Archives: Cookies, Tracking & Online Behavioral Advertising

Subscribe to Cookies, Tracking & Online Behavioral Advertising RSS Feed

Sears Petitions to Change Its 8-Year-Old FTC Privacy Settlement Order

On October 30, 2017, Sears Holding Management Corporation (“Sears”) petitioned the Federal Trade Commission (“FTC”) to reopen and modify the settlement to which they agreed in 2009.  At that time, Sears agreed to a consent order to resolve the FTC’s complaint that Sears allegedly did not adequately disclose the scope of its collection of “online … Continue Reading

EDPS releases recommendations on ePrivacy Regulation – Still a long way to go

We are only eight months away from the new EU data protection regime entering into force. In addition to the General Data Protection Regulation (“GDPR”), which includes the general data protection provisions, the ePrivacy Regulation shall provide specific rules for electronic communications. However, the legislative process of the ePrivacy Regulation is still in its early … Continue Reading

Better Business Bureau Enforces IBA Self-Regulatory Principles

The Better Business Bureau’s Online Interest-Based Advertising Accountability Program has cracked down on two digital advertising companies for allegedly violating the industry’s self-regulatory principles concerning interest-based advertising. In the case of Exponential Interactive, the accountability program decision reminds third-party advertisers, as defined in the Digital Advertising Alliance Self-Regulatory Principles, that they are obliged to provide … Continue Reading

Get your update on IT & Privacy Law (Germany)

The Summer 2017 Edition of the quarterly IT & Privacy Newsletter by Reed Smith Germany has just been released. We cover the German GDPR Implementation Act, new case law on processing on the basis of legitimate interests, marketing consent, and provider liability, as well as the paper on Google Analytics by the Hamburg data protection … Continue Reading

EU Commission publishes its proposals for new e-Privacy Regulation

On 10 January, the EU Commission proposed a new Regulation on Privacy and Electronic Communications (“proposed Regulation”) to replace Directive 2002/58 (known as the “ePrivacy Directive”). The proposed Regulation The proposed Regulation aims to align the rules that apply to electronic communications services with the forthcoming General Data Protection Regulation (GDPR).… Continue Reading

Facebook Implements Additional Measures to Prevent Discriminatory Practices in Targeted Advertisements

Responding to news reports that journalists were able to purchase advertising on Facebook targeted to ethnic groups, Facebook announced several new changes to the company’s advertising products. The move highlights heightened scrutiny of advertising practices surrounding the increasing use of big data in many aspects of marketing and advertising. Facebook’s response grew out of a … Continue Reading

New Privacy Rules for Internet Service Providers

On October 27, 2016, the FCC adopted a new set of privacy and data security regulations applicable to “broadband service providers and other telecommunications carriers.” The rules place new restrictions on internet service providers’ (“ISPs”) ability to use and share their customers’ data. The Commission established two data classifications: (1) sensitive information, and (2) non-sensitive … Continue Reading

Google Makes Ad-Tracking Change in its Privacy Policy

In 2007, Google bought online ad network DoubleClick, which uses cookies to collect and store data about Google users from their browsing history, to best place clients’ ads. This past June, Google revised its privacy policy to state that users’ activities on other sites tracked by DoubleClick “may be associated with [their] personal information.”  This … Continue Reading

Class Action Filed Against Indianapolis Colts over App

This month, the Indianapolis Colts, app developer Yinzcam, Inc., and ultrasonic technology provider Lisnr, Inc., were hit with a federal class action lawsuit in Pennsylvania for violating the Electronic Communications Privacy Act by allegedly allowing the Colts fan app to listen in on users’ personal phone conversations, and use that information for advertising purposes without … Continue Reading

Wisconsin Federal Court Finds Spokeo Spells the End for Consumer Privacy Class Action

In a sign of the continuing significance of the U.S. Supreme Court’s recent ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016), another federal court has cited that ruling in dismissing claims for lack of Article III standing. In Gubula v. Time Warner Cable, Inc., No. 15-cv-1078 (E.D. Wis. June 17, 2016), … Continue Reading

European Commission Publishes E-commerce Geo-Blocking Inquiry Findings

The European Commission (the executive of the EU) recently published the initial findings of its e-commerce inquiry, an investigative process conducted to determine whether and to what extent competition is being restricted or distorted in the sector. The inquiry focused on geo-blocking, a commercial practice whereby online providers block user access to the purchasing of … Continue Reading

FTC’s PrivacyCon Highlights Consumer Privacy Perceptions and Targeting

The Federal Trade Commission is currently the most aggressive enforcement agency on privacy and data security. The agency kicked off 2016 with PrivacyCon on January 14, which put the spotlight on academic research on consumer privacy and security. The conference, which drew 400 attendees to Southwest D.C. and 1,500 more streaming online, showcased 19 papers … Continue Reading

