May 15, 2013 10:23 AM | Posted by Nerissa Coyle McGinn |
Permalink
The U.S. House of Representatives passed an amended version of the Cyber Intelligence Sharing and Protection Act (CISPA), with a 288-127 vote. The current version of CISPA ( H.R. 624) would provide private-sector companies with protection from liability for sharing information on cyber-threats with federal government agencies. With the passage of this bill, the House attempts to resolve the problem of President Barack Obama’s Cybersecurity Executive Order not providing any liability protection to reporting companies. (Read our alert on President Obama’s Executive Order here.) The bill provides both criminal and civil immunity for corporations sharing information with government agencies, as long as they act “in good faith.” The amended version defines a lack of good faith as including “any act or omission taken with intent to injure, defraud or otherwise endanger any individual, government entity, private entity or utility.” It also requires the Director of National Intelligence to establish procedures to permit “elements of the intelligence community” to share cyber-threat information, including classified information, with U.S. companies and utilities.
read more
| 
|
March 5, 2013 5:21 PM | Posted by Michael Mallow, Michael Thurman & Christine Reilly |
Permalink
Commissioner Edith Ramirez began her term as chair of the Federal Trade Commission March 4, 2013, filling the vacancy left by outgoing chair Jon Leibowitz. As a current commissioner, Ramirez assumed the agency’s head position without Senate approval of her selection by President Obama.
read more
|
|
February 13, 2013 10:49 AM | Posted by Jill Westmoreland |
Permalink
California Assemblyman Isadore Hall introduced Assembly Bill 257 which addresses mobile privacy. The bill would codify many of the best practices proposed by the California Attorney General in her report titled “ Privacy on the Go: Recommendations for the Mobile Ecosystem,” such as requiring mobile apps to have a privacy policy; allowing consumers to access their own personally identifiable information (PII) that the app collects and retains; provide a supplemental privacy policy with enhanced measures if an app collects PII that is not essential to the app’s basic function; providing a special notice if the app accesses text messages, call logs, the camera, dialer or microphone, or collects location, financial, or medical information or passwords. The bill also would require advertising networks that deliver ads through a mobile application to obtain prior express consent before displaying an ad and before accessing PII; use application-specific or temporary device identifiers rather than unchangeable device-specific identifiers; and transmit user data securely, using encryption for permanent unique device identifiers and personal information.
read more
|
|
September 19, 2012 7:51 AM | Posted by Jill Westmoreland |
Permalink
Rep. Ed Markey (D-Mass.) introduced the Mobile Device Privacy Act ( H.R. 6377) which would require disclosure of the use of monitoring software on mobile devices; consent to the collection of information, including a user's location, that is collected using monitoring software; and information security policies and procedures to safeguard collected data.
read more
|
|
September 5, 2012 10:25 AM | Posted by Meg Charendoff |
Permalink
The rapid growth and expansion in the mobile market presents a number of privacy and security issues for mobile software developers, operators and advertisers/marketers who collect, store, use and share consumer information.
read more
|
|
August 28, 2012 8:48 AM | Posted by Regan Smith |
Permalink
The Word of Mouth Marketing Association (WOMMA) recently updated its Social Media Marketing Disclosure Guide, the organization’s self-regulatory guide to best practices and responsibilities of using social media. According to WOMMA, the Guide is a “living document” periodically updated to reflect developments in both the industry and social media. The best practices apply to a variety of social media platforms, including blogs and microblogs, online comments, social networks, video and photo sharing websites, sponsored content, podcasts. A copy of the Guide is available here.
read more
|
|
August 27, 2012 10:39 AM | Posted by Ken Florin and James Taylor |
Permalink
Mobile advertising network Jumptap has added the AdChoices Icon to its mobile web and app advertising. The icon, developed by the Digital Advertising Association as part of its self-regulatory program, signals the use of online behavioral targeting and offers consumers information and the ability to opt out of tracking.
