Manno v. Healthcare Revenue Recovery Group, No. 11-61357 (S.D. Fla.) (Mar. 26, 2013)
Judge Scola. Granting class certification.
Individual consent issues often derail putative TCPA classes. Not this one (at least not yet).
The plaintiff gave his cellphone number to a hospital as part of his admission to the emergency room. Later, when the plaintiff failed to pay for the ER visit, Healthcare Recovery Group (the hospital’s debt collector) called him to try to recover the debt. He sued Healthcare Recovery under the TCPA (and other statutes), contending that the debt collector illegally used an autodialer and pre-recorded message to make the call.
Judge Scola rejected Healthcare Recovery’s argument that consent was an individualized issue. According to the court, discovery had shown that the lion’s share of proposed class members had no contact with Healthcare Recovery before the allegedly illegal calls (and thus had no chance to consent to those calls).
Written by David Carpenter, Senior Associate, Litigation & Trial Practice, Brian Boone, Senior Associate, Litigation & Trial Practice and Dave Venderbush, Counsel, Products Liability | Alston & Bird LLP
|
Quesada v. Banc of America Investment Services, No. 11-cv-01703 (N.D. Cal.) (Feb. 19, 2013)
Judge Rogers. Denying class certification.
A California client of Merrill Lynch (successor-in-interest to Banc of America Investment Services) sued the investment firm alleging that it violated California’s Invasion of Privacy Act by surreptitiously recording her conversations with Merrill employees. She sought to represent a class of other taped customers.
Judge Rogers denied class certification because there was no common evidence of lack of consent to the taping.
Written by David Carpenter, Senior Associate, Litigation & Trial Practice, Brian Boone, Senior Associate, Litigation & Trial Practice and Dave Venderbush, Counsel, Products Liability | Alston & Bird LLP
|
Jamison v. First Credit Services, Inc., No. 12 C 4415 (N.D. Ill.) (Mar. 28, 2013)
Judge Kendall. Denying class certification.
A Honda customer sued First Credit Services (Honda’s debt collection firm) under the Telephone Consumer Protection Act alleging that First Credit obtained his cellphone number illegally through “skip-tracing” (a fancy term for investigative research). The plaintiff sought to represent a class of Honda owners who had received similar unsolicited calls from First Credit.
Judge Kendall denied class certification. Recognizing that First Credit couldn’t be liable under the TCPA if a customer had consented to receiving phone calls, the court concluded that individualized issues of consent (or lack thereof) forestalled class certification.
Written by David Carpenter, Senior Associate, Litigation & Trial Practice, Brian Boone, Senior Associate, Litigation & Trial Practice and Dave Venderbush, Counsel, Products Liability | Alston & Bird LLP
|
Harris v. comScore, Inc., No. 11 C 5807 (N.D. Ill.) (Apr. 2, 2013)
Judge Holderman. Granting class certification in part.
Everybody shops on the Internet these days. comScore developed software that tracks consumers’ online behavior. Consumers download the software in exchange for incentives like free third-party software. Each person who downloads comScore’s software agrees (through an electronic click-wrap agreement) to permit comScore to monitor their Internet behavior.
Read More
|
Eric Shimp, a Policy Advisor at Alston & Bird, recently published “Data Protection: Data privacy in the Transatlantic Trade agreement? US-EU ponder the way forward” in the most recent version of the BEERG Global Labor Newsletter.
As the US approaches the launch of negotiations toward a free trade agreement with the European Union, data privacy is emerging as a divisive issue. Disagreements over policy, between the US government and industry, and even among various EU member governments and Brussels, promise for a rocky negotiation ahead. To view a full version of the article, please click here.
Written by Privacy & Data Security Team | Alston & Bird LLP
|
Today the House voted 288-127 to pass the Cyber Intelligence Sharing and Protection Act (CISPA), H.R. 624. The bill passed by a wider margin than last Congress, with 92 Democrats voting in favor of H.R. 624. Several amendments regarding privacy concerns were adopted. Ranking Member Dutch Ruppersberger (D-MD) stated after the vote “CISPA recognizes that you can’t have true security without privacy, and you can’t have privacy without security. This bill effectively works to protect both.”
