The California Supreme Court held on February 4, 2013 that the provision of the Song-Beverly Credit Card Act of 1971 (the “Act”) prohibiting retailers from requesting personally identifying information as a condition to processing credit card transactions does not apply to online purchases of electronically downloadable items. (Apple v.
FTC Issues Recommendations on Mobile Data Disclosures, Urges Mobile Industry To Act
By David Munkittrick on
Data use and sharing disclosures on mobile devices need work, the FTC said in a staff report released last week. The report recommends ways that actors in the mobile marketplace—such as mobile operating system providers, application developers, advertising networks, and analytics companies—can inform consumers of data collection and sharing practices. While the FTC tailors recommendations for each group, the recommendations are essentially focused on providing consumers with timely and understandable data use disclosures. If such disclosures do not materialize, FTC Chairman Jon Leibowitz said to reporters in a teleconference discussing the report, the mobile industry may face regulatory or legislative mandates.
FTC Revamps COPPA Rule
By Jeremy M. Mittman on
Two and a half years after initiating a review of the Children’s Online Privacy Protection Rule (the “Rule”), the Federal Trade Commission (FTC) announced on December 19, 2012 that the Rule will be amended to clarify perceived ambiguities and to strengthen the Rule’s protections for children who engage in online…
HIPAA/HITECH Final Rule: Significant Changes to Existing Regulations
By Ryan P. Blaney on
Recently announced changes to the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rule represent one of the most significant developments in health care privacy law in the past 10 years. Known as the final omnibus rule, the changes were announced by the U.S. Department of Health and …
Facebook and Netflix now “in a Relationship”; Obama Signs Bill Updating Video Privacy Law
By Jessica Goldenberg on
On January 10, 2013, President Obama signed into law H.R. 6671, an amendment to the Video Privacy Protection Act of 1988 (VPPA) codified at 18 U.S.C. § 2710, which will permit companies, such as Netflix, to obtain advance consent from consumers to automatically share their movie viewing history…
Massachusetts AGO Enters Into Another Settlement For Data Security Violations
By Amy Crafts on
For the fourth time since the Massachusetts data security regulations took effect in March 2010, the Massachusetts Attorney General’s Office (“AGO”) has settled allegations that Massachusetts-based entities violated the regulations. On January 7, 2013, Suffolk Superior Court approved consent judgments pursuant to which five entities agreed to collectively pay $140,000…
HHS Announces New Patient Privacy and Security Protections
By Ryan P. Blaney on
On January 17, 2013, U.S. Department of Health and Human Services Secretary Kathleen Sebelius announced the final omnibus rule that among other things (1) increases patient privacy protections; (2) provides individuals with new rights to receive a copy of their electronic medical record in an electronic form; and (3) provides…