read more
|
|
July 31, 2012 3:37 PM | Posted by Michael Mallow, Michael Thurman and Ieuan Jolly |
Permalink
Companies that experienced data security breaches may have to contend with more than just unhappy consumers and reputational injury. Both the Federal Trade Commission and private plaintiffs' class action lawyers have filed actions against companies after data breaches, claiming that the companies misrepresented the adequacy of their security measures and are liable for violating the terms of their own privacy policies.
read more
|
|
July 9, 2012 12:00 PM | Posted by James Taylor and Ken Florin |
Permalink
Four online advertising companies have agreed to change their practices as the result of inquiries by the Better Business Bureau regarding the companies’ compliance with the Digital Advertising Alliance’s Self-Regulatory Principles for On-Line Behavioral Advertising. In a statement May 30, 2012, the BBB, which administers the accountability program for the industry, made public the results of its formal inquiry into the data collection and use and online behavioral advertising practices of seven companies.
read more
|
|
May 8, 2012 4:45 PM | Posted by Seth Rose |
Permalink
As part of its latest study on the effectiveness of industry self-regulation in preventing advertising and marketing of alcoholic beverages to underage audiences, on April 12, the Federal Trade Commission issued orders to provide information, also known as compulsory process orders, to 14 major alcoholic beverage advertisers. For the first time, the agency wants these companies to provide detailed information on their Internet and digital marketing programs and their data collection, maintenance, aggregation and tracking practices related to consumers/visitors under the age of 21.
read more
|
|
March 26, 2012 1:43 PM | Posted by Nate Hole |
Permalink
In the latest video segment of our new Media MindShare Leadership Series, Loeb & Loeb attorney Nate Hole discusses social media partnerships and the importance of understanding the technology, how it works and what information it is gathering. Lisa Hatton Harrington, Vice President and Associate General Counsel of NBCUniversal – Digital Division, shares insights on the challenges her company faces in the social media realm, including issues in connection with deal of the day-type promotions, and compliance with regulations surrounding geolocation and collection of personally identifiable information.
read more
|
|
March 1, 2012 4:10 PM | Posted by Michael Ridgway Jones |
Permalink
Beginning March 1, 2012, any non-governmental entity, wherever located, must amend existing agreements with third-party service providers that receive, store, maintain, process, or otherwise are permitted access to personal information (in both electronic and non-electronic format) to require such service providers to implement appropriate security measures for the personal information of Massachusetts residents consistent with the requirements of 201 CMR 17.00 (“Standards for the Protection of Personal Information of Residents of the Commonwealth”), the regulations that implement the Massachusetts data security law (M.G.L. c. 93H).
read more
|
|
February 27, 2012 3:52 PM | Posted by James Taylor and Seth Rose |
Permalink
In the latest video segment of our new Media MindShare Leadership Series, Loeb & Loeb attorney Seth Rose provides insights into what companies can do to mitigate the risk of litigation in the areas of data security and data privacy. James Taylor, chair of the firm’s Advanced Media and Technology Department, discusses vulnerabilities that exist for companies that mine and monetize user data, as well as best practices for the collection, retention and storage of data, which can help address these challenges.
read more
|
|
February 24, 2012 9:22 AM | Posted by Jill Westmoreland |
Permalink
|
|
February 13, 2012 11:50 AM | Posted by Tatyana Gilles |
Permalink
In a case of first impression, a federal district court in Massachusetts found that a person's ZIP code is “personal identification information” (PII) under a Massachusetts law ( Mass. Gen. L. 93-105(a)) which prohibits retailers from collecting PII during a credit card transaction if the credit card issuer does not require such disclosure. Tyler v. Michaels Stores, Inc., 2012 WL 32208 (D. Mass.; Jan. 6, 2012).
read more
|
|
February 8, 2012 1:52 PM | Posted by Ken Florin |
Permalink
In the second video segment of Loeb & Loeb’s new Media MindShare Leadership Series, Kenneth Florin, partner and chair of the firm’s Advanced Media and Technology Department, and Christopher McCleary, Associate General Counsel of VISA Inc. discuss key challenges facing companies involved in mobile commerce today, as well as differences in the way it is being used in the U.S. and in developing countries across the globe.
