Dana B. Rosenfeld

Dana B. Rosenfeld

Dana Rosenfeld is a partner in the Advertising and Marketing and Food and Drug Law practices at Kelley Drye & Warren LLP.

Subscribe to all posts by Dana B. Rosenfeld

CFPB Highlights Possible Approaches to Ramping up Regulation of Debt Collectors

The CFPB recently released an outline of proposals that it is currently considering to overhaul the debt collection market.  The proposals under consideration would significantly expand current regulations governing debt collection, including by requiring collectors to maintain specified information to substantiate a debt before contacting consumers, limiting the number of times that a collector can … Continue Reading

This Week in Privacy Shield Developments

It’s been another exciting week of developments for U.S. companies on the EU data transfer front. From the first company to indicate that it will certify under Privacy Shield, to the first European Data Protection Authority (DPA) to suggest that it would like to challenge the validity of the new framework, here are this week’s … Continue Reading

What You Need to Know About Privacy Shield: An Overview of the New Transatlantic Framework

On July 12, 2016, the European Commission (“Commission”) formally adopted and released the Privacy Shield Adequacy decision, which will allow certified U.S. companies to transfer EU personal data to the United States.  The EU-U.S. Privacy Shield (“Privacy Shield”) replaces the U.S.-EU Safe Harbor framework (“Safe Harbor”), which was invalidated in October 2015 by the European … Continue Reading

Despite Early Challenges, European Commission Adopts EU-U.S. Privacy Shield

After months of negotiations, today the College of Commissioners formally adopted the EU-U.S. Privacy Shield (“Privacy Shield”). This is an encouraging development for the more than 4,400 U.S. companies that had previously relied on the U.S.-EU Safe Harbor framework and sought legal certainty regarding data transfers in its wake. As we reported in a previous … Continue Reading

Going Geo-Loco: FTC Settles with Mobile Ad Network over Geolocation Collection

The FTC announced a settlement on Wednesday with mobile advertising company, InMobi Pte Ltd., concerning allegations that the company deceptively tracked the geolocation of hundreds of millions of unknowing consumers, including children, to serve them geo-targeted advertising.  As part of the settlement, InMobi will pay $950,000 in civil penalties relating to violations of the Children’s … Continue Reading

Webinar and Live Program: Designing Notice and Consent for the Internet of Things

On June 14, 2016 2-3pm (ET) please join the NAI, Kelley Drye and Federal Trade Commission Chief Technologist Lorrie Faith Cranor in exploring effective notice and consent options as industry moves toward data collection and use across the Internet of Things. Dr. Cranor will present a taxonomy of notice options based on her research, including … Continue Reading

Privacy Shield Setback? European Parliament Asks to Revisit Negotiations

The saga continues on the quest to improve the EU-U.S. Privacy Shield Agreement (“Privacy Shield”), the framework that, if enacted, would permit transatlantic data flows from the EU to the U.S. Yesterday, the European Parliament approved a resolution asking the European Commission (the “Commission”) to (1) clarify the legal status of “written assurances” provided by … Continue Reading

Privacy Shield Pierced? Article 29 Working Party Expresses Concern with Agreement

The Article 29 Working Party (The Working Party), which includes representative data protection authorities from each EU member country and the European Data Protection Supervisor, issued a 58-page opinion yesterday that flagged perceived shortcomings of the draft EU-U.S. Privacy Shield (Privacy Shield). Privacy Shield was slated to replace the now defunct Safe Harbor, and is the updated framework designed to permit organizations … Continue Reading

Privacy Shield: The New Transatlantic Agreement and How it May Impact Your Company

Last Tuesday, February 2, 2016, the European Commission announced that it approved the EU-U.S. Privacy Shield (“Privacy Shield”), an agreement with the U.S. Department of Commerce establishing a new framework for transatlantic data flows. Although the full text and details of Privacy Shield have not been released, the new framework is expected to replace the now … Continue Reading

Safe Harbor Update: The European Commission Issues Guidance on the Schrems Decision

This past Friday, the European Commission (“the Commission”) issued guidance addressing transatlantic data transfers after the European Court of Justice (“ECJ”) decision in the Schrems case. As we noted in an earlier post, the ECJ Schrems decision invalidated the U.S.-EU Safe Harbor framework, the mechanism that enabled self-certifying corporations to transfer personal data from EU … Continue Reading

FTC as Data Security Cop Affirmed

The U.S. Court of Appeals for the Third Circuit this week affirmed the authority of the Federal Trade Commission (“FTC” or “Commission”) to enforce against companies that lack reasonable cybersecurity practices.  Prior to this ruling, no federal court had adjudicated whether the FTC had authority under 15 U.S.C. § 45(a) (“Section 45(a)”) of the Federal … Continue Reading

FTC Settles with Retail Tracking Company that Made Privacy Policy Promises It Couldn’t Keep

Last week, the Federal Trade Commission announced its first settlement with a retail tracking company, resolving allegations that Nomi Technologies, Inc., a micro-location platform that provides analytics services to retailers through its product “Listen,” failed to abide by several promises it made in its privacy policy. Under the terms of the agreement, Nomi is prohibited … Continue Reading

