Tag Archives: do-not-track

Ad and Publishing Industries Confront CCPA Challenges While Congress Considers Privacy

By Alan L. Friel on May 29, 2019 Posted in CCPA

The California Consumer Privacy Act (CCPA), effective Jan. 1, 2020, will require more privacy transparency and choice for consumers than they have ever had under U.S. law, but its approach to providing consumers with the right to opt out of a sale of their personal information threatens to disrupt the third-party digital advertising ecosystem. Most … Continue Reading

New CA Privacy Disclosure Requirements Clarified By AG

By Alan L. Friel on May 22, 2014 Posted in Mobile Privacy

California has a number of privacy notice requirements for businesses collecting data from California residents, including as of January 1 of this year a requirement that websites, mobile apps and online services make certain disclosures regarding how they respond to browser and other “do not track signals” and regarding the presence and functionality of tracking … Continue Reading

Second Circuit Rejects Strict Liability But Imposes Reasonable Care Standard on Disclosure of Personal Motor Vehicle Information

By Judy Selby on August 6, 2013 Posted in Information Security

In a lengthy opinion that closely examined the legislative history of the Driver’s Privacy Protection Act (DPPA), the Second Circuit refused to impose strict liability on data brokers and resellers of personal information sourced from motor vehicle records. Eric Gordon v. Softech, et al., 12-661-cv (2d Circuit July 31, 2013). The court did hold, however, … Continue Reading

FTC’s Olhausen: Privacy Through a Competition Lens

By William Weber on October 18, 2012 Posted in Online Privacy

Earlier this week, Maureen Olhausen, the Federal Trade Commission’s newest commissioner, shared her perspective on “The Federal Role in Privacy: Getting It Right” in a discussion at the Hudson Institute, a conservative-leaning think tank in Washington, DC. Her straightforward comments indicated she intends to take a cautious and holistic approach toward any expansion of the … Continue Reading

Congressional Update on Data Privacy & Security

By William Weber on July 2, 2012 Posted in Data Breaches, Online Privacy

The rumors of the death (or at least “dearth” — of activity) of the 112th Congress are somewhat exaggerated, to morph a phrase from Mark Twain; at least regarding the last couple weeks prior to the Independence Day recess. Not only did Congress pass major legislation related to the FDA, transportation programs and student loans … Continue Reading

FTC Issues Final Report with Guidance on Companies’ Online Privacy Practices

By Craig A. Hoffman on April 3, 2012 Posted in Children’s Privacy, Enforcement, Federal Legislation, Online Privacy

Fifteen months after releasing its preliminary report, the Federal Trade Commission released its final Report, “Protecting Consumer Privacy in an Era of Rapid Change: A Proposed Framework for Business and Policymakers.” The much anticipated final report went further than the preliminary report by now calling for Congress to enact general privacy, data security and breach … Continue Reading

Key Government and Industry Leaders Discuss Data Privacy at IAPP Summit

By William Weber on March 13, 2012 Posted in Behavioral Advertising, Children’s Privacy, Enforcement, Mobile Privacy, Online Privacy

Last week in Washington, DC, officials from the U.S. Federal Trade Commission, the Department of Commerce, major trade associations and key stakeholders from around the world gathered at a global privacy summit convened by the International Association of Privacy Professionals. During the two day conference, panels covered a broad range of topics from mobile device … Continue Reading

Online Privacy and Data Security Legislation Update — 2011 Year in Review

By Craig A. Hoffman on December 28, 2011 Posted in Children’s Privacy, Cybersecurity, Federal Legislation, Online Privacy