read more
|
|
January 26, 2012 9:35 AM | Posted by James Taylor, Ken Florin and Seth Rose |
Permalink
What’s in store for e-commerce, mobile coupons and social media in 2012? In the first video segment of its new Media MindShare Leadership Series, Loeb & Loeb's Advanced Media and Technology attorneys and in-house counsel from Visa, Inc. and NBCUniversal – both major players in the digital media and technology landscape – discuss predictions for the new year, including what we can expect in terms of data security and data breach incidents, privacy legislation, and collection of personally identifiable information.
read more
|
|
December 28, 2011 12:26 PM | Posted by Michael Mallow |
Permalink
California has amended its security breach notification law to expand the notification requirements for security breaches relating to consumer personal information. Senate Bill 24, which amends California Civil Code sections 1798.29 and 1798.82, which takes effect January 1, 2012, also require businesses that suffer a data breach affecting more than 500 California residents to provide notice to the California Attorney General's office.
read more
|
|
December 19, 2011 9:50 AM | Posted by Ieuan Jolly |
Permalink
|
|
December 12, 2011 8:37 AM | Posted by Jessica Lee |
Permalink
Over the Thanksgiving shopping weekend, two shopping malls in the U.S. were using “FootPath technology,” developed by British company Path Intelligence, to track shoppers’ movements by monitoring their cellphone signals. The shopping malls installed antennas at various points in the mall and posted signs telling shoppers that a survey was being conducted that anonymously tracked shoppers’ movements throughout the malls. If shoppers didn’t want to be tracked, they had to turn off their cellphones.
read more
|
|
December 6, 2011 5:00 PM | Posted by Michael Ridgway Jones |
Permalink
On November 8, 2011, the Federal Trade Commission reached a settlement with ScanScout, an online video ad network, that had been charged by the FTC with engaging in deceptive practices regarding ScanScout’s use of a type of tracking device called a “Flash” cookie. (A Flash cookie is a cookie that websites using Adobe’s Flash multimedia technology may store on a user’s computer.) According to the FTC complaint, ScanScout’s privacy policy instructed users that they could opt out of receiving targeted ads by modifying their browser settings to “prevent the receipt of cookies.” The FTC found this claim to be deceptive, because ScanScout in fact used Flash cookies, which are stored in a different place from ordinary cookies and cannot be removed merely by changing browser settings.
read more
|
|
December 5, 2011 12:00 PM | Posted by Ieuan Jolly |
Permalink
The Digital Advertising Alliance (DAA) has announced a new set of guidelines that significantly expands the requirements for member companies that collect data online. The Self-Regulatory Principles for Multi-Site Data establish broad and comprehensive standards governing the collection and use of data from an individual’s device, regarding internet viewing over time and across non-affiliated web sites – what DAA is calling “Multi-Site Data.” These guidelines go well beyond DAA’s existing guidelines governing the collection and use of data for online behavioral advertising (OBA). They apply to data that is collected for any and all purposes (not just OBA), with limited exceptions, and explicitly prohibit the collection of data for specific purposes related to employment, health care, credit and insurance.
read more
|
|
October 31, 2011 2:51 PM | Posted by Jessica B. Lee |
Permalink
The Word of Mouth Marketing Association ( WOMMA) recently released its Perspective on Privacy, a draft of preliminary recommendations designed to help brands incorporate privacy protections into their company's culture.
read more
|
|
October 24, 2011 4:52 PM | Posted by John Um |
Permalink
The Federal Trade Commission (FTC) announced a settlement with Frostwire LLC, a company that offers two free peer-to-peer file-sharing applications (“FrostWire Desktop” for PCs and “FrostWire for Android” for Android mobile devices). The FTC alleged that Frostwire’s software likely would cause consumers to unwittingly expose sensitive personal files stored on their mobile devices, and that it misled consumers about which downloaded files from their desktop and laptop computers would be shared with a file-sharing network.
