Header graphic for print
Focus on Regulation

Category Archives: Privacy & Cybersecurity

Subscribe to Privacy & Cybersecurity RSS Feed

FTC Closes PayPal Investigation Over Telemarketing Rule and User Agreement

The Federal Trade Commission (FTC) has released a copy of a letter that it sent to PayPal stating that the agency was closing an investigation into potential Telemarketing Sales Rule (TSR) violations by the company.  This release provides important insights on how companies can design their user agreements to avoid TSR violations. As background, PayPal

Student Privacy and Drone Policy: Vote for Hogan Lovells at SXSW 2016

Austin, Texas is renowned for its live music scene, clean air, college vibe … and of course its technology conferences. Two Hogan Lovells Lawyers—Bret Cohen and Lisa Ellman—have made the list of finalists for panels at the South by Southwest group of conferences this upcoming March, to talk about Student Privacy and Domestic Drone Policy.

Government Contractor Asks U.S. Supreme Court for TCPA Relief Through Derivative Sovereign Immunity

Highlighting the intersection between government contracts, communications privacy, and class action litigation, the United States Supreme Court recently received a petition for a writ of certiorari asking it to rule on whether derivative sovereign immunity should be extended to a government contractor’s violation of the Telephone Consumer Protection Act (TCPA).  The Petitioner, Campbell-Ewald Co., was

Industry Recommends Market Solutions for Privacy, Cybersecurity, and Law Enforcement Access Challenges for the Internet of Things

The Internet of Things raises new concerns about privacy, security and law enforcement access.  Rather than develop new rules for new devices, industry experts convened during the 2014 Winnik International Telecoms & Internet Forum recommended allowing the market to try solve these challenges before the government steps in. In May 2014, the President’s Council of

TCPA Issues to Watch in 2014 / Upcoming Webinar Announced

In an ever-changing technological landscape, organizations are increasingly at risk under the Telephone Consumer Protection Act of 1991 (TCPA). The TCPA imposes restrictions on telemarketing and the use of automated telephone equipment, affecting any organization that engages with consumers through text messages, prerecorded calls, faxes, and other advanced technologies. Regulators and plaintiffs’ class-action attorneys are targeting alleged

French sunshine regulations: publication of the governmental order on the unique public website managed by the French authorities

The governmental order on the unique public website set up under the French sunshine regulations was published today. The order provides details on this website, managed by the French authorities, which will make available to the public the information to be reported by the industry under the sunshine regulations.

Significant Changes in Telemarketing Rules Go Into Effect on October 16, 2013

Businesses that use automated technologies to place telemarketing calls and messages have just over a month to assess and revise their current calling practices to avoid the risk of expensive, time-consuming lawsuits under new Telephone Consumer Protection Act (TCPA) rules enacted by the Federal Communications Commission (FCC).

FDA Seeks Enhanced Cybersecurity Risk Management Efforts, Including Premarket Submission Requirements, for Medical Device Manufacturers and Hospitals

Drawing on the increasing use of wireless, Internet- and network-connected medical devices, the Food and Drug Administration (“FDA” or “the Agency”) issued a draft guidance document for comment on June 14, 2013, proposing that manufacturers of medical devices that contain software, firmware, or programmable logic, address cybersecurity risks in premarket submissions.  The draft guidance, entitled,

FTC Issues Report on Emerging Mobile Payments Services

Phillip Berenbroick, an Associate in the D.C. office, contributed to this entry. There has been an explosion in the number and variety of mobile payment services available to consumers in the last couple of years, with new innovations and players growing exponentially.  New payments products, including peer-to peer-payments, mobile coupons, contactless options, and mobile wallets

Federal Court Certifies 60,000-Member Class in “Wireless Spam” TCPA Litigation against Insurance Company, for Actions of Its Marketing Vendors

In a decision with important implications for companies that hire outside marketing firms, a federal judge has certified a class of nearly 60,000 individuals who allegedly received an unsolicited text message from a marketing company hired by Stonebridge Life Insurance Company. The plaintiff in Lee v. Stonebridge Life Insurance Company and Trifecta Marketing Company, LLC, 3:11-cv-00043 (N.D. Cal.) alleges

Review of issues for 2013

The following is a summary of some of the key issues Congress and the Administration will be debating in 2013. Please contact us with any questions. We are happy to provide further analysis as well as insight into other areas of interest. Agriculture: Tom Vilsack is expected to stay on as Secretary of Agriculture. The

