Over the past two decades, the Department of Transportation and the automotive industry have worked together to develop a framework identifying the types of services and devices that are integral to the development of a connected and intelligent transportation system. Such services include collision avoidance systems to reduce motor vehicle accidents, and automated electronic payment systems to facilitate the payment of tolls and gas.

In Spokeo, Inc. v. Robins, the Supreme Court confirmed the power of the word “and.” In a six to two decision, the Court confirmed that to satisfy the “injury-in-fact” prong of the three-part test to establish Article III standing, plaintiffs must show that the injury was both “concrete” and “particularized.”

Yesterday, the Federal Trade Commission (“FTC” or the “Commission”) accepted, subject to final approval, a consent agreement to settle charges that a hand-held vaporizer manufacturer misrepresented its participation in the Asia-Pacific Economic Cooperation (“APEC”) Cross Border Privacy Rules (“CBPR”) system.

Yesterday, in a 3-2 party-line vote, the Federal Communications Commission (“FCC”) adopted a Notice of Proposed Rulemaking (“NPRM”) proposing new rules to regulate how broadband Internet service providers (“ISPs”) collect, use, and protect personal information about their customers.

On March 2, the Consumer Financial Protection Bureau (the “Bureau”) announced enforcement action against online payment processor, Dwolla Inc. (“Dwolla”). This is the Bureau’s first enforcement action related to data security pursuant to its authority to prohibit unfair, deceptive, and abusive acts and practices (“UDAAP”).

Companies around the globe increasingly are collecting ever-greater volumes of sensitive personal information from their customers for business and competitive purposes. If improperly stored, used, stolen, or shared, this information can have devastating reputational and financial consequences. This makes privacy, cybersecurity, and data management critical issues for senior management, board members, and general counsel to understand in order to effectively manage risk.

Congress has taken a critical step in implementing its obligations under the recently announced EU-U.S. Privacy Shield through Wednesday night’s passage of the Judicial Redress Act in the House of Representatives.