Archives: Data Privacy Law or Regulation

Subscribe to Data Privacy Law or Regulation RSS Feed

Caveat Venditor: FTC Amends Telemarketing Sales Rule to Enhance Anti-Fraud Protections and to Update and Clarify Several Key Provisions Relating to the National Do Not Call Registry

On November 18, 2015, the Federal Trade Commission (FTC) released a final rule setting forth a number of key amendments to its Telemarketing Sales Rule (TSR).  [FN1]  Specifically, in response to changes in the financial marketplace, the final rule prohibits the use of certain payment methods in telemarking.  In addition, and of likely much greater … Continue Reading

New State Privacy Regulation for Connected Televisions

California will become the first state in the nation to regulate information gathered by connected television manufactures through the televisions they sell. Assembly Bill No. 1116 (“AB 1116″) was signed into law by California Governor Jerry Brown on October 6, 2015 and will take effect January 1, 2016. There are three major provisions to AB … Continue Reading

Know your Privacy Policy and Practices: An Important Reminder Illustrated by Recent FTC Actions

The Federal Trade Commission’s (“FTC”) announcement last week of settlements with 13 separate companies for charges of falsely advertising certification with the U.S.-EU and/or U.S.-Swiss Safe Harbor Frameworks (“Safe Harbors”) – some of which never existed but several of which had simply lapsed – serves as a reminder that businesses should periodically and often review … Continue Reading

RadioShack Bankruptcy Case Highlights Value of Consumer Data

On Thursday, a bankruptcy judge granted final approval of the sale of RadioShack Corporation (“RadioShack”) assets to General Wireless Operations Inc. (“General Wireless”), which included customers’ personal information. In the order, the Delaware bankruptcy judge stated “ . . . no showing was made that the sale of personally identifiable information (the “PII”)(as defined in … Continue Reading

Courts Continue to Wrestle with Application of VPPA

Recent weeks have seen two notable federal court decisions involving the Video Privacy Protection Act (“VPPA”) since last week: In re Hulu Privacy Litigation, 3:11-CV-03764 (N.D. Cal. March 31, 2015) (“Hulu Privacy Litigation”) and Austin-Spearman v. AMC Network Entertainment LLC, 1:14-CV-06840 (S.D.N.Y. April 7, 2015) (“Austin-Spearman”). While the Hulu Privacy Litigation decision may establish an … Continue Reading

ALERT: Google’s Plan to Open Its Services to Children Could Spur Changes to COPPA Enforcement

Recent reports indicate that Google is developing a program that would allow children under the age of 13 to obtain accounts on Google services such as Gmail and YouTube.  The Wall Street Journal  recently reported that “Google is trying to establish a new system that lets parents set up accounts for their kids, control how … Continue Reading

Say What You Do and Do What You Say: Guidance for Privacy Policies, and for Life

Last Wednesday, California Attorney General Kamala Harris issued much anticipated guidance on public-facing privacy statements – “Making Your Privacy Practices Public” (the “Guidance”). The result of months of discussions with stakeholders, the recommendations are largely common sense.  They are “intended to encourage companies to craft privacy policy statements that address significant data collection and use … Continue Reading

Point of Sale Data Collection Litigation – An Overview and Future Directions

California and 14 other states plus the District of Columbia have laws that restrict the collection of personal information at the point of sale when payment is by credit card. Unfortunately for retailers, the scope of prohibited conduct under these laws is not always clear. Complicating matters further, these laws were generally enacted in the … Continue Reading

Let the Sunshine In: Failure to Post Contact Information on Website Does Not Violate California’s Shine the Light Law

On December 19, 2013, the California Court of Appeal joined several federal courts in holding that a plaintiff lacked standing to sue under California’s Shine the Light law, Civil Code sections 1798.83 and 1798.84 (the “STL”), when he failed to allege that he made, or attempted to make, a disclosure request under the law.  Importantly, the Court … Continue Reading


By Justine Young Gottshall And Damien Wint As we approach six months since the Federal Trade Commission’s (FTC) amendments to the Children’s Online Privacy Protection Act (COPPA) Rule, 16 C.F.R. Part 312 (the “Rule” or, as amended, the “Amended Rule”) became effective, it is essential that any website or online service that is not in … Continue Reading

The Internet of Things: FDA Releases Guidance on Securing Wireless Medical Devices — What Medical Device Manufacturers Should Know

FDA, responding to pressure to provide direction on wireless medical device security, has released guidance concerning the use of RF wireless technology in medical devices.  The Guidance contains FDA’s recommendations to wireless medical device manufacturers for securing these devices and complying with governing FDA regulations. Key takeaway:  FDA is now paying close attention to medical … Continue Reading

Governor Brown Ushers in a New Privacy Era in California and Beyond

Late Friday, Governor Jerry Brown of California signed into law the already infamous AB 370 as well as significant amendments to California’s existing breach notification laws via SB 46 and AB 1149.  These laws break new ground in the privacy legal landscape – and it will be interesting to see if other states follow suit, as they … Continue Reading

Is New Jersey Seeking to Become the New California When it comes to Privacy?

