Archives: Cookies, Tracking & Online Behavioral Advertising

Subscribe to Cookies, Tracking & Online Behavioral Advertising RSS Feed

ICO investigates adtech awareness through fact finding forum

By Cynthia O’Donoghue and Eleanor Brooks on Posted in Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection
The Information Commissioner’s Office (ICO) recently published a summary report of its fact finding forum on data protection issues arising from advertising technology (adtech). Adtech is a term commonly used to refer to all technologies, software and services used for delivering and targeting online advertisements. The ICO compiled responses from over 2,300 participants in an … Continue Reading

Planet49: Advocate General’s opinion on cookies and consent bundling

By Cynthia O’Donoghue and Sven Schonhofen on Posted in Cookies, Tracking & Online Behavioral Advertising, In the Courts, Privacy & Data Protection, Social, Mobile, Analytics & Cloud (SMAC)
On 21 March 2019, Advocate General Maciej Szpunar (“AG”) delivered an opinion on cookie consent, information obligations regarding cookies and consent bundling (Case C-673/17, Planet49 GmbH v. Bundesverband der Verbraucherzentralen und Verbraucherverbände – Verbraucherzentrale Bundesverband e.V.). In the case at issue, users entering into a promotional lottery were confronted with two checkboxes: A checkbox obtaining … Continue Reading

UK regulator to focus on ad-tech

By Cynthia O’Donoghue and John O'Brien on Posted in Cookies, Tracking & Online Behavioral Advertising
On 6 March 2019, the Information Commissioner’s Office (ICO) will host a fact-finding forum in central London. The aim of this forum is to facilitate a dialogue between ad-tech stakeholders. The ICO wants to understand the complexities of ad-tech practices. Why ad-tech? ‘Ad-tech’ is the product of technology’s transformation of the advertising industry. It uses … Continue Reading

German supervisory authority audited 40 websites on the use of tracking tools – and none of them was compliant

By Dr. Philipp Süss, Dr. Thomas Fischl, Dr. Andreas Splittgerber and Sven Schonhofen on Posted in Cookies, Tracking & Online Behavioral Advertising, Regulatory, Social, Mobile, Analytics & Cloud (SMAC)
The Bavarian Data Protection Authority (‘Bavarian DPA’) audited major Bavarian websites for their use of tracking tools on Safer Internet Day. It calls its findings “desolate”. None of the tracking tools were implemented in a compliant manner. Audit by the Bavarian DPA Tracking and the requirements for using cookies have been a highly debated topic … Continue Reading

First sanction decision rendered by the CNIL under the GDPR: GDPR awareness 2.0 has begun

By Daniel Kadar and Laetitia Gaillard on Posted in Big Data, Cookies, Tracking & Online Behavioral Advertising, Global Data Transfers, Privacy & Data Protection, Regulatory
In an interview dated February 2018,[1] Isabelle Falque-Pierrotin, at the Head of the French data protection authority (CNIL), stated that the CNIL would adopt a flexible and pragmatic approach from May 2018 onwards when controlling compliance with data protection requirements. The first decision of sanction rendered by the CNIL on Monday January 21, 2019, which … Continue Reading

ICO warns that the Washington Post offers invalid cookie consent under the GDPR

By Cynthia O’Donoghue and John O'Brien on Posted in Cookies, Tracking & Online Behavioral Advertising
It has been reported that the Information Commissioner’s Office (ICO) has issued the US-based Washington Post newspaper with a warning about how it obtains consent for cookies from website visitors. According to a report in The Register, the ICO stated that the Washington Post’s online subscription options do not allow users to opt out of … Continue Reading

German State Media Authorities issue new guidance paper on marking adverts on social media

By Dr. Philipp Süss, Dr. Alexander Hardinghaus and Ramona Kimmich on Posted in Cookies, Tracking & Online Behavioral Advertising, Regulatory, Social, Mobile, Analytics & Cloud (SMAC)
Recently, the German media regulators, the State Media Authorities (Landesmedienanstalten), issued a joint guidance paper on marking adverts on social media, which is available in German language here (Leitfaden der Medienanstalten, Werbekennzeichnung bei Social Media-Angeboten; “Guidance Paper”). The Guidance Paper replaces the State Media Authorities’ earlier FAQs. It is intended to help organisations and individuals … Continue Reading

Update on Facebook fan pages: What should organisations do after the release of Facebook’s co-controller agreement?

By Dr. Andreas Splittgerber, Sven Schonhofen and Dr. Thomas Fischl on Posted in Cookies, Tracking & Online Behavioral Advertising, In the Courts, Privacy & Data Protection, Social, Mobile, Analytics & Cloud (SMAC)
After another statement by the German Data Protection Authorities (German DPAs) of 5 September 2018 (Statement, available in English here), stating that the operation of a fan page as offered by Facebook was illegal, Facebook reacted “overnight” and released a co-controller agreement, the “Page Insights Controller Addendum” (Insights Addendum, available here). In a press release … Continue Reading

Proposed amendments to the ePrivacy Regulation

By Cynthia O’Donoghue and John O'Brien on Posted in Cookies, Tracking & Online Behavioral Advertising, Regulatory
On 10 July 2018, the Council of the European Union has published a draft of revisions to the proposed ePrivacy Regulation (ePR). The ePR is likely to come into force in 2019. The ePR will repeal and replace the Privacy and Electronic Communications Directive 2002/58/EC. The ePR will align Europe’s ePrivacy regime more closely with … Continue Reading

How big is the risk to operate Facebook fan pages in Germany?

