Global Privacy & Security Compliance Law Blog

Tag Archives: Behavioral Advertising & Marketing

European Commission Proposes ePrivacy Regulation

By Ulrich Wuermeling On January 10, 2017, the European Commission proposed a new ePrivacy Regulation (Proposal). Compared to the internal draft that was leaked in December, the official Proposal has been substantially modified. However, the general approach taken by the European Commission has not changed. The Proposal includes provisions with a broad scope of application covering … Continue Reading

Anonymous or Not: Court of Justice Issues Ruling on IP Addresses

By Gail Crawford and Ulrich Wuermeling On October 19, 2016, the Court of Justice of the European Union (CJEU) issued a ruling on the question of whether IP addresses constitute personal data. The ruling has direct implications on the general question of when data can be regarded as anonymous and, thus, fall outside the scope of data … Continue Reading

FCC Releases New Clarifications Regarding the TCPA

On July 10, the Federal Communications Commission (“FCC”) released the text of a Declaratory Ruling and Order, initially adopted on June 18, that provides various clarifications regarding the Telephone Consumer Protection Act of 1991 (“TCPA”) and the FCC’s existing rules. The proceeding that led to the Order attracted widespread attention and was the result of nearly … Continue Reading

FCC Finds Fault in User Agreement and Issues Stern Guidance for Telemarketing Calls

June is proving to be a very active month for the US Federal Communications Commission (FCC) in construing the Telephone Consumer Protection Act, including what sorts of consumer interactions are sufficient to meet the requirements for consent to receive marketing or other messages. This post reports on an extraordinary warning letter issued to PayPal, criticizing … Continue Reading

The “Right to be Forgotten” Landmark Decision: Beyond the Headlines

By Larry Cohen and Gail Crawford While the popular press has been full of stories about the European Court of Justice’s (“ECJ”) ruling creating a “right to be forgotten” (ahead of the still pending Data Protection Regulation), we will focus on both the ruling as well as the specific questions referred to the ECJ that … Continue Reading

California Governor Jerry Brown Signs “Do Not Track” Disclosure Bill

By Drew Wisniewski & Jennifer Archie Governor Jerry Brown signed California Assembly Bill 370 (“A.B. 370”), an amendment to the California Online Privacy Protection Act (“CalOPPA”), into law on Friday, September 27. As previously reported here, A.B. 370 requires an operator of a Web site or online service that collects “personally identifiable information” to disclose … Continue Reading

California Legislation Requiring Disclosure of “Do Not Track” Practices Heads to Governor’s Desk

By Drew Wisniewski and Jennifer Archie On September 3, 2013, California Assembly Bill 370 (“A.B. 370”), an amendment to the California Online Privacy Protection Act (“CalOPPA”), was enrolled and sent to Governor Jerry Brown for his signature.  A.B. 370, which was sponsored by Attorney General Kamala Harris, requires an operator of a Web site or … Continue Reading

Complaint That Sale of Magazine Subscription Lists Violates Michigan’s Video Rental Privacy Law Sustained

By Kevin Boyle In a case that is a good reminder of the potential reach of sometimes overlooked state legislation to national practices, the U.S. District Court for the Eastern District of Michigan has sustained the core of several complaints for violation of Michigan’s Video Rental Privacy Act. Among other arguments, defendants in the cases asserted that the … Continue Reading

European data protection authorities urge Google to change its privacy practices

The pressure on companies to adapt to stronger privacy regulation and enforcement in the EU increased this week, following the release of a letter to Google on behalf of 30 European data-protection commissioners. On October 16, 2012, the Article 29 Data Protection Working Party publicly disclosed the correspondence it sent simultaneously to Google following the … Continue Reading

Cookie Compliance Check Results Announced by Hong Kong Data Privacy Commissioner

The Office of Hong Kong’s Privacy Commissioner for Personal Data (PCPD) recently announced the results of compliance checks on the collection of “cookies” by local banks in response to earlier media reports and a survey by the Hong Kong Monetary Authority (HKMA). According to media reports from September 2010, some local banks in Hong Kong … Continue Reading

PL&B Annual Conference, Day 1: Privacy Challenges of New Technologies

By Gail Crawford and Amy Taylor Privacy professionals from more than 20 countries are gathered in Cambridge, England, to discuss privacy challenges in today’s world at the 25th annual Privacy Laws & Business conference. Professor Michael Birnhack, Professor of Law at Tel Aviv University and Visiting Associate Fellow at the Institute of Advanced Legal Studies, … Continue Reading

UK Cookie Rules: Are You Compliant?

