The Supreme Court recently declined to review the Ninth Circuit’s decision in Zappos.com, Inc. v. Stevens, a class action suit resulting from a 2012 data breach of the online retailer. As a result, there remains a split in the courts as to whether a breach of data confers Article III standing on potential plaintiffs, even if no actual injury occurred.
Continue reading “U.S. Supreme Court Declines to Hear Zappos Data Breach Case”
As part of the FTC’s Hearings on Competition and Consumer Protection in the 21st Century, the Commission will hold a two-day hearing on April 9–10 at the Constitution Center (400 7th Street SW in Washington D.C.). The FTC has received 40 comments already and will continue receiving comments until May 31, 2019.
The Federal Trade Commission (FTC) issued two Notices of Proposed Rulemaking (NPRMs) seeking comment on proposed amendments to the Gramm–Leach–Bliley Act (GLBA) Safeguards Rule and Privacy Rule. The comments are due 60 days after the NPRM is published in the Federal Register. The NPRMs accomplish two things. First, they address comments received several years ago when the FTC sought review of these rules pursuant to its periodic review of FTC rules and guides. Second, it proposes to amend both rules and seeks comments on those amendments.
Continue reading “Thoughts on GLB Safeguards Rule and Privacy Rule? FTC Awaits Your Comments”
As previously reported, the National Institute of Standards and Technology (NIST) is developing a voluntary Privacy Framework in collaboration with private- and public-sector stakeholders. The goal is to help organizations better identify, assess, manage, and communicate their privacy risks. Other benefits anticipated from this project are fostering the growth of innovative approaches to protecting individual privacy and creating greater trust in products and services that may use the Framework once it is established.
The end of February marked the beginning of Drinker Biddle’s nine-part webinar series on the new California Consumer Privacy Act of 2018 (CCPA) — one of the most significant data privacy laws in the United States.
Compliance with the new law will require considerable knowledge and effort. Our webinar series delves into the complex details and strategies that companies doing business in the state need to know. The series will feature a panel of CCPA professionals from Drinker Biddle’s Information Privacy, Security and Governance team, including Peter Blenkinsop, Jeremiah Posedel, Reed Abrahamson, and others.
The first webinar held on February 27 provided a comprehensive overview of the CCPA, including the obligations and limitations imposed on businesses that collect and process personal data of California residents, the rights of such residents, and the enforcement mechanisms and potential penalties available under the act. The DBR team also highlighted some key open issues that will hopefully be addressed or clarified by California regulators before the law becomes operative on January 1, 2020. For those who were unable to attend, a recording of the webinar and a copy of the presentation materials are available here.
The GAO recently concluded a comprehensive analysis of the U.S. federal regulatory landscape with respect to internet privacy, specifically focusing on FTC and FCC enforcement actions and authorities. GAO interviewed representatives from industry, consumer advocacy groups, academia, FTC and FCC staff, former FTC and FCC commissioners, and officials from other agencies. (See page 40 of the GAO report for a complete list of those interviewed.) GAO recommends that Congress consider developing comprehensive legislation on internet privacy that would enhance existing consumer protections and provide flexibility to address a rapidly evolving privacy environment.
Continue reading “GAO Report Recommends Congress Consider Comprehensive Privacy Regulation”