read more
|
|
October 19, 2011 5:06 PM | Posted by Jill Westmoreland |
Permalink
The collection of information through mobile apps has been the topic of new federal legislation, Congressional hearings, and several class action lawsuits. On October 17, the Mobile Marketing Association (MMA), the global trade group for the mobile industry, released guidance in the form of an annotated privacy policy for mobile app developers. The MMA is seeking public comment on the guidance until November 18.
read more
|
|
August 31, 2011 3:21 PM | Posted by Michael Ridgway Jones |
Permalink
In the FTC’s first case involving mobile apps, the FTC announced on August 15 that a mobile app developer has agreed to pay $50,000 to settle FTC charges that it violated the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule (16 C.F.R. § 312). The settlement also requires the defendants to refrain from future violations of the COPPA Rule and to delete all personal information collected in violation of the Rule.
read more
|
|
August 8, 2011 10:02 AM | Posted by James Taylor, Ken Florin and Ieuan Jolly |
Permalink
Bills limiting the use of geolocation information collected from mobile and other devices were introduced in both chambers of Congress in June. The Location Privacy Protection Act of 2011 (S. 1223) and the Geolocation Privacy and Surveillance (GPS) Act (H.R. 2168, S. 1212) both would limit the collection and use of data by mobile device manufacturers and others. In addition, The GPS Act would also prevent law enforcement from obtaining this data without a warrant.
read more
|
|
July 19, 2011 1:49 PM | Posted by Loeb & Loeb LLP |
Permalink
Loeb & Loeb's Advanced Media and Technology Group is proud to present the latest installment in our Media MindShare Thought Leadership Series, a collection of video interviews with Loeb & Loeb clients and attorneys discussing social media, mobile marketing, privacy, behavioral advertising and other issues of interest to Fortune 500 advertisers and advertising agencies.
read more
|
|
July 13, 2011 4:06 PM | Posted by Loeb & Loeb LLP |
Permalink
On June 29, 2011, Judge James Ware of the U.S. District Court for the Northern District of California denied Google’s motion to dismiss the complaints alleging that Google intentionally designed its Street View data collection system to capture not only panoramic images of streets, but individuals' data (including usernames, passwords and personal emails) sent across Wi-Fi networks. The complaints allege violations of the federal Wiretap Act, state wiretap statutes, and the California law.
read more
|
|
June 29, 2011 5:39 PM | Posted by Jessica Lee |
Permalink
The FTC finalized its settlement of privacy charges it brought against online advertising company Chitika, Inc. Chitika, acting as a go-between for websites and advertisers, placed cookies on consumers’ browsers to target ads towards each consumer’s interests.
read more
|
|
June 14, 2011 11:12 AM | Posted by Ken Florin and James Taylor |
Permalink
The Digital Advertising Alliance (DAA), a self-regulatory alliance of the largest media and marketing companies, has released a list of the first 100 participants in the alliance’s self-regulatory Program for Online Behavioral Advertising. A statement released by DAA member associations confirms that nine of the 10 largest ad networks, including AOL, Google, Microsoft and Yahoo!, are participating fully in the program. A web page on the DAA’s website, www.aboutads.info, lists the names of confirmed participants, including some of the most prominent brand names in the automotive, airline, finance, publishing, telecommunications and technology industries, as well as several well-known consumer products brands. An additional 90 companies have registered and are preparing for implementation of the Program.
read more
|
|
May 12, 2011 11:30 AM | Posted by Ieuan Jolly |
Permalink
|
|
May 2, 2011 11:58 AM | Posted by Jill Westmoreland |
Permalink
Class action lawsuits have been filed against social networking sites Twitter and MySpace in federal district court, alleging violations of the Telephone Consumer Protection Act (“TCPA”). According to the Twitter complaint, plaintiffs signed up to receive text messages from Twitter. Later, plaintiffs decided to terminate the text message program by texting “STOP” in response to one of the texts from Twitter. Twitter then sent a text message to plaintiffs confirming that they had opted-out of receiving future text messages.
