Archives: United States

Subscribe to United States RSS Feed

FCC Seeking Comment on Key TCPA Reform Issues in Wake of DC Circuit Ruling

By Melanie Ramey Yesterday, the Federal Communications Commission (“FCC”) released a Public Notice seeking comment on a range of issues relevant to its interpretation of the Telephone Consumer Protection Act (“TCPA”), including how the FCC should interpret what constitutes an “automatic telephone dialing system” in the wake of a recent decision by the U.S. Court … Continue Reading

Covington IoT Update: U.S. Legislative Roundup on IoT

As policymakers weigh the many policy implications associated with the Internet of Things (“IoT”), U.S. lawmakers have put forward a variety of proposals for studying—and regulating—IoT devices.  Although the likelihood of current proposals becoming law this term remain uncertain at best, existing legislative proposals provide important context and insight into the ways that lawmakers view … Continue Reading

Virginia Supreme Court Holds that Police License Plate Readers Collect Personal Information

By Katie Bies The Virginia Supreme Court held that license plate images taken by law enforcement agencies constitute “personal information,” reviving a challenge to the police storage of license plate data. Automatic license plate readers (“ALPRs”) are used by police departments across the country to take thousands of photos of license plates per hour.  Officers … Continue Reading

Mobile Phone Manufacturer Settles with FTC Over Allegations that Its Vendor Collected Personal Data without Consent

By Melanie Ramey Mobile phone manufacturer BLU Products, Inc. entered into a settlement agreement with the FTC last week to resolve allegations that one of BLU’s China-based vendors collected personal information about its consumers without proper consent. The settlement agreement, which took the form of a consent order, applies not only to BLU but also … Continue Reading

4th Circuit Affirms Dismissal of TCPA Suit Based on ‘Derivative Sovereign Immunity’

Earlier this week, the Fourth Circuit Court of Appeals affirmed a lower court decision to dismiss a Telephone Consumer Protection Act (“TCPA”) lawsuit against General Dynamics Information Technology, Inc. (“GDIT”), on the basis that GDIT was immune from suit as a government contractor under what is known as the “Yearsley doctrine.”  Craig Cunningham v. GDIT, … Continue Reading

Senators Klobuchar and Kennedy Introduce Privacy Legislation

On April 24, 2018, Senators Amy Klobuchar (D-MN) and John Kennedy (R-LA) introduced the Social Media Privacy and Consumer Rights Act of 2018.  The bill aims to protect consumers’ online data by increasing the transparency of data collection and tracking practices, and requiring companies to notify consumers of a privacy violation within 72 hours. “Our … Continue Reading

Government’s Response to Malware Defendant’s Constitutional Challenge Falls Short

Last summer, Marcus Hutchins, the security researcher who stopped the “WannaCry” malware attack, was arrested and charged for his role in allegedly creating and conspiring to sell a different piece of malware, known as Kronos.  As we have previously discussed on this blog, however, the indictment was notable for its lack of allegations connecting Hutchins … Continue Reading

Senate Democrats Propose CONSENT Act

By Alyson Sandler On April 10, Senators Richard Blumenthal (D-CT) and Ed Markey (D-MA) introduced new privacy legislation titled the Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act.  In a statement published on his website, Senator Markey referred to the legislation as a “privacy bill of rights” and explained that “[t]he avalanche of … Continue Reading

South Dakota Breach Notification Law Breaks New Ground

[This article was originally published in Law360] Last week, South Dakota became the 49th U.S. state to enact a data breach notification law with the passage of S.B. 62, which sets forth requirements for notifying state residents, the state attorney general, and major consumer reporting agencies in the event of a breach. The law, which … Continue Reading

CLOUD Act Creates New Framework for Cross-Border Data Access

On March 23, 2018, Congress passed, and President Trump signed into law, the Clarifying Lawful Overseas Use of Data (“CLOUD”) Act, which creates a new framework for government access to data held by technology companies worldwide. The CLOUD Act, enacted as part of the Consolidated Appropriations Act, has two components. Part I:  Extraterritorial Reach of … Continue Reading

D.C. Circuit Rejects Portions of FCC Decision Interpreting Key TCPA Terms

The U.S. Court of Appeals for the D.C. Circuit on Friday issued a long-awaited ruling in a lawsuit challenging the Federal Communications Commission’s interpretations of key terms under the Telephone Consumer Protection Act of 1991 (“TCPA”), holding that the FCC in 2015 had adopted an unreasonably broad definition of the type of calling equipment subject … Continue Reading

FTC Grants Sears’ Petition to Reopen and Modify Consent Order Based on Changed Conditions of Fact

