Alysa Zeltzer Hutnik

Subscribe to all posts by Alysa Zeltzer Hutnik

Chairman Pai Set to Release Draft Net Neutrality Item

On November 21, 2017, FCC Chairman Ajit Pai issued a statement announcing that he had circulated his draft Restoring Internet Freedom Order to his fellow commissioners. The draft Order will largely undo the 2015 Open Internet Order and limit FCC jurisdiction over broadband Internet access services, although it appears that the order will retain a … Continue Reading

Will Your TV Watch You? FCC Green Lights Targeted Advertising in Next Gen TV Broadcasting Standard

Last week, the Federal Communications Commission (FCC), in a 3-2 vote, approved an order allowing “television broadcasters to use the ‘Next Generation’ broadcast television (Next Gen TV) transmission standard, also called ‘ATSC 3.0.’”  Described in the Order “as the world’s first Internet Protocol (IP)-based broadcast transmission platform,” the Next Gen TV standard is expected to … Continue Reading

Hilton Settles NY and VT State AG Investigation into 2015 Data Breach; Pays $700,000 Civil Penalty

New York Attorney General Eric T. Schneiderman and Vermont Attorney General TJ Donovan (“Attorneys General”) announced a settlement with Hilton Domestic Operating Company, Inc. (“Hilton”) resolving allegations that the company did not have reasonable data security practices in place and failed to provide timely notice after two security breaches involving payment card information. The settlement … Continue Reading

Congressional Override Offers Industry Reprieve from CFPB Arbitration Rule but Battles Ahead Still Likely

Last week, the Senate voted 51 to 50 (with Vice President Pence casting the tiebreaking vote) to override the Consumer Financial Protection Bureau’s Arbitration Rule, which was finalized earlier this year in July.  As previously discussed here and here, the Arbitration Rule would have prohibited providers of covered consumer financial products and services from using … Continue Reading

Will the FTC’s Deception Evidence Fall Short? Court to Rule in DirecTV Case

U.S. District Judge Haywood S. Gilliam Jr. said Friday that the court would pause the trial to consider whether the FTC presented sufficient evidence to support its allegations that DirecTV misled consumers by failing to adequately disclose the terms of its two-year subscription and introductory pricing offer.  The judge instructed attorneys for DirecTV to file … Continue Reading

Read This Before Scanning A Driver’s License In New Jersey

On October 1, 2017, a new law will take effect in New Jersey, the Personal Information and Privacy Protection Act (“PIPPA”), which will severely restrict retailers’ ability to “scan” any customer’s “identification card”–a term defined to mean “a driver’s license,” “probationary license,” “non-driver photo identification card,” or any similar card “issued…for purposes of identification.” Merely … Continue Reading

FTC Submits Comments on IoT Device Security to NTIA Working Group

On Monday, the FTC submitted comments to the draft National Telecommunications and Information Administration (NTIA) guidance intended to improve Internet of Things (IoT) device security and increase consumer transparency. While recognizing the benefits (and proliferation) of IoT devices, the Commission’s comments caution that such benefits can only be realized when device manufacturers both incorporate – … Continue Reading

Fallout from Target’s 2013 Data Breach includes an $18 Million Multistate AG Settlement

Target Corporation agreed to an $18.5 million settlement with 46 State Attorneys General and the Attorney General of the District of Columbia this week, resolving allegations that the company failed to provide reasonable data security to its customers, as demonstrated by the Target’s 2013 holiday data breach that affected more than 60 million customers. Background. … Continue Reading

Indiana Amends Telemarketing Law, Bringing New Disclosure Requirements and DNC Vicarious Liability

Last month, the Indiana Governor signed into law House Bill No. 1444, which amends Indiana’s “do not call” statute and extends liability beyond the telephone solicitor, to individuals or entities that “directly or indirectly control” the telephone solicitor. The amendments take effect July 1, 2017 and affect entities that target Indiana consumers via telephone solicitation, … Continue Reading

Judge Upholds FTC Staff Opinion that Avatar Calls are Prerecorded Messages under TSR

Yesterday, a D.C. district court upheld a recent opinion letter issued by FTC staff that extended robocalling restrictions to telemarketing calls that use so-called soundboard technology or “avatars.”  This technology generally allows a live agent to communicate with a call recipient by playing recorded audio snippets instead of using his or her own live voice. … Continue Reading

“Geofencing” and Health-Related Targeted Advertising: Massachusetts AG Has Something to Say

Earlier this month, the Massachusetts Attorney General announced that her office had reached a settlement with a digital advertising company, Copley Advertising, Inc. (Copley), prohibiting the company from using mobile geofencing technology to target women at or near Massachusetts healthcare facilities to infer the health status, medical condition, or medical treatment of an individual. Geofencing … Continue Reading

NY AG Enters Mobile Health App Enforcement Arena with Settlements Targeting Health Claims and Privacy Practices

New York Attorney General Eric Schneiderman recently announced settlements with three mobile health app developers resolving allegations that they made deceptive advertisements and had irresponsible privacy practices. The Attorney General alleged that the developers sold and advertised mobile apps that purported to measure vital signs or other indicators of health using just a smartphone. The … Continue Reading