By Gail Crawford, Amy Taylor, and Ben Wright The UK Information Commissioner’s Office (ICO) 12-month grace period for enforcing compliance with the new cookie consent rules has now expired. If you are not yet compliant, you need to take action. Over the course of the 12-month grace period, we have seen guidance released from, amongst others, … Continue Reading

NTIA Announces First Privacy Multistakeholder Meeting Pursuant to Obama Administration Privacy Blueprint

Focus on Mobile App Transparency Pursuant to the Obama Administration’s blueprint for consumer privacy released in February (and in accord with a request for comments published in March), the National Telecommunications and Information Administration (NTIA) has issued a notice setting July 12, 2012, as the date for the first meeting in its privacy multistakeholder process. Mobile app … Continue Reading

New EU Privacy Rules Will Apply to All Online Businesses with EU Customers

European Union Justice Commissioner Viviane Reding has confirmed that we can expect to see a draft of the eagerly awaited new Data Privacy Directive in January. The new rules are likely to significantly strengthen the rights of individuals. According to a press release issued jointly last week by Reding and Germany’s Federal Minister for Consumer Protection, Isle … Continue Reading

After the Deadline: A Status Review of the Implementation of the New European Cookies Rules

Our May 26, 2011 blog post on the new European cookies rules introduced by the revised E-Privacy Directive marked the deadline for EEA Member States to implement the Directive into national law.  As of late August, only the UK, Denmark, Estonia, Finland, Ireland, Malta and Sweden have introduced laws fully implementing the amendments contained in … Continue Reading

The German Implementation of the New European Cookies Rules

On August 3, 2011, the German Parliament received a new Bill from the Federal Council of German States (Bundesrat) proposing a revision of the German Telemedia Act (Telemediengesetz).  As part of the revision, the Bill proposes to transform the cookie consent requirement of the revised European E-Privacy Directive. While it is doubtful that the Federal … Continue Reading

Geolocation Data Set to Become ‘Personal Data’

On 16 May 2011, the European Commission’s Article 29 Working Party released their latest Opinion on the status of geolocation data for the purposes of European privacy rules. Though not strictly binding on EEA Member States or businesses operating within Europe, the Working Party’s Opinions are highly influential and certainly set the scene for changes … Continue Reading

Further Cookie Guidance from the UK Government and ICO

In the run up to today’s deadline for EEA Member States to implement the EU’s revised Privacy and Electronic Communications Directive, including its new rules requiring consent to the use of cookies, the UK Department of Culture, Media and Sport (the DCMS) and the UK’s privacy regulator, the ICO, have released further guidance for businesses, … Continue Reading

UK ICO Offers Guidance on New EU Cookie Rules

Last week we posted about the fast approaching May 26 deadline for member state implementation of the EU’s revised Privacy and Electronic Communications Directive concerning cookies on web sites. We noted the relative absence of final (if any) guidance from EU jurisdictions on the approach to be taken in their respective implementations.  On Monday, the UK’s privacy regulator, the Information … Continue Reading

March Madness or a Sign of Times to Come? Google’s Proposed Consent Agreement with Federal Trade Commission

Google has consented to the entry of a proposed Agreement Containing Consent Order with the US Federal Trade Commission, subjecting the company to sweeping government oversight of its privacy disclosure and product development and release practices, nominally arising out of the roll-out of its Buzz product in February 2010. The auditing and reporting requirements are … Continue Reading

Naughty or Nice: A Checklist for 2011 Privacy Policy Compliance and Risk Management

The recently released reports from the U.S. Department of Commerce and the Federal Trade Commission have focused important, and much needed attention, on privacy policies and legal compliance. Unfortunately, much of the substance is aspirational, rather than immediately operational. So, with the benefit of our collective client experience, we offer the following “Naughty or Nice” Checklist to get … Continue Reading

Commerce Department Speaks on Privacy

Following in the wake of the FTC’s report on online tracking, the Commerce Department has issued its “green paper” on privacy. The report is part of the Department’s ongoing review of privacy practices begun in April this year. While it avoids making many specific policy recommendations, the report does recommend the development of Fair Information … Continue Reading

FTC Issues Long Anticipated Privacy Report

In a long anticipated report entitled Protecting Consumer Privacy in an Era of Rapid Change, a divided U.S. Federal Trade Commission focused on raising consumer awareness and soliciting industry feedback on online tracking and behavioral advertising. Industry is portrayed as “too slow” to improve privacy practices in this arena. The report proposes a normative framework … Continue Reading
LexBlog