read more
|
|
April 22, 2011 1:39 PM | Posted by Ieuan Jolly |
Permalink
On April 12, Senators John Kerry (D-MA) and John McCain (R-AZ) introduced the Commercial Privacy Bill of Rights Act of 2011 ( S. 799). The bill would require “covered entities” to (1) provide notice of their data collection practices and to disclose the purposes for the data collection; (2) provide an opt-out mechanism for “covered information” and an opt-in mechanism for sensitive information; (3) establish procedures for safeguarding data; (4) and implement privacy protections throughout the life cycle of a product (“privacy by design”). The bill does not contain a “do not track” provision.
read more
|
|
April 15, 2011 2:13 PM | Posted by Jill Westmoreland |
Permalink
California has become the first state to introduce legislation aimed at providing internet users with a method to prevent the collection and use of certain personal information, including personal identifiers, and online search and browsing habits. The new legislation, S.B. 761, was introduced by Sen. Alan Lowenthal and mirrors the federal “Do Not Track” legislation ( H.R. 654) introduced by Rep. Jackie Speier in February 2011.
read more
|
|
March 1, 2011 2:19 PM | Posted by Ieuan Jolly |
Permalink
When the Federal Trade Commission (FTC) issued its privacy report in December 2010, it discussed the possibility of providing consumers, in a uniform and comprehensive way, the choice of whether to allow the collection and use of data regarding their online searching and browsing activities. However, the Commission admitted that it lacked the authority to establish such a requirement without Congressional authorization. A bill introduced by Rep. Jackie Speier (D-CA) would provide the necessary authorization.
read more
|
|
February 18, 2011 3:17 PM | Posted by Loeb & Loeb LLP |
Permalink
Loeb & Loeb's Advanced Media and Technology Group is proud to present our Media MindShare Thought Leadership Series, a collection of video interviews with Loeb & Loeb clients and attorneys discussing social media, mobile marketing, privacy, behavioral advertising and other issues of interest to Fortune 500 advertisers and advertising agencies.
read more
|
|
October 29, 2010 9:47 AM | Posted by Nathan Hole |
Permalink
In comments late last week, FTC Commissioner Julie Brill commended the self-regulatory efforts of industry groups regarding online behavioral (or “interest-based”) advertising, but strongly reinforced the need for ongoing monitoring to ensure the self-regulatory regime adequately protects consumers. Commissioner Brill’s comments come in the wake of increasing media coverage of and legislative attention to behavioral advertising (two bills are pending before Congress), and on the heels of the recently announced second phase of industry self-regulation by the newly formed Digital Advertising Alliance (the “DAA,” consisting of the 4As, the AAF, ANA, DMA, and IAB).
read more
|
|
September 21, 2010 10:47 AM | Posted by Nerissa Coyle McGinn |
Permalink
Another ad-serving company, Specific Media, has been sued for allegedly re-creating cookies previously deleted by users. The class action complaint, filed in federal district court in California, alleges that Specific Media and its affiliates store tracking data on users’ computers using the Adobe Flash Media Player rather than storing them the traditional way – in internet browser cookies – making it difficult for computer users to delete.
read more
|
|
August 4, 2010 10:35 AM | Posted by Seth Rose |
Permalink
In testimony before a Senate subcommittee, Jessica Rich, Deputy Director of the FTC’s Bureau of Consumer Protection, said that the FTC is closely monitoring social networking sites and the mobile arena as part of its efforts to protect teens in the digital environment. Rich stated that teens tend to be more impulsive than adults and may not always think about the consequences of sharing information online and, as a result, may divulge more information online than they should.
read more
|
|
July 8, 2010 6:09 PM | Posted by Tamara Carmichael |
Permalink
As we mentioned in June, the FTC is currently reviewing its Rule relating to the Children’s Online Privacy Protection Act (COPPA) to determine if it adequately protects children given the rapid changes in technology and the way children use and access the Internet, for example, through use of mobile phones, Twitter, interactive games and other new media. The Commission announced that due to a technical glitch it is extending the deadline for submission of comments to July 12.
read more
|
|
June 11, 2010 2:57 PM | Posted by Jill Westmoreland |
Permalink
|
|