Photo of Charley Lozada

On Thursday, the Digital Advertising Alliance (“DAA”) announced that it will enforce its previously issued “Application of Self-Regulatory Principles to the Mobile Environment” (the “Mobile Guidance”) beginning September 1, 2015.

Although the Mobile Guidance was initially issued in July 2013, enforcement was delayed pending the DAA’s implementation of

On October 28, the Online Interest-Based Advertising Accountability Program (Accountability Program), released five decisions in which the website operators  have agreed to update their respective websites to provide enhanced notice as required under the Self-Regulatory Principles for Online Behavioral Advertising (OBA Principles).  The Accountability Program enforces the OBA Principles on

This past month, the European Union’s Article 29 Data Protection Working Party (the “Working Party”) issued the Working Document 02/2013 providing new guidance on obtaining consent for cookies (“Working Document”). The Working Document sets forth various mechanisms which can be utilized by websites to obtain consent

Law Targets Sites and Mobile Apps Directed to Minors, Offers “Online Eraser”     

Likely to Have Nationwide Effect

On July 1st of this year, new amendments to the Children’s Online Privacy Protection Act Rule (COPPA Rule) came into effect, with perhaps the most pronounced changes being the expansion of COPPA

California Assembly Member, Bonnie Lowenthal, recently introduced the “Right to Know Act of 2013” (AB 1291), which would require any company that retains a  California resident’s personal information to provide a copy of that information to that person, free of charge, within 30 days of the request. The company would also have to disclose a list of all third parties with whom it has shared the resident’s data during the previous 12 months, the contact information of such third parties, and the types of personal information that was shared. In contrast to the existing Shine the Light Act, this legislation would not be limited to data sharing for direct marketing purposes, and would not provide exceptions for companies that maintain an opt-in or opt-out policy for data sharing.  Moreover, the legislation’s definition of “personal information” is broader, and includes data such as online usage information. Also, the legislation would apply to businesses even if they do not have a direct relationship with the California resident, such as data aggregators and online ad networks.  Additional requirements also exceed what is present in the existing law.  If a company does not comply, California residents would be empowered to file a civil suit to force compliance. The law does not distinguish between brick-and-mortar businesses and online companies.