The end of 2010 featured the Department of Commerce citing the need for a Privacy Bill of Rights in its green paper and the FTC's preliminary online privacy report discussing the need for a Do Not Track mechanism. The momentum generated by these reports led to the introduction of multiple versions of Do Not Track and comprehensive privacy rights bills in early 2011. By mid-2011, at least five different data security and breach notification proposals were circulating in the wake of high profile data breaches. Reports about location based tracking led to the introduction of geolocation privacy and surveillance bills. Proposed amendments to the Children's Online Privacy Protection Act, Electronic Communications Privacy Act, and Video Privacy Protection Act were also made. And by the end of 2011, several cybersecurity bills designed to protect critical infrastructure had been introduced. Even though Congress held hearings on privacy issues, subcommittees approved several bills, and there was support from the Obama administration for comprehensive privacy legislation, as many expected, however, none of these bills were enacted when the first session of the 112th Congress adjourned December 18. The safe prediction for 2012 is more of the same--a lot of proposals but no consensus. It is certainly possible that another high profile data breach or cyberattack against a utility or government contractor could create enough urgency to force a consensus. However, numerous high profile breaches (Epsilon, Sony, Citi, RSA, Lockheed Martin and several health care providers), hactivist attacks against government security contractors (IRC Federal and HBGary), and reports about how the "weaponized" Stuxnet virus caused centrifuges in an Iranian nuclear facility to spin wildly out of control were not enough in 2011. We certainly expect to see data breach notification, comprehensive privacy, and cybersecurity bills addressed again in 2012. We may also see narrower bills aimed at online and location based tracking as well as Children's privacy. Emerging technology, including mobile payments and facial recognition, may also garner legislative attention. Below is a round-up of the 2011 privacy and data security legislative proposals, including links to more detailed analysis from our blog posts during the year.… Continue Reading

Focus on Behavioral Advertising

By Craig A. Hoffman on August 26, 2011 Posted in Behavioral Advertising

As the FTC is evaluating its Dot Com Disclosures guidelines and Congress considers Do Not Track legislation, the debate over regulation of online advertising has intensified. On one side, opponents of new legislation explain how online advertising subsidizes many of the free services Internet users enjoy and point to studies showing that Internet advertising contributes … Continue Reading

Mobile App and Geolocation Data Roundup

By Craig A. Hoffman on May 25, 2011 Posted in Behavioral Advertising, Children’s Privacy, Mobile Privacy

A recent national survey of smartphone users, not surprisingly, revealed that privacy, transparency, choice, and control are important considerations for users. Indeed, many users indicated that they want more choices and easier access to controls regarding advertising tracking and geolocation data. Legislators and consumer advocacy groups are taking heed. On May 10, 2011, the Senate … Continue Reading

Senator Rockefeller Introduces Do-Not-Track Legislation

By Craig A. Hoffman on May 13, 2011 Posted in Behavioral Advertising, Federal Legislation

Similar to the bill introduced by Rep. Jackie Speier in February 2011, Sen. John Rockefeller (D-WV) introduced the Do-Not-Track Online Act of 2011 on May 9, 2011. Sen. Rockefeller announced that the bill would offer a “simple, straightforward way for people to stop companies from tracking their movements online.” The FTC would be given one … Continue Reading

Speier Introduces “Do Not Track Me Online Act of 2011”

By Craig A. Hoffman on February 14, 2011 Posted in Behavioral Advertising, Federal Legislation, Financial Privacy, Online Privacy

The FTC—in its December 2010 online privacy report and testimony before Congress—discussed the need for a browser-based “Do Not Track” mechanism to give consumers greater control over behavioral advertising. Under the “Do Not Track Me Online Act of 2011” (H.R. 654)—introduced by Rep. Speier (D-CA) on February 11—the FTC will have 18 months to establish … Continue Reading

Noteworthy Data Privacy and Information Security Events in 2010

By Craig A. Hoffman on December 31, 2010 Posted in Behavioral Advertising, Breach Notification, Data Breach Notification Laws, Enforcement, Federal Legislation, Financial Privacy, HIPAA/HITECH, Information Security, Medical Privacy, Online Privacy

The two events that drew the most attention in 2010, both of which occurred at year-end, were reports from the FTC and the Department of Commerce. Below is a brief summary of those two reports and other issues drawing attention in the past year: (1) FTC Issues Long-Awaited Consumer Privacy Policy Report On December 1, … Continue Reading

“Advertising Option Icon” Will Allow Opt-Out of Online Tracking

By Craig A. Hoffman on October 5, 2010 Posted in Behavioral Advertising, Enforcement

A coalition of advertising trade groups launched a new online behavioral advertising (“OBA”) opt-out program on October 4, 2010, to build on the self-regulatory principles they released last summer. The program, which is explained on the group’s website, features an “Advertising Option Icon” that can be placed near online ads that collect data used to … Continue Reading