Privacy and Information Security

Yesterday, FCC Chairwoman Jessica Rosenworcel circulated a Notice of Proposed Rulemaking (“NPRM”) with her colleagues on the Commission to update the agency’s rules for notifying customers and federal law enforcement of breaches involving customer proprietary network information (“CPNI”). According to a press release, the proposed “updates would better align the Commission’s rules with recent developments in federal and state data breach laws covering other sectors.”

The Chairwoman’s proposal is significant because it signals a potentially more active FCC in consumer protection as the Democrats solidify control of the agency following the Presidential transition and Chairwoman Rosenworcel’s elevation from Acting Chair to Chair. The scope of the proposal appears to be fairly narrow (based on the limited information currently available) but represents the second CPNI-related action proposed in the past three months. Once a fifth commissioner is confirmed, Chairwoman Rosenworcel may be able to press a broader consumer protection agenda for the agency.

Continue Reading Rosenworcel Moves to Update Data Breach Reporting Requirements Under CPNI Rules

Jameson Dempsey co-authored this blog post.

Hot on the heels of its recent lawsuit against Delta Airlines for alleged violations of the California Online Privacy Protection Act (“CalOPPA”), today the California Attorney General’s Privacy Enforcement and Protection Unit released its highly anticipated mobile privacy report, Privacy on the Go: Recommendations for the Mobile Ecosystem. The report, developed in collaboration with a wide array of industry stakeholders, provides a series of specific recommendations designed to promote “surprise minimization” for users of mobile applications.

Continue Reading California AG Kamala Harris Releases Privacy Guidelines for Mobile Apps

Days before tomorrow’s Federal Trade Commission (FTC) Workshop on Mobile Disclosures, the FCC weighed in with a pair of releases on privacy and security issues raised by mobile devices.  In the first item released on Friday, the FCC is seeking to refresh its record regarding the privacy and data security practices of mobile wireless service providers in light of recent disclosures concerning software developed by CarrierIQ.  The FCC’s Public Notice seeks to update the record in a five-year-old rulemaking proceeding addressing carrier obligations in connection with devices that function on their networks.  In the second item released, the FCC released its staff report on location-based services (LBS).  Consistent with the approach of the Administration and the FTC (as was discussed at our 4th Annual Privacy Seminar), the FCC focused on ways carriers can protect information from misuse or mishandling, transparency in carrier disclosures and maximizing consumer choice in the use of LBS.

Collectively, the releases demonstrate that the FCC will continue to work cooperatively with the FTC and the Administration (including the NTIA) to address privacy issues in the mobile market. The FCC appears to believe it has sufficient statutory authority to act on mobile and device privacy, with its emphasis being on its jurisdiction over carrier practices in connection with both services and devices.


Continue Reading FCC Seeks Comment on Privacy and Security of Information Stored on Mobile Phones and Other Devices

On February 16, 2012, Kelley Drye & Warren LLP hosted the seminar and audiocast, “Privacy in 2012: What to Watch Regarding COPPA, Mobile Apps, and Evolving Law Enforcement and Public Policy Trends.” The seminar highlighted regulatory and legislative developments in privacy and information security during the past year, with an emphasis on children’s online privacy

On July 14, 2011, a joint House Energy and Commerce Subcommittee hearing focused on online privacy policy and perspectives of the ‘big three’ federal agencies with potential jurisdiction over online privacy – the Federal Trade Commission (FTC), the Federal Communications Commission (FCC), and the National Telecommunications and Information Administration (NTIA). The hearing, Internet Privacy: The