Claiming Safe Harbor on Your Website? Recent FTC Enforcements Provide Some Lessons About Certification Lapses

The Federal Trade Commission (“FTC”) announced on Monday two more Safe Harbor-related settlements with two companies for misrepresenting their participation in the U.S.-EU Safe Harbor framework, which is subject to the FTC’s deception authority under Section 5 of the FTC Act.  The U.S.-EU Safe Harbor framework is a method whereby U.S. companies can comply with … Continue Reading

Obama Administration Receives Little Support for the Consumer Privacy Bill of Rights Act

Following up on his historic visit to the FTC in January during which President Obama laid out his privacy and data security agenda, the administration released a discussion draft of the Consumer Privacy Bill of Rights Act (the “Act”) on February 27, 2015. The Act lays out a number of privacy and security requirements for with … Continue Reading

NY AG Settlement with Three Largest National Credit Reporting Agencies Promises Critical Reform to Credit Reporting Industry

On March 9, 2015, New York Attorney General Eric Schneiderman announced its settlement with the nation’s three largest national credit reporting agencies (“CRAs”): Experian, Equifax, and TransUnion.  This announcement underscores the recent heightened state and federal regulatory scrutiny in this area, and likely is the first of a wave of broad consumer-facing reforms to the … Continue Reading

FTC Administrative Law Judge Rejects Commission’s Definition of “Biodegradable”

Decision Also Reiterates Appropriate Standards for Consumer Perception Surveys On February 6, 2015, Chief Administrative Law Judge D. Michael Chappell announced his decision (“Initial Decision”) in the case of FTC vs. ECM BioFilms.  The Initial Decision rejects the FTC’s position codified in the FTC’s Guides for the Use of Environmental Marketing Claims (“Green Guides”) that “[i]t is deceptive to … Continue Reading

Accountability Program Issues Six Decisions on OBA Practices

Last week, the Online Interest-Based Advertising Accountability Program announced the results of inquiries it had conducted to determine whether six companies were in compliance with the Self-Regulatory Principles for Online Behavioral Advertising. In addition to requiring in-ad notice about OBA, the Principles require, among other things, that website operators provide a clear explanation of their … Continue Reading

Jessica Rich Named Director of the FTC’s Bureau of Consumer Protection

Today, Federal Trade Commission (“FTC”) Chairwoman Edith Ramirez announced that Jessica Rich has been named Director of the FTC’s Bureau of Consumer Protection (the “Bureau”). Rich, who has more than 22 years of experience at the Commission, currently serves as Associate Director in the Bureau’s Division of Financial Practices. She will take over the Bureau … Continue Reading

Insights from the FTC’s Mobile Payments Workshop

On April 26, 2012, the Federal Trade Commission (FTC) held a public workshop entitled "Paper, Plastic . . . or Mobile?" to examine the use of mobile payments in the marketplace and the impact of emerging technologies on consumers. Three consumer issues surrounding mobile payments were highlighted: (1) the lack of clear consumer redress and … Continue Reading

Register Today for Kelley Drye’s Privacy Law Symposium and Webinar

Live in Los Angeles or via webinar, please join Kelley Drye & Warren LLP on April 23 for an afternoon program covering privacy-related trends in enforcement, class action litigation, and insurance recovery. Click here to register for the webinar. Privacy Law Symposium and Webinar: Enforcement, Litigation and Risk Management Avoiding an FTC Privacy Investigation and … Continue Reading

White House Unveils Commercial Online Privacy Framework

On February 23, 2012, the White House released its long-awaited consumer data privacy framework that establishes clear consumer privacy “ground rules” intended to govern how commercial entities collect and use consumers’ personal information in an evolving technological landscape that includes the Internet and other networked technologies. The framework, entitled Consumer Data Privacy In a Networked … Continue Reading

Insights from Kelley Drye’s 4th Annual Privacy Seminar

On February 16, 2012, Kelley Drye & Warren LLP hosted the seminar and audiocast, “Privacy in 2012: What to Watch Regarding COPPA, Mobile Apps, and Evolving Law Enforcement and Public Policy Trends.” The seminar highlighted regulatory and legislative developments in privacy and information security during the past year, with an emphasis on children’s online privacy … Continue Reading

Join us Feb. 16 for “Privacy in 2012” Seminar and Teleconference

Changes to privacy regulations, such as proposed revisions to the Children’s Online Privacy Protection Act (COPPA), and continuously evolving technologies, including mobile apps with location-based services, can make it difficult for businesses to ensure their privacy practices are up to par. On February 16, Kelley Drye will gather government leaders from the FTC and FCC, … Continue Reading

Facebook Settlement with the FTC Includes Stringent Privacy Requirements

Facebook has agreed to settle Federal Trade Commission (“FTC”) charges alleging that the social network company engaged in deceptive practices that enabled third-party access to Facebook users’ private information, including personal history, photos, videos, and Friend Lists, without providing users with adequate notice or obtaining their prior consent. The proposed settlement, which would impose privacy … Continue Reading