Archives: Policy and Regulatory Positioning

Subscribe to Policy and Regulatory Positioning RSS Feed

ICYMI: PrivSec’s Weekly News Picks

Interactive Advertising Bureau Releases Technical Standard to Facilitate Disclosure and Consent in Digital Advertising

IAB Europe reported that it “presented a new technical standard to support the digital advertising ecosystem in meeting requirements relating to user consent under the General Data Protection Regulation (GDPR).”

 

Working Party 29 Releases Joint

FCC Targets “Robocalls” By Enabling Voice Providers to Block Inherently Suspect Phone Numbers

The Federal Communications Commission (FCC) has adopted rules aimed at reducing the incidence of “robocalls” by allowing voice service providers to block, before they reach consumers, calls that originate from phone numbers that strongly suggest the call is illicit. Such autodialed, usually prerecorded calls, the FCC says, often involve scams …

Employer-Sponsored Health Plan HIPAA Compliance Checklist

The administrative simplification provision of the Health Insurance Portability and Accountability Act and its implementing regulations (HIPAA) impose obligations on employer-sponsored group health plans. Given recent high-profile HIPAA enforcement actions, employers should understand their compliance obligations. This checklist is intended to assist plan sponsors with HIPAA compliance for their plans.…

China Prohibits Unverified Internet Users to Post Online Comments

On August 25, 2017, the Cyberspace Administration of China (“CAC”) issued the Administrative Provisions for Services concerning Internet Comment Posting (the “Internet Comment Posting Provisions”) and the Administrative Provisions for Services concerning Internet Forums and Communities (the “Internet Forum and Community Services Provisions”), both of which will become effective on …

Draft Cybersecurity Legislation Would Impose Substantial New Obligations on Vendors Selling Interconnected Devices to the U.S. Government

On Tuesday, August 1, 2017, a bipartisan group of four Senators from the Senate Cybersecurity Caucus introduced legislation designed to improve the cybersecurity of devices purchased by the U.S. government and – albeit indirectly – sold anywhere in the U.S. or the world.

The legislation – the “Internet of Things …

How to Use the GDPR as Your Competitive Advantage: Focus on the Carrot, Not the Stick

How to use the GDPR as Your Competitive Advantage: Focus on the Carrot, Not the Stick

Ample bandwidth has been eaten by panicky commentary over the fines possible under the EU’s upcoming General Data Protection Regulation (GDPR). Sure, the GDPR arms EU data protection authorities with a hefty compliance stick. …

The Chinese Government Issues Draft Cybersecurity Regulations to Protect Critical Information Infrastructure

On June 10, 2017, the Cyberspace Administration of China (the “CAC”) released the Draft Regulations on the Security Protection of Critical Information Infrastructure (the “Draft Regulations” 《关键信息基础设施安全保护条例(征求意见稿)》). The CAC is seeking public comments with a deadline of August 10, 2017. The final version will likely be announced soon after that …

FCC Proposes New Systems to Reduce Illegal Robocalls and Announces Fine Against Autodialing Platform

The Federal Communications Commission (FCC) marked another step in its effort to curtail illegal robocalls. During its recent Open Meeting, the FCC approved Notices of Inquiry (NOIs) into Call Authentication methods and into Advanced Methods to Target Unlawful Robocalls that, respectively, seek input on efforts to institute a caller ID-based …

(Connected) Toy Story: The FTC Updates the COPPA Compliance Plan

The Federal Trade Commission (“FTC”) recently issued an updated “Six-Step Compliance Plan for Businesses” (“Compliance Plan”) for entities subject to the Federal Children’s Online Privacy Protection Act (“COPPA”), 15 U.S.C. §§ 6501-6506, to “reflect developments in the marketplace—for example, the introduction of internet-connected toys and other devices for kids.” COPPA …

Data-Driven Marketing and the GDPR: the Data Brokers’ Conundrum

The digital marketing industry is powered by information about individuals (“personal data”) that pulses through a supply web. As this FTC infographic shows, some industries such as retail, energy, financial services, and health care, have direct relationships with those individuals. Other industries, such as data marketing, generally are at least …

FCC Reinstates CPNI Privacy Regulations (and Compliance Filing Obligations) for Telecom and VoIP Service Providers

In a recent order, the FCC has reinstated its customer proprietary network information (“CPNI”) rules governing the privacy obligations of voice service providers under Section 222. This action follows the Congressional repeal of the FCC’s 2016 Privacy Order that had extended CPNI regulations to broadband internet access services. As …

Tick Tock Tick Tock, When a Breach Occurs, You’re on the Clock!

As a reminder that state attorneys general have enforcement authority over breach notifications, the New York Attorney General recently announced a $130,000 settlement for a failing to provide breach notification in a reasonable time. Organizations should ensure that they are prepared to quickly provide required notifications in the event of …

Private Right of Action Under Canadian Anti-Spam Legislation Suspended Indefinitely

On June 7, 2017, the Canadian government announced that it is suspending indefinitely the private right of action provided for by Canada’s Anti-Spam Legislation (“CASL”), which sets forth the country’s regime of disclosures, consent, and unsubscribe requirements for commercial electronic messages and installation of computer programs, which we discuss here

It’s Official: Privacy and Security Rules from Wheeler Era Repealed

On Monday, April 3, President Trump signed a bill repealing the privacy and security rules introduced in the FCC’s October 2016 Order.  Under the terms of the Congressional Review Act (CRA), those rules have now been entirely repealed, the FCC is restricted from implementing “substantially similar” rules in the future, …

New FCC Chairman Moves to Roll Back Privacy Rules for Internet Service Providers

Ever since the presidential election and the replacement of former Obama administration FCC Chairman Tom Wheeler with former Republican commissioner and now Chairman Ajit Pai, communications industry and privacy policy observers of all stripes have expected the new FCC to roll back much or all of the agency’s pre-election (October …

Chairman Wheeler to Leave FCC Jan. 20

FCC Issues Clarification of Broadband Privacy Rules Deadlines

Today, FCC Chairman Tom Wheeler confirmed that he will resign effective January 20, 2017, Inauguration Day. With Commissioner Rosenworcel unlikely to be confirmed for a new term, this would leave the FCC with two Republicans (Commissioners Pai and O’Rielly) and one Democrat …

LexBlog