Category Archives: Online Privacy

Smart Television Manufacturer Settles by Paying $ 2.2 Million to the FTC and the State of New Jersey

Written by
The FTC and the State of New Jersey recently announced a settlement with Vizio, Inc., in the amount of $2.2 million for tracking consumer behavior using its smart television devices. The complaint alleged that Vizio acted unfairly by collecting, storing (indefinitely) and sharing consumer data with third parties without consent and in an unexpected manner. Further, the complaint alleged that Vizio had misrepresented the functionality of the feature in their smart televisions that collected such data (also known as “Smart Interactivity”). It was also alleged that these practices were an unconscionable [...] Read more

ECJ Declares IP Addresses are Personal Data

Written by
Today, the European Court of Justice (ECJ) issued its long-awaited decision in Breyer v. Germany.  Breyer addresses the question of whether IP addresses are “personal data” for purposes of EU data protection law.  As is widely known, personal data is any information that would permit a particular individual to be identified, whether directly or in combination with other information.  Until the present, there has been widespread agreement that static IP addresses are personal data.  In contrast, there has been little agreement on whether dynamic IP addresses constitute personal data.  While [...] Read more

Supreme Court Denies Cert in Leading Case on Internet Tracking and Analytics

Written by
The Supreme Court recently declined to review In re Google Inc. Cookie Placement Consumer Privacy Litigation—a consolidated class action alleging that Google and third-party advertisers evaded web browser privacy settings, causing cookies to be placed on plaintiffs’ computers. 806 F.3d 125 (3d Cir. 2015), cert. denied sub nom. Gourley v. Google, Inc., 84 U.S.L.W. 3531 (U.S. Oct. 3, 2016) (No. 15-1141). Given the Court’s denial of review, significant questions remain regarding the applicability of the Wiretap Act to internet communications. The Third Circuit’s opinion offers guidance [...] Read more

FTC Issues Warning Letters to 28 Companies Claiming Participation in the APEC CBPR System

Written by
On July 14, 2016, the Federal Trade Commission (FTC) announced that it had issued warning letters to 28 companies regarding their claim of participation in the Asia Pacific Economic Cooperation Cross Border Privacy Rule (APEC CBPR) system.  The APEC CBPR system is a voluntary, enforceable mechanism that certifies a company’s compliance with the principles in the APEC CBPR and facilitates privacy-respecting transfers of data among APEC member economies.  The warning letter states the FTC’s records do not indicate these companies have taken the requisite steps to be able to claim participation [...] Read more

Art. 29 Working Party Issues Formal Opinion Opposing Privacy Shield

Written by
Several hours after holding a closely-watched press conference we reported on yesterday, the Article 29 Working Party (“Art. 29 WP”) released its highly anticipated formal opinion on the adequacy of Privacy Shield. Background The European Commission has put forth a draft “adequacy decision” in which it declares that on the basis of Privacy Shield, the United States offers data protection that is essentially equivalent to that offered in the EU.  If adopted, this adequacy decision would permit data transfers to US companies that agree to abide by the Privacy Shield principles.  The [...] Read more

Art. 29 Working Party Announces it Will Not Support Privacy Shield at Press Conference

Written by
Early this afternoon, the Article 29 Working Party (“Art. 29 WP”) held a press conference at which it presented its forthcoming opinion on the adequacy of the US-EU Privacy Shield. As background, the European Commission has put forth a draft “adequacy decision” in which it declares that on the basis of Privacy Shield, the United States offers data protection that is essentially equivalent to that offered in the EU.  Such an adequacy decision would permit data transfers to US companies that agree to abide by the Privacy Shield principles.  However, an important part of the approval [...] Read more

EU Council Issues New Consolidated GDPR and Accelerates GDPR’s Legislative Timetable

Written by
Yesterday evening, the Council of Ministers issued a new consolidated version of the General Data Protection Regulation (GDPR).  This is the first “clean” version of the GDPR that (a) incorporates all revisions agreed upon from the time of the Commission’s original 2012 proposal to the December 2015 trilogue compromise text; and (b) numbers individual provisions as can be anticipated in the final adopted version of the GDPR.  The new consolidated text can be accessed here. The new GDPR text follows closely on the heels of the Council accelerating the timetable for the GDPR’s passage.  [...] Read more

FTC Updates IdentityTheft.gov Website

Written by
The Federal Trade Commission (FTC) has announced updates to the IdentityTheft.gov website aimed at making the site more useful to victims of identity theft. The changes will enable consumers to quickly file complaints and develop a personalized recovery plan after answering a number of questions on the site. “Our hope is that this is going to make it much easier for consumers to start on their road to recovery,” FTC Chairwoman Edith Ramirez said during a news conference revealing the changes. “Having one easy set of steps to understand what [the recovery process] entails and getting a [...] Read more

Civil Liberties Organizations Call on FCC To Regulate Broadband Privacy

Written by
In a letter to the Federal Communications Commission (FCC) made public on January 20, 2016, sixty civil liberties organizations, including the ACLU and the Electronic Frontier Foundation, called on the FCC to use its authority to issue new privacy rules for broadband providers. The letter cites the FCC’s reclassification of broadband as a Title II common carrier service as providing the FCC with authority to issue privacy rules for broadband carriers. In addition, the civil liberties organizations quoted a recent comment by Commissioner Julie Brill of the Federal Trade Commission (FTC) that [...] Read more

FTC PrivacyCon Event Examines Cutting-Edge Research and Current Policies Regarding Privacy and Data Security

Written by , and
The Federal Trade Commission held its PrivacyCon event, featuring nineteen presentations showcasing original research regarding important consumer privacy and security issues by leading academics from universities and think tanks from around the world. A full video recording of the webcast is available here. The conference took place in Washington on Jan. 14, 2016, and included discussion about the policy implications of the research being conducted with thought leaders from academia, research, consumer advocacy, and industry. FTC Commissioner Julie Brill succinctly outlined the top concerns [...] Read more