bill included an amendment to the House-passed version that has the potential to influence current negotiations between the United States and the European Union to reach a new Safe Harbor agreement. As we previously reported, the Judicial Redress … Continue Reading

Senators Introduce Bill Requiring Cybersecurity Expertise Reports to SEC

On December 17, 2015, Senators Reed (D-RI) and Collins (R-ME) introduced the Cybersecurity Disclosure Act of 2015 (S. 2410), which has been referred to the Committee on Banking, Housing, and Urban Affairs.  According to the press release accompanying the bill, it “seeks to strengthen and prioritize cybersecurity at publicly traded companies by encouraging the disclosure … Continue Reading
LexBlog