By Ulrich Wuermeling On January 10, 2017, the European Commission proposed a new ePrivacy Regulation (Proposal). Compared to the internal draft that was leaked in December, the official Proposal has been substantially modified. However, the general approach taken by the European Commission has not changed. The Proposal includes provisions with a broad scope of application covering … Continue Reading
By Ulrich Wuermeling An internal Commission draft of a new ePrivacy Regulation (Draft) has been leaked to the public. The Commission plans to propose it in early 2017, but the content of the Draft does not seem near a final proposal. It is either older or still needs some time to be finalized. The Draft … Continue Reading
By Gail Crawford and Ulrich Wuermeling On October 19, 2016, the Court of Justice of the European Union (CJEU) issued a ruling on the question of whether IP addresses constitute personal data. The ruling has direct implications on the general question of when data can be regarded as anonymous and, thus, fall outside the scope of data … Continue Reading
On July 10, the Federal Communications Commission (“FCC”) released the text of a Declaratory Ruling and Order, initially adopted on June 18, that provides various clarifications regarding the Telephone Consumer Protection Act of 1991 (“TCPA”) and the FCC’s existing rules. The proceeding that led to the Order attracted widespread attention and was the result of nearly … Continue Reading
By Alexander Stout and Matthew T. Murchison on Posted in Privacy
June is proving to be a very active month for the US Federal Communications Commission (FCC) in construing the Telephone Consumer Protection Act, including what sorts of consumer interactions are sufficient to meet the requirements for consent to receive marketing or other messages. This post reports on an extraordinary warning letter issued to PayPal, criticizing … Continue Reading
By Larry Cohen and Gail Crawford While the popular press has been full of stories about the European Court of Justice’s (“ECJ”) ruling creating a “right to be forgotten” (ahead of the still pending Data Protection Regulation), we will focus on both the ruling as well as the specific questions referred to the ECJ that … Continue Reading
By Drew Wisniewski & Jennifer Archie Governor Jerry Brown signed California Assembly Bill 370 (“A.B. 370”), an amendment to the California Online Privacy Protection Act (“CalOPPA”), into law on Friday, September 27. As previously reported here, A.B. 370 requires an operator of a Web site or online service that collects “personally identifiable information” to disclose … Continue Reading
By Drew Wisniewski and Jennifer Archie On September 3, 2013, California Assembly Bill 370 (“A.B. 370”), an amendment to the California Online Privacy Protection Act (“CalOPPA”), was enrolled and sent to Governor Jerry Brown for his signature. A.B. 370, which was sponsored by Attorney General Kamala Harris, requires an operator of a Web site or … Continue Reading
By Kevin Boyle In a case that is a good reminder of the potential reach of sometimes overlooked state legislation to national practices, the U.S. District Court for the Eastern District of Michigan has sustained the core of several complaints for violation of Michigan’s Video Rental Privacy Act. Among other arguments, defendants in the cases asserted that the … Continue Reading
The pressure on companies to adapt to stronger privacy regulation and enforcement in the EU increased this week, following the release of a letter to Google on behalf of 30 European data-protection commissioners. On October 16, 2012, the Article 29 Data Protection Working Party publicly disclosed the correspondence it sent simultaneously to Google following the … Continue Reading
The Office of Hong Kong’s Privacy Commissioner for Personal Data (PCPD) recently announced the results of compliance checks on the collection of “cookies” by local banks in response to earlier media reports and a survey by the Hong Kong Monetary Authority (HKMA). According to media reports from September 2010, some local banks in Hong Kong … Continue Reading
By Gail Crawford and Amy Taylor Privacy professionals from more than 20 countries are gathered in Cambridge, England, to discuss privacy challenges in today’s world at the 25th annual Privacy Laws & Business conference. Professor Michael Birnhack, Professor of Law at Tel Aviv University and Visiting Associate Fellow at the Institute of Advanced Legal Studies, … Continue Reading
By Gail Crawford, Amy Taylor, and Ben Wright The UK Information Commissioner’s Office (ICO) 12-month grace period for enforcing compliance with the new cookie consent rules has now expired. If you are not yet compliant, you need to take action. Over the course of the 12-month grace period, we have seen guidance released from, amongst others, … Continue Reading
Focus on Mobile App Transparency Pursuant to the Obama Administration’s blueprint for consumer privacy released in February (and in accord with a request for comments published in March), the National Telecommunications and Information Administration (NTIA) has issued a notice setting July 12, 2012, as the date for the first meeting in its privacy multistakeholder process. Mobile app … Continue Reading
European Union Justice Commissioner Viviane Reding has confirmed that we can expect to see a draft of the eagerly awaited new Data Privacy Directive in January. The new rules are likely to significantly strengthen the rights of individuals. According to a press release issued jointly last week by Reding and Germany’s Federal Minister for Consumer Protection, Isle … Continue Reading
Our May 26, 2011 blog post on the new European cookies rules introduced by the revised E-Privacy Directive marked the deadline for EEA Member States to implement the Directive into national law. As of late August, only the UK, Denmark, Estonia, Finland, Ireland, Malta and Sweden have introduced laws fully implementing the amendments contained in … Continue Reading
On August 3, 2011, the German Parliament received a new Bill from the Federal Council of German States (Bundesrat) proposing a revision of the German Telemedia Act (Telemediengesetz). As part of the revision, the Bill proposes to transform the cookie consent requirement of the revised European E-Privacy Directive. While it is doubtful that the Federal … Continue Reading
On 16 May 2011, the European Commission’s Article 29 Working Party released their latest Opinion on the status of geolocation data for the purposes of European privacy rules. Though not strictly binding on EEA Member States or businesses operating within Europe, the Working Party’s Opinions are highly influential and certainly set the scene for changes … Continue Reading
In the run up to today’s deadline for EEA Member States to implement the EU’s revised Privacy and Electronic Communications Directive, including its new rules requiring consent to the use of cookies, the UK Department of Culture, Media and Sport (the DCMS) and the UK’s privacy regulator, the ICO, have released further guidance for businesses, … Continue Reading
Last week we posted about the fast approaching May 26 deadline for member state implementation of the EU’s revised Privacy and Electronic Communications Directive concerning cookies on web sites. We noted the relative absence of final (if any) guidance from EU jurisdictions on the approach to be taken in their respective implementations. On Monday, the UK’s privacy regulator, the Information … Continue Reading
Google has consented to the entry of a proposed Agreement Containing Consent Order with the US Federal Trade Commission, subjecting the company to sweeping government oversight of its privacy disclosure and product development and release practices, nominally arising out of the roll-out of its Buzz product in February 2010. The auditing and reporting requirements are … Continue Reading
The recently released reports from the U.S. Department of Commerce and the Federal Trade Commission have focused important, and much needed attention, on privacy policies and legal compliance. Unfortunately, much of the substance is aspirational, rather than immediately operational. So, with the benefit of our collective client experience, we offer the following “Naughty or Nice” Checklist to get … Continue Reading
Following in the wake of the FTC’s report on online tracking, the Commerce Department has issued its “green paper” on privacy. The report is part of the Department’s ongoing review of privacy practices begun in April this year. While it avoids making many specific policy recommendations, the report does recommend the development of Fair Information … Continue Reading
In a long anticipated report entitled Protecting Consumer Privacy in an Era of Rapid Change, a divided U.S. Federal Trade Commission focused on raising consumer awareness and soliciting industry feedback on online tracking and behavioral advertising. Industry is portrayed as “too slow” to improve privacy practices in this arena. The report proposes a normative framework … Continue Reading
