Photo of Jessica Goldenberg

Last Thursday the Federal Communications Commission (FCC) issued an order confirming that companies must include opt-out instructions on all fax ads, even for recipients who previously agreed to receive a fax from the company. The order clarifies that solicited fax ads, like unsolicited ads, must also comply with the rules set forth in the FCC’s 2006 Junk Fax Prevention Order.  All fax ads must contain an opt-out notice that (1) is clear and conspicuous and on the first page of the ad, (2) states that the recipient may make a request to the sender not to send any future ads, and (3) contains a domestic phone and fax number so that the recipient has a contact for opt-out purposes.

On August 7, 2014 the PCI Security Standards Council issued new guidance to supplement PCI DSS Requirement 3.0 and help organizations reduce the risks associated with entrusting third-party service providers (“TPSPs”) with consumer payment information.  More and more merchants use TPSPs to store, process and transmit cardholder data or manage components of the entity’s cardholder data environment.  A number of studies have shown that breach is tied increasingly to security vulnerabilities introduced by third parties.  To combat such risk, a PCI special interest group made up of merchants, banks and TPSPs, together representing more than 160 organizations, created practical guidelines for how merchants and their business partners can work together to comply with the existing PCI standard and protect against breach.

In February of 2013, President Obama signed an executive order with the purpose of creating a cybersecurity framework (or set of voluntary standards and procedures) to encourage private companies that operate critical infrastructure to take steps to reduce their cyber risk (see our blog here). Critical Infrastructure Systems such as the electric grid, drinking water, and trains are considered vulnerable to cyber attack, and the results of such attack could be debilitating. The Departments of Commerce, Homeland Security, and Treasury were tasked with preparing recommendations to incentivize private companies to comply with heightened cybersecurity standards. On August 6, 2013 the White House posted its preliminary list of incentives encouraging the adoption of cybersecurity best practices.

As a growing number of states pass legislation which will protect individuals’ social media accounts from employer scrutiny, they have encountered a surprising adversary – FINRA and other securities regulators.

To date, at least six states have enacted social media employee privacy laws (which were blogged about here, here