By Mary-Elizabeth M. Hadley on Apr 23, 2015
Last week, Magistrate Judge Paul S. Grewal issued an order for the Northern District of California granting LinkedIn Corporation’s (“LinkedIn”) Motion to Dismiss a proposed class action alleging that its “Reference Searches” – which enable employers to find people with whom a job applicant may have worked previously – violated the Fair Credit Reporting Act (“FCRA”).
By Behnam Dayanim and Kevin P. Broughel on Apr 14, 2015
The Video Privacy Protection Act (“VPPA”) came into existence in the wake of a Washington Post report of Supreme Court nominee Robert Bork’s video rental history. Although the days of renting VHS tapes are now gone, the VPPA endures. Over the last several years a number of high profile lawsuits have been filed against online video and service providers for alleged violations of the VPPA, causing anxiety among content providers of all stripes. However, two recent decisions perhaps point to an emerging sense among courts that some limitations on the statute’s application are warranted.
By Sherrese Smith and Matt Gibson on Feb 10, 2015
Late last week, GroupMe, Inc. won an important victory in Glauser v. GroupMe, Inc., a federal class action stemming from allegations that the company violated the Telephone Consumer Protection Act of 1991 (TCPA) by sending unauthorized text messages to the plaintiff. Perhaps more significantly, in granting summary judgment to GroupMe, the trial court took a step that the Federal Communications Commission (FCC) thus far has not taken and addressed a lingering question of how the TCPA and the FCC’s implementing regulations define an automatic telephone dialing system (ATDS).
By Sherrese Smith and Matt Gibson on Feb 05, 2015
As described in our recent Stay Current, yesterday the Federal Communications Commission (FCC) released a Fact Sheet outlining many aspects of FCC Chairman Tom Wheeler’s draft order to reclassify broadband internet services as a “telecommunications service” thereby enhancing the FCC’s ability to regulate different aspects of broadband internet service.
By Matt Gibson on Feb 02, 2015
Just last week, the Federal Trade Commission (FTC) released a staff report on the Internet of Things (IoT) outlining specific recommendations and its views on best practices that IoT developers should implement to protect consumer privacy and security of IoT devices. The FTC defines IoT as devices – other than computers, smartphones and tablets – that “connect, communicate or transmit information with or between each other through the Internet.”
By Mary-Elizabeth M. Hadley on Jan 14, 2015
New legislation signed by New Jersey Governor Chris Christie late last week mandates that health insurance companies in the state protect the personal information they compile or maintain through encryption or “by any other method or technology rendering it unreadable, undecipherable, or otherwise unusable by an unauthorized person.”
By Matt Gibson on Jan 13, 2015
On Monday, January 12, President Obama gave a speech at the Federal Trade Commission in which he announced a multi-faceted legislative agenda aimed at creating a uniform national breach notification requirement, establishing national standards for consumer privacy, and expanding protections for educational data. While the President’s speech and the accompanying fact sheet outlined a broad privacy agenda, both were short on detail, leaving the public – and Congress – to speculate about the specifics of the President’s plan.
By Behnam Dayanim on Dec 15, 2014
In a recent interview (from before reports of the Sony data breach!), I discuss some of the most pressing privacy and security issues facing tech companies today.
By Devon Winkles and Mary-Elizabeth M. Hadley on Nov 06, 2014
Last week, the Advertising Self-Regulatory Council’s Online Interest-Based Advertising Accountability Program released agreements with five website operators addressing their compliance with the Self-Regulatory Principles for Online Behavioral Advertising (“OBA Principles”).
By Matt Gibson on Oct 28, 2014
In a split vote last Friday, the Federal Communications Commission (FCC or Commission) invoked a seldom-used provision of the Communications Act and signaled its intent to impose a $10 million fine on two affiliated telecommunications carriers, TerraCom, Inc. and YourTel America, Inc., for allegedly failing to protect consumers’ personal information. By flexing previously unused statutory muscles, last week’s decision is a strong signal of the Commission’s desire to expand its role as a privacy and data security regulator. In particular, the Commission appears to be attempting to create an entirely new data breach notification requirement under federal communications law. Telecommunications carriers should take note.