Read More
|
Yesterday afternoon the House Permanent Select Committee on Intelligence marked up H.R. 624, the Cyber Intelligence Sharing and Protection Act (CISPA), which was introduced in February. The bill passed the Committee by a vote of 18-2 after the approval of six amendments.
Ranking Member Dutch Ruppersberger (D-MD) praised the “collaborative effort” on improving privacy and civil liberties, while Chairman Mike Rogers (R-MI) noted the amended bill will help American businesses protect their networks from “cyber looters” while improving the cybersecurity marketplace, and without imposing unfunded mandates or additional federal regulation on the private sector.
Written by Jeff Sural, Counsel, Legislative & Public Policy, Privacy & Data Security | Alston & Bird LLP
|
The United States and the European Union announced in February their intent to launch negotiations this year on a far-reaching trade and investment partnership agreement. Negotiations on the treaty, known as “TTIP”, should commence in June following a Congressional and public consultation period in the United States, and a parallel process in the EU whereby the European Commission will obtain a formal mandate from the 27 EU member states. Differences in data privacy and protection between the US and EU have already arisen as an issue of contention as governments labor to construct a bilateral negotiating agenda.
Senior U.S. officials, including outgoing U.S. Trade Representative Ron Kirk and Deputy National Security Adviser Michael Froman have both commented publicly that rules on cross-border data flows should be up for negotiation in the TTIP, responding to interest from US industry to liberalize data flows not only across the Atlantic Ocean, but also between various EU member state markets.
Read More
|
The FTC recently released an update to its 2000 report, “Dot Com Disclosures” offering further guidance on effective disclosures for advertising in digital media.
The FTC instructed advertisers to adopt the perspective of a reasonable consumer, and should assume consumers do not read the entire website or screen, just as they don’t read every word on a printed page. Under the new guidance, the required disclosures need to be clear and conspicuous across all devices and platforms. The following is a highlight of some of the guidance provided in the comprehensive report.
Read More
|
The European Community’s Article 29 Working Party has just published an opinion on smartphone apps that discusses the obligations of app developers and all other parties involved in the development and distribution of apps under European data protection law. Among the Working Party’s recommendations is that free and informed consent of end users is essential for compliance with such law.
Read More
|
February 23, 2013 | Posted by Security Incident Management & Response Team | Topic(s): Cybersecurity, Privacy
Kim Peretti, co-lead of the Security Incident Management & Response Team, appeared on MSNBC’s UP w/ Chris Hayes on February 23, 2013, joining in a debate on cyberwarfare and cybersecurity.
Click here to view the video.
Written by Security Incident Management & Response Team | Alston & Bird LLP
|
A California State Assembly Member has proposed legislation that would require online privacy policies to be no more than 100 words, be written in clear and concise language, be written at no greater than an 8th grade reading level, and to include a statement indicating whether the personally identifiable information may be sold or shared with others, and if so, how and with whom the information may be shared. California A.B. 242 was introduced by Assemblyman Ed Chau on February 6 and would amend the California Online Privacy Protection Act (Cal. Bus. and Prof. Code § 22575) with the new requirements. The bill has not yet been referred to a committee, but likely will be within the next few weeks. Assemblyman Chau was recently named Chair of the Assembly Select Committee on Privacy.
The amendments would not change the existing provisions of the statute, which requires operators of commercial websites that collect personal information to “conspicuously” post privacy policies detailing the categories of personal information collected.
Written by Bruce Sarkisian, Associate, Technology, Privacy & IP Transactions | Alston & Bird LLP
|
House Intelligence Committee Chairman Mike Rogers (R-MI) and Ranking Member Dutch Ruppersberger (D-MD) re-introduced the Cyber Intelligence Sharing and Protection Act (CISPA) this morning. The bill has been numbered H.R. 624.
In their press release, Chairman Rogers and Ranking Member Ruppersberger confirmed that this bill is identical to the version that the full House of Representatives approved by a bipartisan vote of 248-168 on April 26, 2012. The bill sponsors also noted that CISPA had 112 bipartisan cosponsors last Congress. As with all pending legislation in Congress, the start of the 113th Congress last month required the bill sponsors to reintroduce the bill in order to begin the Congressional consideration process again this session.
