Archives: Policy and Regulatory Positioning

Subscribe to Policy and Regulatory Positioning RSS Feed

California Consumer Privacy Act: A Rapid Q&A

California enacted the nation’s most extensive consumer privacy law on Thursday after only a week of legislative debate. The California Consumer Privacy Act of 2018 (“CCPA”) was passed quickly to prevent a privacy ballot initiative and creates extensive notice, opt-out/opt-in, access, and erasure rights for consumers vis-à-vis businesses that collect …

FTC Reminder: Websites and Online Services Subject to COPPA Must Honor Data Deletion Requirements

The Federal Trade Commission (FTC) recently reminded companies why record retention policies are important, especially when required to comply with the Children’s Online Privacy Protection Act (COPPA). In a blog post, titled “Under COPPA, data deletion isn’t just a good idea. It’s the law,” the FTC explained that …

Alabama and South Dakota to Join Breach Notification Club, with Oregon and Colorado Updating Approaches

Alabama’s breach notification law goes into effect June 1, 2018, bringing us one step closer to breach notification being the laws of the land from coast to coast. In March, Alabama and South Dakota, the final two holdouts, passed breach notification statutes which are both set to go into effect …

Federal Regulatory Agencies Advise on Cyber Insurance for Information Security Programs

Federal regulatory agencies, acting through the Federal Financial Institutions Examination Council (FFIEC), have issued guidance for financial institutions about the role of cyber insurance in risk management of information technology systems. See, e.g., FDIC FIL-16-2018 (April 10, 2018); OCC Bulletin 2018-8 (April 11, 2018).  The agencies—principally responsible for …

D.C. Circuit Rules on FCC’s 2015 TCPA Omnibus Order: A Mixed Bag

On Friday March 16, 2018 the D.C. Circuit issued its long awaited decision on various challenges to the Federal Communication Commissions (FCC) 2015 Omnibus Declaratory Ruling and Order (Omnibus Order) on the Telephone Consumer Protection Act (TCPA), based on claims the FCC exceeded its authority and was capricious and arbitrary …

Reinstated CPNI Regulations Require Providers to File Annual FCC CPNI Certification by March 1, 2018

As we previously advised, the Federal Communications Commission (FCC) reinstated its customer proprietary network information (“CPNI”) rules governing the privacy obligations of telecommunications and VoIP service providers under Section 222. As a result, the annual certification for calendar year 2017 must be filed with the FCC by March 1,

ICYMI in Cybersecurity and Data Breach

NC Data Breach Legislation Accounts for Ransomware Attacks

“Following an increase in reported state data breaches in 2017, North Carolina’s attorney general and a state representative introduced data breach legislation to better protect individuals,” HealthIT Security reports.

 

World Economic Forum: Cyber-Attacks Third Most Likely Global Risk in 2018

In …

Webinar | TCPA Update 2018: Current Compliance Challenges for Companies

Marc Roth and Ronnie London will be featured speakers on PLI’s upcoming one-hour briefing “TCPA Update 2018: Current Compliance Challenges for Companies” on February 6, 2018 from 1-2pm ET.

This important and timely presentation will provide a detailed analysis of how courts are interpreting the key aspects of the FCC’s …

FTC Issues Staff Report on Consumer Recognition of Paid Advertising

The Federal Trade Commission delivered the advertising industry an early holiday present in mid-December in the form of a staff report entitled “Blurred Lines: An Exploration of Consumers’ Advertising Recognition in the Contexts of Search Engines and Native Advertising.” The report is a summary of research conducted by the agency …

ICYMI: PrivSec’s Weekly News Picks

 

  1. Trump signs executive order to boost broadband internet development in rural US

Tech Republic reports that “the executive order may help bring internet to previously hard to reach areas, something several ISPs have been working towards.”  “A more connected country”, author Olivia Krauth reports, “could have several business implications. …

Don’t Miss Out: The Health Care Cloud Coalition Monthly Meeting With Guest Speaker Linda Sanches From the Office for Civil Rights

The Health Care Cloud Coalition is kicking off it’s 2018 Monthly Meeting Series next Thursday, January 18th at 1:00 p.m. Eastern with a presentation from Linda Sanches, the Senior Advisor for Health IT and Privacy Policy from the U.S. Department of Health and Human Services Office for Civil Rights …

ICYMI: PrivSec’s Weekly News Picks

Interactive Advertising Bureau Releases Technical Standard to Facilitate Disclosure and Consent in Digital Advertising

IAB Europe reported that it “presented a new technical standard to support the digital advertising ecosystem in meeting requirements relating to user consent under the General Data Protection Regulation (GDPR).”

 

Working Party 29 Releases Joint

FCC Targets “Robocalls” By Enabling Voice Providers to Block Inherently Suspect Phone Numbers

The Federal Communications Commission (FCC) has adopted rules aimed at reducing the incidence of “robocalls” by allowing voice service providers to block, before they reach consumers, calls that originate from phone numbers that strongly suggest the call is illicit. Such autodialed, usually prerecorded calls, the FCC says, often involve scams …

Employer-Sponsored Health Plan HIPAA Compliance Checklist

The administrative simplification provision of the Health Insurance Portability and Accountability Act and its implementing regulations (HIPAA) impose obligations on employer-sponsored group health plans. Given recent high-profile HIPAA enforcement actions, employers should understand their compliance obligations. This checklist is intended to assist plan sponsors with HIPAA compliance for their plans.…

LexBlog