Third Circuit Slams Google’s Allegedly ‘Deceitful’ Cookie Practices

Exploiting loopholes in Internet users’ cookie-blocking settings while claiming to protect them from cookies is a serious and deceitful invasion of privacy, the Third Circuit held November 10. Ruling on an appeal from consumer plaintiffs, whose multi-district litigation against Google and several other companies that run Internet advertising businesses was dismissed in Delaware District Court, … Continue Reading

Article 29 Working Party issues its Cookie Sweep Combined Analysis – Report

On 3 February, the Article 29 Data Protection Working Party published its ‘Cookie Sweep Combined Analysis – Report’. The sweep was undertaken by the WP29 in partnership with eight of the European data protection regulators, including the UK’s ICO, France’s CNIL and Spain’s AEPD, in order to assess the current steps taken by website operators … Continue Reading

EU Art. 29 Confirms Cookie Rules Apply to Digital Fingerprinting

The Article 29 Data Protection Working Party (Working Party) released Opinion 9/2014 on ePrivacy Directive 2002/58/EC (amended in 2009), stating that the consent and transparency mechanisms apply to digital fingerprinting of devices (Opinion). The Working Party issued the opinion to clarify that consent was required and to end “surreptitious tracking” of users in light of … Continue Reading

Italian Data Protection Authority issues new EU guidelines

This post was also written by Matthew N. Peters. In early May the Italian data protection authority (“Garante”) issued “Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies” (“Guidelines”).  These are intended to provide clarity on the application of Legislative Decree No. 69/2012 (the “2012 Act”), which implemented the EU Cookie Directive in Italy. The … Continue Reading

Plaintiffs Take Another Blow In Video Privacy Protection Act (VPPA) Class Action Against Hulu and Facebook

On June 17, 2014, Magistrate Judge Laurel Beeler of the Northern District of California denied class certification for the proposed class of Hulu and Facebook users alleging that their personal information was transmitted to Facebook in violation of the Video Privacy Protection Act (VPPA).  We’ve written about this VPPA case before. At the end of … Continue Reading

To Those Calling Consumers for Marketing Purposes: LISTEN UP!!

The Federal Communications Commission (FCC) yesterday announced the largest Do-Not-Call settlement it has ever reached.  Under that settlement, a major telecommunications company will pay $7.5 million for the mobile wireless company’s alleged failure to honor consumer requests to opt out of phone and text marketing communications.  In addition, the company has agreed to take a … Continue Reading

Online Advertising Targeted by Federal Trade Commission

On May 15, 2014, Maneesha Mithal, Associate Director of the Division of Privacy and Identity Protection at the Federal Trade Commission (“FTC” or “Commission”) testified, on behalf of the FTC, before the U.S. Senate Committee on Homeland Security and Governmental Affairs addressing the Commission’s work regarding three consumer protection issues affecting online advertising: (1) privacy, … Continue Reading

French data protection authority ramps up inspections for 2014 – will it be a knock on the door or a “remote audit”?

At the end of April, the French data protection authority (CNIL) released its inspection schedule for 2014 (the Schedule), promising to carry out some 550 inspections over the course of the year. Approximately 350 inspections are expected to be on-site, a quarter of which will focus on CCTV/video surveillance, and 200 will be carried out … Continue Reading

First European Cookie Fine Issued By Spanish Data Protection Authority

The Spanish data protection authority, the AEPD, has issued the first European cookie fine for the violation of Article 22.2 of Spain’s Information Society Services and Electronic Communications Law 34/2002 (Spanish E-Commerce Act), as amended by Royal Decree Law 13/2012 which implements the e-Privacy Directive (Directive 2002/58). On 29 April 2013, the AEPD issued guidelines … Continue Reading

IAB Future of the Cookie Working Group Publishes White Paper on Privacy and Tracking In a Post-Cookie World

The ‘Future of the Cookie Working Group’, established by the International Advertising Bureau (IAB) in 2012, has published a white paper titled ‘Privacy and Tracking in a Post-Cookie World’, which addresses the limitations of the traditional cookie. The Future of the Cookie Working Group takes issue with the fact that the cookie often forms the … Continue Reading

ICO January Updates for 2014

The ICO has had a busy January with some key updates to note for the start of 2014. The ICO has produced a series of quarterly reports: Spam text messages The main three topics for the subject of unsolicited marketing text messages were found to be debt management, payday loans and payment protection insurance. Enforcement … Continue Reading

Compliance Warning Issued by BBB Accountability Program on Data Collection for Online Behavioural Advertising

This post was also written by Frederick Lah. The Online Interest-Based Advertising Accountability Program Council issued its first ever compliance warning about the omission of notices of data collection for online behavioral advertising, which are required under the Self-Regulatory Principles for Online Behavioral Advertising.  Enforcement actions against first parties failing to provide such notice has been delayed … Continue Reading
LexBlog