Author: Katherine Armstrong (page 1 of 12)

Thoughts on GLB Safeguards Rule and Privacy Rule? FTC Awaits Your Comments

Share

The Federal Trade Commission (FTC) issued two Notices of Proposed Rulemaking (NPRMs) seeking comment on proposed amendments to the Gramm–Leach–Bliley Act (GLBA) Safeguards Rule and Privacy Rule. The comments are due 60 days after the NPRM is published in the Federal Register. The NPRMs accomplish two things. First, they address comments received several years ago when the FTC sought review of these rules pursuant to its periodic review of FTC rules and guides. Second, it proposes to amend both rules and seeks comments on those amendments.

Continue reading

FTC Settlement with Video Social Networking App Largest Civil Penalty in a Children’s Privacy Case

Share

The Federal Trade Commission (FTC) announced a settlement with Musical.ly, a Cayman Islands corporation with its principal place of business in Shanghai, China, resolving allegations that the defendants violated the Children’s Online Privacy Protection Act (COPPA) Rule.

Continue reading

GAO Report Recommends Congress Consider Comprehensive Privacy Regulation

Share

The GAO recently concluded a comprehensive analysis of the U.S. federal regulatory landscape with respect to internet privacy, specifically focusing on FTC and FCC enforcement actions and authorities. GAO interviewed representatives from industry, consumer advocacy groups, academia, FTC and FCC staff, former FTC and FCC commissioners, and officials from other agencies. (See page 40 of the GAO report for a complete list of those interviewed.) GAO recommends that Congress consider developing comprehensive legislation on internet privacy that would enhance existing consumer protections and provide flexibility to address a rapidly evolving privacy environment.

Continue reading

New Washington State Privacy Bill Incorporates Some GDPR Concepts

Share

A new bill, titled the “Washington Privacy Act,” was introduced in the Washington State Senate on January 18, 2019. If enacted, Washington would follow California to become the second state to adopt a comprehensive privacy law.

Similar to the California Consumer Privacy Act (CCPA), the Washington bill applies to entities that conduct business in the state or produce products or services that are intentionally targeted to residents of Washington and includes similar, though not identical size triggers. For example, it would apply to businesses that 1) control or process data of 100,000 or more consumers; or 2) derive 50 percent or more of gross revenue from the sale of personal information, and process or control personal information of 25,000 or more consumers. The bill would not apply to certain data sets regulated by some federal laws, or employment records and would not apply to state or local governments.

Continue reading

House Committee Staff Report Finds Equifax Data Breach Entirely Preventable, Provides Recommendations for Consumer Reporting Agencies

Share

After a 14-month investigation into the 2017 Equifax data breach, which was one the largest in U.S. history, the House Oversight and Government Reform Committee released a report in December.

Continue reading

EU-US Privacy Shield Second Review: Improvements Shown, but More to be Done

Share

The EU Commission published its second annual review of the functioning of the EU-US Privacy Shield, which focused on the commercial issues, human resources and data automated individual decision-making and developments in the U.S. legal framework.  This report follows the same general structure as the report on the first annual EU-US Privacy Shield review that we reported on last year.

Continue reading

Older posts

© 2019 Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

Disclaimer/Privacy Policy