Category Archives: Privacy and Information Security

Subscribe to Privacy and Information Security RSS Feed

Ad Law News and Views Newsletter

http://ecomms.kelleydrye.com/rv/ff002e6c28b5920e40180549f84cb2de5ebc7e88Did you know Kelley Drye’s Advertising Law practice produces a newsletter, Ad Law News and Views, every two weeks to help you stay current on ad law and privacy matters? Click here to access our Publication Sign Up and select Advertising and Marketing to subscribe. Find contents from the latest issue below: Click here to view with … Continue Reading

Smart TV Manufacturer “Smarting” after $2.2 Million Privacy Enforcement

This week, the FTC announced a settlement with VIZIO, Inc., one of the world’s largest manufacturers of “smart” TVs.  The settlement, also with the Office of the New Jersey Attorney General, arises from claims by regulators that VIZIO installed software that collected viewing data for 11 million consumer TVs without consent.  The $2.2 million settlement … Continue Reading

EU Data Protection Authority Issues GDPR Action Plan, Swiss Sign Privacy Deal with U.S.

Flag_of_Europe_svgOn January 16, 2017, the Article 29 Working Party (“Working Party”)—the EU’s central data protection advisory board—published a press release regarding its Action Plan for 2017, which was adopted as part of its wider implementation strategy for the General Data Protection Regulation (“GDPR”).  The Action Plan follows up on the actions initiated in 2016 and … Continue Reading

New FTC Acting Chair Maureen Ohlhausen Offers Insight into Consumer Protection Priorities

OLYMPUS DIGITAL CAMERAJust over one week after being named acting chair of the Federal Trade Commission (FTC), Maureen Ohlhausen delivered the keynote address at the American Bar Association’s biennial Consumer Protection Conference in Atlanta on February 2. During her remarks, acting chair Ohlhausen offered insight into consumer protection priorities during her tenure as acting chair. First, acting … Continue Reading

Announcing the Advertising and Privacy Law Webinar Series

Webinar SeriesPlease join Kelley Drye in 2017 for the Advertising and Privacy Law Webinar Series. Like our annual in-person event, this series will provide engaging speakers with extensive experience and knowledge in the fields of advertising, privacy, and consumer protection. These webinars will give key updates and provide practical tips to address issues faced by counsel. … Continue Reading

FTC Chairwoman Ramirez Announces Resignation Effective February 10

Federal Trade Commission Chairwoman Edith Ramirez announced today that she will resign her position effective February 10, leaving the Commission with three vacancies and just two remaining commissioners.  Chairwoman Ramirez has been a commissioner since April 5, 2010 and became Chairwoman on March 4, 2013. In announcing her resignation, she remarked: “It has been the … Continue Reading

May Old Memoranda Be Forgot: White House Issues New Memorandum on Breach Response Plan

The White House Office of Management and Budget (“OMB”) marked the beginning of the 2017 Federal calendar year by issuing a memorandum to all agency and department heads with new guidance on breach preparation and response. While the guidance is not directed to the business sector, it is instructive for corporate counsel as it complements … Continue Reading

FTC Files Lawsuit Against Taiwanese Manufacturer for Alleged Lax Security in Wireless Routers and Cameras and Related Marketing Claims

150px-US-FederalTradeCommission-Seal_svgThe Federal Trade Commission has filed a lawsuit in federal court claiming that a networking equipment manufacturer engaged in unfair and deceptive acts, exposing thousands of consumers to the risk of cyberattack from vulnerable wireless routers and internet cameras. The complaint against Taiwan-based networking equipment manufacturer D-Link Corporation and its U.S. subsidiary D-Link Systems alleges … Continue Reading

One Less (Regulator) Affair for AshleyMadison.com: Site Operators Agree to Settle U.S. Charges Stemming from 2015 Breach

Remember the 2015 AshleyMadison.com data breach, where hackers gained access to the personal information of about 36 million users from over 46 countries, and threatened and carried through on their promise to release the information to the public? This highly publicized incident has resulted in a $1.6 million settlement between operators of the dating website … Continue Reading

FTC Settles with Turn Over Alleged Privacy Policy Misrepresentations

On Wednesday, the FTC announced that Turn, a California-based ad-tech firm, agreed to settle charges that it misrepresented its consumer tracking practices to Verizon Wireless customers. According to the FTC, such customers could not delete or turn off advertising identifiers because Turn synced multiple identifiers without reconciling user preferences or express user requests to delete … Continue Reading

Homeland Security Issues IoT Guidance for Businesses

The Department of Homeland Security (DHS) has published non-binding principles and best practices to help businesses work through key Internet-of-Things (IoT) security issues.   Entitled “Strategic Principles for Securing the Internet of Things (IoT), Version 1.0,” the principles seek to provide stakeholders with tools to account for security as they develop, manufacture, implement, or use network-connected … Continue Reading