California AG Sends Enforcement Letter to Developers of Popular Mobile Apps

On Tuesday, October 30, the Office of California Attorney General Kamala Harris issued a press release confirming that it had begun “formally notifying” mobile device application (“app”) operators that they are out of compliance with the notice provisions of the California Online Privacy Protection Act of 2003 (“CalOPPA”).  Those companies — many of which are major marketers — now

Senate Commerce Committee’s Probe of Fortune 500 Corporate Cybersecurity is Unprecedented; Responses Requested Oct. 19

Each of the 500 largest businesses in America has been asked by the Senate Commerce Committee to describe how it deals with cybersecurity, demonstrating that government’s focus on cybersecurity is not going away despite stalled legislative efforts.  On 19 September, Senator Jay Rockefeller (D-WV) sent an unprecedented letter to the chief executives of the 500 largest companies

FERC Establishes Office on Cyber Security

FERC has created an Office of Energy Infrastructure Security (OEIS).  According to FERC, the new office will concentrate in four areas: Developing recommendations for identifying, communicating and mitigating potential cyber and physical security threats and vulnerabilities to FERC-jurisdictional energy facilities using the Commission’s existing statutory authority; Providing assistance, expertise and advice to other federal and

FTC Speaks Out On Mobile App Advertising and Privacy

With the ever increasing use of mobile apps designed to do everything from shopping, to online banking, to managing medical conditions, the Federal Trade Commission (FTC) recently issued guidance for the marketing of mobile apps. The guidance is intended to help companies entering the mobile app business to comply with the agency’s truth-in-advertising standard and basic

Parties Divided Over FCC Involvement in Mobile Privacy

Parties that submitted comments and replies in response to a Federal Communications Commission (FCC) Public Notice on the privacy and security of information stored on mobile devices are deeply divided over whether the agency should pursue further action in the area.  The FCC proceeding follows up on a recent report from the agency on Location-Based

NIST Publishes Computer Security Incident Handling Guide

The National Institute of Standards and Technology (“NIST“) issued on August 8 an updated Computer Security Incident Handling Guide (NIST Special Publication 800-61, Rev. 2) (“Publication”). The Publication provides guidance to Federal agencies on detecting, analyzing, prioritizing, and handling computer security incidents. Like most NIST Special Publications, this guidance “may be used by nongovernmental organizations

CFPB to Supervise Credit Bureaus: Another Avenue for Enforcement of FCRA Privacy Protections

Under regulations adopted earlier this month by the Consumer Financial Protection Bureau (“CFPB”), the nation’s larger consumer reporting agencies (“CRAs”) will for the first time be subject to supervision at the federal level.  The new rules were issued pursuant to the CFPB’s authority under section 1024 of the Dodd-Frank Wall Street Reform and Consumer Protection

NTIA to Focus on Mobile App Transparency in First Privacy Multistakeholder Meeting

The National Telecommunications & Information Administration(NTIA) has announced that it will hold the first meeting in its long-awaited privacy  multistakeholder process on July 12, 2012.  According to NTIA, the goal will be “to develop a code of conduct to provide transparency in how companies providing applications and interactive services for mobile devices handle personal data.” For our analysis and summary of

FERC Gets a New View of the Wholesale Electric Markets

FERC issued a final rule approving new ongoing data reporting requirements for Regional Transmission Organizations and Independent System Operators.  The new rule will require the six RTO/ISOs – PJM, NYISO, ISO-New England, Midwest ISO, Southwest Power Pool, and the California ISO – to begin supplying FERC with a treasure trove of new, non-public transactional data

Hogan Lovells White Paper on Government Access to Cloud Data Released in Brussels on 23 May Gains Wide Attention

As widely reported yesterday (in Computerworld, CSO Magazine, CIO Magazine, Network World, PC Advisor, Australian Techadvisor, IT World, among others) and as detailed in this article in PC World, Hogan Lovells yesterday released a White Paper at a Brussels conference organized by the Openforum Academy detailing a study about governmental access to data in the cloud.  The paper was written

Hogan Lovells Winnik Forum Panel Examines Challenges of Security and Data Privacy in the Cloud

Leading experts in telecommunications law and policy gathered recently at the Hogan Lovells Winnik International Telecommunications and Internet Forum in Washington, D.C., with privacy and data security issues coming up frequently in all of the discussions. In the final panel of the Forum, Hogan Lovells partner Winston Maxwell convened a panel of corporate practitioners that