Archives: Policy and Regulatory Positioning

Subscribe to Policy and Regulatory Positioning RSS Feed

China Prohibits Unverified Internet Users to Post Online Comments

On August 25, 2017, the Cyberspace Administration of China (“CAC”) issued the Administrative Provisions for Services concerning Internet Comment Posting (the “Internet Comment Posting Provisions”) and the Administrative Provisions for Services concerning Internet Forums and Communities (the “Internet Forum and Community Services P… Continue Reading

Draft Cybersecurity Legislation Would Impose Substantial New Obligations on Vendors Selling Interconnected Devices to the U.S. Government

On Tuesday, August 1, 2017, a bipartisan group of four Senators from the Senate Cybersecurity Caucus introduced legislation designed to improve the cybersecurity of devices purchased by the U.S. government and – albeit indirectly – sold anywhere in the U.S. or the world.

The legislation – the “Internet of Things (IoT) Cybersecurity Improvemen… Continue Reading

How to Use the GDPR as Your Competitive Advantage: Focus on the Carrot, Not the Stick

How to use the GDPR as Your Competitive Advantage: Focus on the Carrot, Not the Stick

Ample bandwidth has been eaten by panicky commentary over the fines possible under the EU’s upcoming General Data Protection Regulation (GDPR). Sure, the GDPR arms EU data protection authorities with a hefty compliance stick. Yet the focus on exorbitant fines seems a bi… Continue Reading

The Chinese Government Issues Draft Cybersecurity Regulations to Protect Critical Information Infrastructure

On June 10, 2017, the Cyberspace Administration of China (the “CAC”) released the Draft Regulations on the Security Protection of Critical Information Infrastructure (the “Draft Regulations” 《关键信息基础设施安全保护条例(征求意见稿)》). The CAC is seeking public comments with a deadline of August 10, 201… Continue Reading

FCC Proposes New Systems to Reduce Illegal Robocalls and Announces Fine Against Autodialing Platform

The Federal Communications Commission (FCC) marked another step in its effort to curtail illegal robocalls. During its recent Open Meeting, the FCC approved Notices of Inquiry (NOIs) into Call Authentication methods and into Advanced Methods to Target Unlawful Robocalls that, respectively, seek input on efforts to institute a caller ID-based “Tru… Continue Reading

(Connected) Toy Story: The FTC Updates the COPPA Compliance Plan

The Federal Trade Commission (“FTC”) recently issued an updated “Six-Step Compliance Plan for Businesses” (“Compliance Plan”) for entities subject to the Federal Children’s Online Privacy Protection Act (“COPPA”), 15 U.S.C. §§ 6501-6506, to “reflect developments in the marketplace—for example, the introduction of int… Continue Reading

Data-Driven Marketing and the GDPR: the Data Brokers’ Conundrum

The digital marketing industry is powered by information about individuals (“personal data”) that pulses through a supply web. As this FTC infographic shows, some industries such as retail, energy, financial services, and health care, have direct relationships with those individuals. Other industries, such as data marketing, generally are at l… Continue Reading

FCC Reinstates CPNI Privacy Regulations (and Compliance Filing Obligations) for Telecom and VoIP Service Providers

In a recent order, the FCC has reinstated its customer proprietary network information (“CPNI”) rules governing the privacy obligations of voice service providers under Section 222. This action follows the Congressional repeal of the FCC’s 2016 Privacy Order that had extended CPNI regulations to broadband internet access services. As a result… Continue Reading

Tick Tock Tick Tock, When a Breach Occurs, You’re on the Clock!

As a reminder that state attorneys general have enforcement authority over breach notifications, the New York Attorney General recently announced a $130,000 settlement for a failing to provide breach notification in a reasonable time. Organizations should ensure that they are prepared to quickly provide required notifications in the event of a breac… Continue Reading

Private Right of Action Under Canadian Anti-Spam Legislation Suspended Indefinitely

On June 7, 2017, the Canadian government announced that it is suspending indefinitely the private right of action provided for by Canada’s Anti-Spam Legislation (“CASL”), which sets forth the country’s regime of disclosures, consent, and unsubscribe requirements for commercial electronic messages and installation of computer programs, w… Continue Reading

White House Releases Cybersecurity Executive Order

On May 11, 2017, the White House released its long-awaited Executive Order on cybersecurity (EO). The EO directs Executive Branch agencies to develop plans to assess and improve the cybersecurity of their own operations, based on the 2014 NIST Cybersecurity Framework; directs law enforcement and national security agencies to work with providers of cri… Continue Reading