Lessons from Adobe’s State AG Data Breach Settlement

Last month, several state Attorneys General announced a $1M settlement with Adobe Systems, Inc. in connection with a 2013 data incident involving the personal information of roughly 534,000 consumers. The 15 Attorneys General alleged that the software vendor failed to provide reasonable security safeguards, an allegation Adobe denied in the settlement agreement executed by the … Continue Reading

For Better or Worse: Privacy Shield Challenges and (Actions for) Annulments

Over the course of the past two months, three privacy groups in France and one in Ireland filed separate actions for annulment with the European Court of Justice seeking the invalidation of the EU-U.S. Privacy Shield Framework. The Privacy Shield honeymoon phase appears to be over, and the first year of the transatlantic relationship may … Continue Reading

School’s in Session for the Ed Tech Industry: California AG Gives Lessons on Student Data Safeguards

On Wednesday, California’s Attorney General released a report with recommendations for the education technology (“Ed Tech”) industry, a multi-billion dollar industry that is transforming learning as we know it. The Ed Tech industry has the potential to greatly enhance the student learning experience through data management systems and tools that support educators and provide personalized … Continue Reading

FCC Votes to Impose Aggressive New Privacy Rules on Broadband Providers

At the Federal Communications Commission’s (“FCC”) Open Meeting on October 27, the Commission voted along party lines (3-2) to impose more stringent rules on broadband Internet service providers (“ISPs”). Chairman Tom Wheeler, along with Commissioners Rosenworcel and Clyburn voted in favor of the item, while Commissioners Pai and O’Rielly voted against it. The new rules … Continue Reading

FTC Releases New Data Response Breach Guide For Businesses

The Federal Trade Commission released a new guide for businesses on data breach response yesterday along with a three-minute video summary. The 14-page guide highlights the immediate steps a business should take when responding to a data breach incident. As a bonus, the guidance also offers a model breach notification letter and encourages businesses to … Continue Reading

California Helps Consumers Crowdsource Privacy Policy Violations

California Attorney General Kamala Harris announced yesterday that her office has rolled out a new online form to help consumers report companies who violate California’s Online Privacy Protection Act (CalOPPA). Under the California law, a website, app or online service must have a CalOPPA compliant privacy policy that is accessible to the consumer. Moreover, these … Continue Reading

Vermont Settles with B2B Software Developer over Security Practices

Yesterday, the Vermont Attorney General announced a settlement with business-to-business software developer Entrinsik, Inc., resolving allegations that the company’s Informer program violated Vermont law, including the law placing restrictions on the use and disposal of data containing Social Security numbers. The Informer program is used by businesses, including seven colleges in Vermont, to analyze and … Continue Reading

FCC Chairman Outlines Proposal for New Broadband Privacy Rules

On October 6, 2016, Federal Communications Commission (FCC or Commission) Chairman Tom Wheeler published a blog entry on the Commission’s website outlining proposed privacy rules for broadband Internet Service Providers (ISPs). The proposed rules are scheduled to be considered by the full Commission at its monthly meeting on October 27, 2016. These rules come after … Continue Reading

Protected: 2016 Advertising and Privacy Law Summit Attendee Follow up

There is no excerpt because this is a protected post.

Senate Commerce Committee Members Air Laundry List of Pressing Issues Including Privacy, Data Security, and FTC Enforcement

On September 27th, the Senate Committee on Commerce, Science, and Transportation held a general oversight hearing of the FTC, which covered a multitude of major policy issues and included testimony from Chairwoman Edith Ramirez, Commissioner Maureen Ohlhausen, and Commissioner Terrell McSweeny.  Chairman John Thune (R-SD) convened the hearing, joined by Senator Richard Blumenthal (D-CT) who … Continue Reading

“Follow the Lead” Recap: FTC Summarizes Takeaways from Workshop on Lead Generation

The FTC released last week a paper summarizing and reflecting on its October 30, 2015 public workshop, “Follow the Lead,” which we previously discussed here and focused on lead generation practices and related privacy and consumer protection issues.  The paper expands upon many of the same principles addressed at the workshop, including how lead generation … Continue Reading

Adding Insult to Injury: Is There Coverage for a Data Breach or Hacking Event that Causes Physical Damage?

In an article published in the Bloomberg BNA Privacy and Security Law Report, Kelley Drye senior associate Ken Kronstadt analyzes the insurance coverage landscape for physical damage that results from a data breach or hacking event. Internet-connected devices have become increasingly prevalent, and there is no sign that this trend is slowing.  However, this soaring … Continue Reading

This Week in Privacy Shield Developments

It’s been another exciting week of developments for U.S. companies on the EU data transfer front. From the first company to indicate that it will certify under Privacy Shield, to the first European Data Protection Authority (DPA) to suggest that it would like to challenge the validity of the new framework, here are this week’s … Continue Reading
LexBlog