Read More
|
Last evening, President Obama announced in his televised State of the Union Address to Congress that he had signed an Executive Order earlier in the day to direct federal departments and agencies to adopt and implement new cybersecurity initiatives for the purpose of protecting our nation’s critical infrastructure. A legislative response from Congress is anticipated as early as today and we will provide subsequent updates. Please see our Cyber Alert for additional information on the Executive Order in the format of responses to frequently asked questions. Additionally, the White House issued a Presidential Policy Directive (PPD) on Critical Infrastructure Security and Resilience (which updates HSPD 7) to complement the Order. The press release on the Order and a fact sheet on the new PPD are linked below:
- White House Cybersecurity Executive Order - Press Release
- White House Cybersecurity Presidential Policy Directive - Fact Sheet
Written by Paul Martino and Todd McClelland, Partners, Security Incident Management & Response Team| Alston & Bird LLP
|
On January 14, 2013, Singapore passed an amendment to the Computer Misuse Act (now renamed the Computer Misuse and Cybersecurity Act), which provided the government with additional authorities to prevent, detect and counter cyber attacks on critical infrastructure. Key aspects of this law include the ability of the government to direct a person or organization to take specific steps – including exercising certain powers under the criminal procedure code -- with respect to preventing, detecting, or countering a cyber threat where the threat relates to certain types of critical infrastructure. Such broad authority could encompass directing companies to conduct “pre-emptive” strikes or other measures prior to the onset of an imminent cyber attack. Importantly, the law confers immunity from any civil or criminal liability resulting from fulfilling an obligation under the law, but also provides for criminal penalties for failing to comply.
Read More
|
Last week the United States Court of Appeals for the Fourth Circuit halted an attempt by three individuals involved in the ongoing WikiLeaks investigation to make information about the investigation public. Specifically, the three users sought to unseal the prosecution’s request for a court order requiring Twitter to disclose certain user account information, including the three user’s personal identifying information and account information, as well as all messages they sent and received using the service. The prosecution’s request would have included its reasoning behind why the government suspected the three user’s involvement, and may have included information regarding how the investigation has been operating. The users also moved to unseal any other orders that were issued to other companies demanding similar information be turned over to the government.
Read More
|
On January 23, Alston & Bird and KPMG co-hosted a seminar entitled, “Cyber Security and Breach Response: What Board Members and Executive Leadership Need to Know” on the topic of cyber risks and how public company boards can best prepare themselves for a security breach situation and respond optimally, should one occur. This program provided board members, executive leadership and their direct advisors valuable insights into one of the largest threats facing public companies today. Greg Bell from KPMG, along with Jim Harvey and John Latham from Alston & Bird, covered the following topics and more:
- Today’s increased threat environment and why it is a top boardroom issue
- Critical considerations in the event of a breach
- Preparedness and how cyber breaches differ from other risks
You may listen to a recording of this seminar by visiting Cyber Security and Breach Response Seminar.
Written by Security Incident Management & Response Team | Alston & Bird LLP
|
On October 15, 2012, the Singapore Parliament passed the Bill for the Personal Data Protection Act 2012. The enactment of this Act is a fundamental shift in Singapore's approach to data protection, away from the current sectoral approach to a more European-like general data protection approach. The Act aims to establish a framework for personal data protection, by including recognized data protection concepts such as consent, withdrawal, notification of purpose, and access to and correction of personal data.
Read More
|
The Office of the Comptroller of the Currency (OCC), an independent bureau of the U.S. Department of the Treasury, recently released an alert to CEOs of all national banks, federal branches and agencies, and associated interested parties, calling for a heightened sense of awareness and offering risk mitigation information in response to a series of sophisticated DDoS attacks.
Read More
|
Last evening, the Senate Judiciary Committee approved by voice vote a location privacy bill -- S. 1223, the Location Privacy Protection Act -- sponsored by Senator Al Franken (D-MN) and cosponsored by four other Democratic members of the committee. In his remarks before the vote, Senator Franken stated that “companies that collect our location information are not protecting it the way they should.”
Read More
|
|