It’s Official: Privacy and Security Rules from Wheeler Era Repealed

On Monday, April 3, President Trump signed a bill repealing the privacy and security rules introduced in the FCC’s October 2016 Order.  Under the terms of the Congressional Review Act (CRA), those rules have now been entirely repealed, the FCC is restricted from implementing “substantially similar” rules in the future, and the congressional act… Continue Reading

New FCC Stays ISP Data Security Rules from Wheeler Era

On Wednesday, the Chairman Pai-led FCC adopted an Order granting a stay of the data security rules that were adopted as part of the Commission’s 2016 Privacy Order spearheaded by former FCC Chairman Wheeler. The stay will maintain the data security rules that have been in place for several years, but suspend implementation of the expanded data security r… Continue Reading

New FCC Chairman Moves to Roll Back Privacy Rules for Internet Service Providers

Ever since the presidential election and the replacement of former Obama administration FCC Chairman Tom Wheeler with former Republican commissioner and now Chairman Ajit Pai, communications industry and privacy policy observers of all stripes have expected the new FCC to roll back much or all of the agency’s pre-election (October 2016) privacy Ord… Continue Reading

Comments Sought of FCC Privacy Regime

On Friday, the Federal Register published the FCC’s January 17th Public Notice of the fact that eleven Petitions for Reconsideration were filed in the Broadband Privacy proceeding (WC Docket No. 16-106).  The Petitions challenge various aspects of the FCC’s new ISP privacy regime, and were filed by ISP and cable trade groups as well as by advertiser… Continue Reading

Webinar Recording: FCC’s New Privacy Rules (Part 2)

Notice, Choice, and Prospects in the New Administration

The FCC adopted new privacy and security rules for telecommunications carriers—including ISPs—on October 27. In this second of two webinars in DWT’s series examining the rules, DWT experts analyzed the core Notice and Choice rules’ requirements, provided perspectives on differences w… Continue Reading

Webinar Recording: FCC’s New Broadband Security Rules (Part 1)

Do you know what’s required to comply with the Federal Communications Commission’s new broadband security and data breach rules?

DWT experts in the privacy and communications fields walked through the answers step-by-step in the first of two webinars examining the FCC’s privacy regime in-depth. We described the

  • phase-in schedule for the rules
  • e
Continue Reading

Compliance Clock Begins to Tick for BIAS Providers Following Publication of Privacy Rules in the Federal Register

The FCC’s new privacy rules were published in the Federal Register last Friday, December 2, 2016.  The publication of these rules initiates the period in which broadband ISPs must come into compliance with the agency’s sweeping new rules.

As summarized in our prior posts, the FCC’s Privacy Order, adopted Nov. 2, 2016, imposes broad new rules that a… Continue Reading

The FCC Privacy Rules: What You Need to Know

Webinar
login details will be provided following registration

Following the approval of the FCC’s new privacy rules on October 27, ISPs need to address a number of issues, including opt-ins and opt-outs as well as information security programs. To help you prepare, the DWT team has prepared a two-part webinar series.

FCC Privacy Rules, Part 1: PlanContinue Reading

Hotly Anticipated Broadband Privacy Order Released by FCC

On Nov. 2, 2016, the FCC released its long-awaited broadband privacy Order and rules by a 3-2 vote. The Order comes nearly 18 months after the Commission moved to reclassify broadband internet access service (“BIAS”) as a common carrier telecommunication service under Title II of the Communications Act, and over the strenuous dissent of both Republi… Continue Reading

Feeling Lost in a Storm After Suffering a Data Breach?

The FTC Issues Guidance on How to Batten Down the Hatches

 

When faced with a data breach, it’s easy for companies to feel like they’re attempting to navigate a storm without a rudder.

To provide a guiding light to companies, the Federal Trade Commission (“FTC”) recently issued a guide for businesses, with an accompanying video and blog post, o… Continue Reading

FCC Releases Text of Broadband ISP Privacy Rules

The Federal Communications Commission released the full text of its anticipated privacy rules for internet service providers (ISPs), telecommunications carriers, and interconnected VOIP providers.

Broadly speaking, these rules require covered providers to:

  1. notify customers of their uses of data;
  2. permit customers to opt-in to uses of sensitive da
Continue Reading

It’s Official: The FCC Has Adopted New Privacy and Security Rules for ISPs Following a 3-2 Vote Along Partisan Lines

DWT is committed to providing the latest updates on the FCC’s privacy rules. Please see our special blog post series on the FCC’s new privacy rules.

Today, the FCC formally adopted on a 3-2 party-line vote an order that enacts a new privacy and security regime for Internet service providers (ISPs).  While it may be several days before the official orde… Continue Reading

LexBlog