In the days leading up to Tuesday’s State of the Union address, President Obama has been previewing his Administration’s communications and technology priorities for 2015, including calling for an end to state laws that restrict municipal broadband deployments and new steps to promote cybersecurity.
Continue Reading

On October 28, 2014, the Federal Communications Commission (“FCC” or the “Commission”) announced that it had joined the Global Privacy Enforcement Network (“GPEN”), a network of privacy enforcement and regulatory bodies from around the world that engages in collaboration and coordination on cross-border privacy enforcement actions.


Continue Reading

Compliance with a carrier’s CPNI certification obligations has provided steady fodder for this blog, with the annual Omnibus CPNI fines, unusual settlements and consistent enforcement focus from the FCC’s enforcement bureau.  With the start of a new year, the CPNI season begins anew.  Yeasterday, the FCC unofficially kicked off the 2012 CPNI certification season with

Back in 2007, in response to the pretexting controversy, the FCC strengthened its CPNI rules to require telecommunications carriers to authenticate a subscriber’s identity before providing call detail information.  The FCC rules required carriers to authenticate customers with a password or some other information that does not rely upon "readily available biographical information" before

Jameson Dempsey co-authored this blog post.

Hot on the heels of its recent lawsuit against Delta Airlines for alleged violations of the California Online Privacy Protection Act (“CalOPPA”), today the California Attorney General’s Privacy Enforcement and Protection Unit released its highly anticipated mobile privacy report, Privacy on the Go: Recommendations for the Mobile Ecosystem. The report, developed in collaboration with a wide array of industry stakeholders, provides a series of specific recommendations designed to promote “surprise minimization” for users of mobile applications.


Continue Reading

Barbara Miller co-authored this post.

A few years back, the use of deep packet inspection software – software that examines individual data packets in a broadband transmission – to deliver targeted advertising was a hot topic in regulatory and privacy circles.  Those activities spawned a series of cases against the DPI companies and their Internet Service Provider (“ISP”) partners.  In one such case, the ISP just won an important victory closing a potentially troublesome area of liability.  On December 28, 2012, in Kirch v. Embarq Management Co,  the Tenth Circuit held that an ISP was not liable under the Electronic Communications Privacy Act of 1986 (“ECPA”) for authorizing an online advertising company to collect and use certain customer electronic information for the purpose of targeted direct online advertising.  This ruling effectively ends this particular case against Embarq and likely will close a chapter in the deep-packet inspection saga.  However, because the Tenth Circuit’s finding is closely tied to the facts of this case, ISPs should carefully consider potential liability under the ECPA for any actions involving the collection of customer information for purposes other than provision of ISP services.


Continue Reading

Days before tomorrow’s Federal Trade Commission (FTC) Workshop on Mobile Disclosures, the FCC weighed in with a pair of releases on privacy and security issues raised by mobile devices.  In the first item released on Friday, the FCC is seeking to refresh its record regarding the privacy and data security practices of mobile wireless service providers in light of recent disclosures concerning software developed by CarrierIQ.  The FCC’s Public Notice seeks to update the record in a five-year-old rulemaking proceeding addressing carrier obligations in connection with devices that function on their networks.  In the second item released, the FCC released its staff report on location-based services (LBS).  Consistent with the approach of the Administration and the FTC (as was discussed at our 4th Annual Privacy Seminar), the FCC focused on ways carriers can protect information from misuse or mishandling, transparency in carrier disclosures and maximizing consumer choice in the use of LBS.

Collectively, the releases demonstrate that the FCC will continue to work cooperatively with the FTC and the Administration (including the NTIA) to address privacy issues in the mobile market. The FCC appears to believe it has sufficient statutory authority to act on mobile and device privacy, with its emphasis being on its jurisdiction over carrier practices in connection with both services and devices.

Josh Guyan contributed to this post.
 


Continue Reading

On July 14, 2011, a joint House Energy and Commerce Subcommittee hearing focused on online privacy policy and perspectives of the ‘big three’ federal agencies with potential jurisdiction over online privacy – the Federal Trade Commission (FTC), the Federal Communications Commission (FCC), and the National Telecommunications and Information Administration (NTIA). The hearing, Internet Privacy: The

On January 21, 2011, Kelley Drye & Warren hosted the seminar and audiocast, "Privacy By Design, Choice, and Transparency: What a New Framework Will Mean for Business and Technology." The seminar highlighted key regulatory and legislative developments in privacy and information security law during the past year.

Click here to listen to the audio recording.

On January 20, Kelley Drye will host its 3rd annual privacy law seminar:
Privacy by Design, Choice and Transparency: What a New Framework Will Mean for Business and Technology.

As businesses strive to innovate and evolve using new technologies, federal agencies including the FTC and FCC, the Congress, and state regulators are increasing scrutiny on