On Thursday, the Digital Advertising Alliance (“DAA”) announced that it will enforce its previously issued “Application of Self-Regulatory Principles to the Mobile Environment” (the “Mobile Guidance”) beginning September 1, 2015.

Although the Mobile Guidance was initially issued in July 2013, enforcement was delayed pending the DAA’s implementation of

In the largest ever data security enforcement action taken by the Federal Communications Commission (FCC), AT&T agreed to pay $25 million to resolve an investigation into consumer privacy violations at its call centers in Mexico, Colombia, and the Philippines. The FCC announced the settlement on April 8, 2015, stating that phone companies are expected to “zealously guard” their customers’ personal information and encouraging the industry to “look to this agreement as guidance.”

Last month, a federal district court in the Northern District of California issued an order that may affect the policies of any company that records telephone conversations with consumers.

The trouble began when plaintiff John Lofton began receiving calls from Collecto, Verizon’s third-party collections agency, on his cell phone.  The calls were made in error – Lofton did not owe Verizon any money because he wasn’t even a Verizon customer – but Lofton decided to take action when he discovered that Collecto had been recording its conversations with him without prior notice.  Lofton brought a class action against Verizon under California’s Invasion of Privacy Act, theorizing that Verizon was vicariously responsible for Collecto’s actions because Collecto was Verizon’s third-party vendor and because Verizon’s call-monitoring disclosure policy did not require the disclosure of recordings in certain situations. Verizon filed a motion to dismiss, arguing that the recordings did not invade Lofton’s privacy and therefore did not run afoul of the statute. 

We’re all familiar with the ads that pop up on the side of our browsers, personalized to highlight things we might be interested in based on our web browsing activity.  Marketers and advertisers regularly track consumers’ online activities, interests and preferences and use the information they collect to create targeted ads, meant to appeal to individual consumers based on their behavioral profiles.  Some consumers have no objections to this type of targeted advertising, but others do not want their online activities monitored.  In response to privacy concerns raised by pervasive online tracking, the U.S. Federal Trade Commission endorsed the implementation of a Do Not Track (“DNT”) mechanism and the World Wide Web Consortium (“W3C”) has been working to develop a DNT technology standard that would allow users to control the tracking of their online activities. 

Data use and sharing disclosures on mobile devices need work, the FTC said in a staff report released last week.  The report recommends ways that actors in the mobile marketplace—such as mobile operating system providers, application developers, advertising networks, and analytics companies—can inform consumers of data collection and sharing practices.  While the FTC tailors recommendations for each group, the recommendations are essentially focused on providing consumers with timely and understandable data use disclosures.  If such disclosures do not materialize, FTC Chairman Jon Leibowitz said to reporters in a teleconference discussing the report, the mobile industry may face regulatory or legislative mandates.

On January 17, 2013, U.S. Department of Health and Human Services Secretary Kathleen Sebelius announced the final omnibus rule that among other things (1) increases patient privacy protections; (2) provides individuals with new rights to receive a copy of their electronic medical record in an electronic form;  and (3) provides

Ever on the forefront of consumer privacy protection, California is again making news in the privacy world with the California Attorney General’s recent publication of “Privacy on the Go: Recommendations for the Mobile Ecosystem,” which includes privacy recommendations for app developers, app platform providers, mobile ad networks, makers of operating systems and mobile carriers.  With this publication, California joins the FTC and the GSMA as entities that have published non-binding guidance with respect to mobile privacy (which we blogged about here and here, respectively).