FTC Highlights Deep-Sixing of FCC Privacy Rules in Bid for 9th Circuit Rehearing

In support of its request for an en banc rehearing of a Ninth Circuit Court of Appeals panel decision in FTC v. AT&T over the jurisdictional boundaries between the Federal Trade Commission’s (FTC) and Federal Communications Commission’s (FCC) authority over phone companies, broadband providers, and other common carriers, the FTC sent a letter to the Court … Continue Reading

Congress Repeals FCC 2016 Privacy Order via Congressional Review Act

On April 3, 2017, President Trump signed into law a Congressional joint resolution eliminating new broadband and voice privacy rules set forth in a November 2016 order (the 2016 Privacy Order) by the Federal Communications Commission (FCC) (the Joint Resolution).  Members of Congress largely voted along partisan lines. The House approved the Joint Resolution by … Continue Reading

New Mexico Set to Become 48th State To Enact Data Breach and Safeguards Law

Last week, the New Mexico Legislature passed The Data Breach Notification Act (“Act”). Once the Act is signed by Governor Susana Martinez, New Mexico will join 47 other U.S. states (along with D.C., Guam, Puerto Rico, and the Virgin Islands) who have enacted a data breach notification law, leaving South Dakota and Alabama as the … Continue Reading

Don’t Like Negative Reviews? Read This Before You Delete Them

Late last year, the Consumer Fairness Review Act became law, placing new restrictions on what companies can include in form contracts that impede consumers’ ability to communicate honest reviews of products, services, and companies in any forum. Quietly last month, the Federal Trade Commission released non-binding business guidance on how organizations can comply with the … Continue Reading

Smart TV Manufacturer “Smarting” after $2.2 Million Privacy Enforcement

This week, the FTC announced a settlement with VIZIO, Inc., one of the world’s largest manufacturers of “smart” TVs.  The settlement, also with the Office of the New Jersey Attorney General, arises from claims by regulators that VIZIO installed software that collected viewing data for 11 million consumer TVs without consent.  The $2.2 million settlement … Continue Reading

Not a Passing Grade: FTC Settles with Company Over Alleged False Advertising for High School Diploma Program

On February 3, 2017, the Federal Trade Commission (FTC) announced a new settlement against Stratford Career Institute alleging that Stratford’s advertising for its high school diploma program (claiming that it provided the equivalency of a high school credential) was deceptive and violated Section 5 of the FTC Act.… Continue Reading

FTC Files Lawsuit Against Taiwanese Manufacturer for Alleged Lax Security in Wireless Routers and Cameras and Related Marketing Claims

The Federal Trade Commission has filed a lawsuit in federal court claiming that a networking equipment manufacturer engaged in unfair and deceptive acts, exposing thousands of consumers to the risk of cyberattack from vulnerable wireless routers and internet cameras. The complaint against Taiwan-based networking equipment manufacturer D-Link Corporation and its U.S. subsidiary D-Link Systems alleges … Continue Reading

One Less (Regulator) Affair for AshleyMadison.com: Site Operators Agree to Settle U.S. Charges Stemming from 2015 Breach

Remember the 2015 AshleyMadison.com data breach, where hackers gained access to the personal information of about 36 million users from over 46 countries, and threatened and carried through on their promise to release the information to the public? This highly publicized incident has resulted in a $1.6 million settlement between operators of the dating website … Continue Reading

FTC Settles with Turn Over Alleged Privacy Policy Misrepresentations

On Wednesday, the FTC announced that Turn, a California-based ad-tech firm, agreed to settle charges that it misrepresented its consumer tracking practices to Verizon Wireless customers. According to the FTC, such customers could not delete or turn off advertising identifiers because Turn synced multiple identifiers without reconciling user preferences or express user requests to delete … Continue Reading

Homeland Security Issues IoT Guidance for Businesses

The Department of Homeland Security (DHS) has published non-binding principles and best practices to help businesses work through key Internet-of-Things (IoT) security issues.   Entitled “Strategic Principles for Securing the Internet of Things (IoT), Version 1.0,” the principles seek to provide stakeholders with tools to account for security as they develop, manufacture, implement, or use network-connected … Continue Reading

Avoiding the Enforcement Crosshairs of Cross-Device Tracking

The Digital Advertising Alliance (DAA) recently announced that enforcement of its guidance on cross-device tracking (the “Application of the DAA Principles of Transparency and Control to Data Used Across Devices”) is set to begin on February 1, 2017. Originally published in November 2015, the guidance was intended to clarify how the DAA’s Core Principles of … Continue Reading

Lessons from Adobe’s State AG Data Breach Settlement

Last month, several state Attorneys General announced a $1M settlement with Adobe Systems, Inc. in connection with a 2013 data incident involving the personal information of roughly 534,000 consumers. The 15 Attorneys General alleged that the software vendor failed to provide reasonable security safeguards, an allegation Adobe denied in the settlement agreement executed by the … Continue Reading
LexBlog