This week, the Federal Trade Commission (“FTC”) granted Sears Holdings Management’s (“Sears”) petition to reopen and modify a 2009 consent order regarding the tracking of personal information on Sears’ software apps.  We analyzed Sears’ petition last fall, which sought to modify the definition of “tracking application,” which triggered heightened notice and consent requirements under the … Continue Reading

FTC Issues Report on Mobile Device Security Updates

On February 28, 2018, the Federal Trade Commission (“FTC”) issued a report discussing security updates for mobile devices.  The report stems from information the FTC collected from eight mobile device manufacturers — Apple, Blackberry, Google, HTC, LG, Microsoft, Motorola, and Samsung — and from information the Federal Communications Commission (“FCC”) collected from mobile carriers in … Continue Reading

Future of Privacy Forum: Privacy Papers for Policymakers 2018

On the heels of the Federal Trade Commission’s (“FTC”) third annual “PrivacyCon,” the Future of Privacy Forum hosted its eighth annual “Privacy Papers for Policymakers” event on Capitol Hill—a gathering in which academics present their original scholarly works on privacy-related topics to D.C. policy wonks who may have a hand in shaping laws and regulations … Continue Reading

Ninth Circuit Decision Provides Critical Win to FTC in its Authority over Internet Service Providers

In a ruling with implications for both net neutrality and privacy, the Ninth Circuit ruled en banc today that the common carrier exemption in Section 5 of the FTC Act is activity-based, reversing a 2016 panel ruling that the exemption was status-based.  Today’s decision bolsters the FTC’s authority to bring consumer protection (including privacy) and … Continue Reading

FTC Enters Into COPPA Settlement With Online Talent Search Company

On Monday, the Federal Trade Commission (FTC) entered into a settlement with Nevada-based Prime Sites, Inc., doing business as Explore Talent, related to charges that Explore Talent violated the Children’s Online Privacy Protection Act (COPPA).  Explore Talent, an online talent search company, will pay $235,000 in civil penalties. According to the FTC’s complaint, Explore Talent … Continue Reading

President Trump Nominates Four New Commissioners to FTC

Last week, President Trump nominated four new commissioners to the Federal Trade Commission (“FTC”):  Joseph J. Simons, an antitrust attorney, as Chairman; Noah Joshua Phillips, chief counsel for Senate Majority Whip John Cornyn (R-Texas), for the second Republican seat; Christine Wilson, an executive for Delta Air Lines, for the third Republican seat; and Rohit Chopra, … Continue Reading

FTC Releases 2017 Privacy and Data Security Report

On January 18, the Federal Trade Commission released its annual Privacy and Data Security Update, highlighting its enforcement efforts in 2017.  The report discusses significant enforcement efforts in the areas of privacy, data security, credit reporting and financial privacy, international enforcement, children’s privacy, and telemarketing.  The report also highlights the FTC’s efforts in advocacy, rulemaking, guidance, … Continue Reading

House Passes Cyber Vulnerability Disclosure Reporting Act

On January 9, the House of Representatives passed the Cyber Vulnerability Disclosure Reporting Act by voice vote.  The Act directs the Secretary of the U.S. Department of Homeland Security (“DHS”) to prepare a report describing the policies and procedures that DHS developed to coordinate the cyber vulnerability disclosures.  Under the Homeland Security Act of 2002 … Continue Reading

CBP Revises Rules for Border Searches of Electronic Devices

Last week, U.S. Customs and Border Protection (“CBP”) released a revised Directive governing searches of electronic devices at the border.  These are the first official revisions CBP has made to its guidelines and procedures for devices since its 2009 Directive.  The new Directive is intended to reflect the evolution of technology over the intervening decade, … Continue Reading

A Year-End Thanks to Our Readers

As 2017 ends, all of us at InsidePrivacy are grateful for the attention and engagement of our readers.  This has been an excellent year for our blog, and we’d like to share with you some information about InsidePrivacy and its readers. First, there are more of you than ever — in fact, an 11% year-over-year … Continue Reading

FTC Hosts Workshop Highlighting Consumer, Industry, and Law Enforcement Perspectives on Informational Injury

On December 12, 2017, the Federal Trade Commission (“FTC”) hosted a workshop examining “informational injury,” defined by Acting Chairman Maureen Ohlhausen in her opening remarks as the harm consumers suffer due to privacy and data security breaches. Chairman Ohlhausen emphasized three main purposes for the workshop:  First, to better identify qualitatively different injuries; second, to … Continue Reading

English High Court Finds Supermarket Liable for Data Breach by Employee in First Successful Privacy Class Action

By Joseph Jones and Ruth Scoles Mitchell On December 1, 2017, the High Court of England and Wales found the fourth-largest supermarket chain in the UK, Wm Morrisons (“Morrisons”), vicariously liable for a data breach caused by the intentional criminal actions of one of its employees, namely the leaking of payroll information online. The breach … Continue Reading
LexBlog