By way of a recent opinion of the New Jersey Supreme Court, New Jersey became the first state establishing a Constitutional right to cell-phone location information – thereby precluding law enforcement’s retrieval of such information without a warrant or exigent circumstances.   See State v. Earls, No. A-53-11, slip op., (NJ July 18, 2013) (unanimous opinion). … Continue Reading

Privacy and Civil Liberties Oversight Board will conduct a public hearing on July 9, 2013

Announced in a public notice published on August 28, 2013, the Privacy and Civil Liberties Oversight Board (“the Board”) will conduct a public hearing on July 9, 2013.  According to this notice, “invited experts, academics and advocacy organizations” will discuss “surveillance programs operated pursuant to Section 215 of the USA PATRIOT Act and Section 702 … Continue Reading

Georgia Supreme Court Holds That Gramm-Leach-Bliley Statutory Policy Statement Does Not Create Legal Duty Under State Negligence Law

The Georgia Supreme Court recently reversed a plaintiff’s state law claim for negligence against a bank premised upon an alleged Gramm-Leach-Bliley violation, concluding that the statutory provision used as the basis for the claim does not provide a legal duty under Georgia negligence law. Wells Fargo Bank, N.A. v. Jenkins, No. S12G1110, 2013 WL 2927096 … Continue Reading

California’s Right to Know Law Put on Hold

As reported by the LA Times, “a powerful coalition of technology companies and business lobbies, the California Chamber of Commerce, insurers, bankers and cable television companies as well as direct marketers and data brokers” were able to stop a California bill aimed at giving consumers greater insight as to the use of their personal data. … Continue Reading

Financial Correlation of Privacy Rights

As a firm focused on all evolving aspects of privacy law, InfoLawGroup is obviously often called upon to assist its clients with consumer privacy legal issues.  This post takes a detour towards privacy theory terrain and is prodded by a recent New York Times article.  In Letting Down Our Guard With Web Privacy, published on … Continue Reading

Defendant Not Entitled to “Delve Carte Blanche” Into Plaintiff’s Social Media Accounts

Keller v. National Farmers Union Property & Cas. Co., 2013 WL 27731 (D. Mont. January 2, 2013) A federal court in Montana has held that a plaintiff in an insurance dispute was protected from having to turn over all of her social media content to her litigation opponent. The court’s decision helps define the contours … Continue Reading

New Jersey Fast Tracks Employer Social Media Bill

New Jersey is ready to have the harshest law aimed at preventing employers from delving into the social media postings of employees.  In what is considered lightning speed for New Jersey legislative action, the New Jersey Assembly fast-tracked a bill in May that was approved in June by the Assembly 76-1 and by the Senate … Continue Reading

California Attorney General Sues Delta Air Lines for Failing to Have a Mobile App Privacy Policy

Keeping good on her threat from October, the California Attorney General has brought her first lawsuit over a company’s failure to include a privacy policy in its mobile app.  The suit, against Delta Air Lines, alleges a violation of the California Online Privacy Protection Act (“CalOPPA”), which requires operators of online services to make a … Continue Reading

Trick or Treat: California’s AG Notifies Nearly 100 Apps of Need for Privacy Policy

A few weeks ago, many of us took note when California’s Attorney General Kamala Harris used Twitter to note that United Airlines’ new mobile app did not include a privacy policy:  “Fabulous app, @United Airlines, but where is your app’s #privacy policy?” It may have been “just a tweet” at the time, but Harris clearly means … Continue Reading

Companies Must Consider Their Travel Providers’ Data Practices, or Risk Being Harmed

InfoLawGroup Counsel Andrew L. Hoffman contributed to this post. A recent article highlights the importance and the challenges of maintaining the confidentiality of corporate travel information.  Inappropriate disclosure of this type of data may significantly harm companies’ interests, including by compromising their ability to negotiate travel discounts, revealing sensitive details about business strategy, and … Continue Reading

GAO Study Gives Low Marks to Companies Regarding Transparency to Consumers of Use of Location Data

The Government Accountability Office (“GAO”) released a study in September, 2012 analyzing the collection, use and disclosure practices of fourteen companies operating in the mobile field regarding location data collected from consumers.  In the absence of laws or regulations regarding the collection of location data specifically, the GAO compared the policies of the fourteen companies to … Continue Reading