By Dr. Andreas Splittgerber, Dr. Thomas Fischl and Sven Schonhofen on Posted in Cookies, Tracking & Online Behavioral Advertising, In the Courts, Privacy & Data Protection, Social, Mobile, Analytics & Cloud (SMAC)
On 5 June 2018, the Court of Justice of the European Union (CJEU) handed down its long-awaited Facebook fan page judgement (Case C-210/16), holding that the operator of a fan page on Facebook is jointly responsible with Facebook for processing the data of visitors to the page. Only a day later, the Conference of German … Continue Reading

German authorities: tracking and profiling cookies require opt-in consent

By Dr. Andreas Splittgerber and Sven Schonhofen on Posted in Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection, Regulatory, Social, Mobile, Analytics & Cloud (SMAC)
On 26 April 2018, the Conference of German Data Protection Authorities (German DPAs) released a highly criticised position paper on the applicability of the German Telemedia Act (TMA) after 25 May 2018 (Position Paper, available in German here). The Position Paper clearly states that tracking and profiling cookies now require informed prior opt-in consent. Position … Continue Reading

Territorial applicability of the GDPR

By Sven Schonhofen and Friederike Detmering on Posted in Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection
The GDPR is just around the corner and will be effective in less than three months – on 25 May 2018. Organizations are therefore in the midst of preparations to comply with the new Regulation in order to avoid the potentially high fines. Non-EU organizations have to assess whether the GDPR is applicable to them … Continue Reading

Sears Petitions to Change Its 8-Year-Old FTC Privacy Settlement Order

By Wendell Bartnick on Posted in Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection
On October 30, 2017, Sears Holding Management Corporation (“Sears”) petitioned the Federal Trade Commission (“FTC”) to reopen and modify the settlement to which they agreed in 2009.  At that time, Sears agreed to a consent order to resolve the FTC’s complaint that Sears allegedly did not adequately disclose the scope of its collection of “online … Continue Reading

EDPS releases recommendations on ePrivacy Regulation – Still a long way to go

By Dr. Andreas Splittgerber and Sven Schonhofen on Posted in Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection, Social, Mobile, Analytics & Cloud (SMAC)
We are only eight months away from the new EU data protection regime entering into force. In addition to the General Data Protection Regulation (“GDPR”), which includes the general data protection provisions, the ePrivacy Regulation shall provide specific rules for electronic communications. However, the legislative process of the ePrivacy Regulation is still in its early … Continue Reading

Better Business Bureau Enforces IBA Self-Regulatory Principles

By Kimberly Chow on Posted in Cookies, Tracking & Online Behavioral Advertising
The Better Business Bureau’s Online Interest-Based Advertising Accountability Program has cracked down on two digital advertising companies for allegedly violating the industry’s self-regulatory principles concerning interest-based advertising. In the case of Exponential Interactive, the accountability program decision reminds third-party advertisers, as defined in the Digital Advertising Alliance Self-Regulatory Principles, that they are obliged to provide … Continue Reading

Get your update on IT & Privacy Law (Germany)

By Dr. Andreas Splittgerber and Sven Schonhofen on Posted in Cookies, Tracking & Online Behavioral Advertising, In the Courts, Privacy & Data Protection
The Summer 2017 Edition of the quarterly IT & Privacy Newsletter by Reed Smith Germany has just been released. We cover the German GDPR Implementation Act, new case law on processing on the basis of legitimate interests, marketing consent, and provider liability, as well as the paper on Google Analytics by the Hamburg data protection … Continue Reading

EU Commission publishes its proposals for new e-Privacy Regulation

By Cynthia O’Donoghue and Chantelle Taylor on Posted in Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection, Regulatory
On 10 January, the EU Commission proposed a new Regulation on Privacy and Electronic Communications (“proposed Regulation”) to replace Directive 2002/58 (known as the “ePrivacy Directive”). The proposed Regulation The proposed Regulation aims to align the rules that apply to electronic communications services with the forthcoming General Data Protection Regulation (GDPR).… Continue Reading

Facebook Implements Additional Measures to Prevent Discriminatory Practices in Targeted Advertisements

By Gerard Stegmaier and Mark H. Francis on Posted in Big Data, Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection, Social, Mobile, Analytics & Cloud (SMAC)
Responding to news reports that journalists were able to purchase advertising on Facebook targeted to ethnic groups, Facebook announced several new changes to the company’s advertising products. The move highlights heightened scrutiny of advertising practices surrounding the increasing use of big data in many aspects of marketing and advertising. Facebook’s response grew out of a … Continue Reading

New Privacy Rules for Internet Service Providers

By Samuel F. Cullari on Posted in Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection, Regulatory
On October 27, 2016, the FCC adopted a new set of privacy and data security regulations applicable to “broadband service providers and other telecommunications carriers.” The rules place new restrictions on internet service providers’ (“ISPs”) ability to use and share their customers’ data. The Commission established two data classifications: (1) sensitive information, and (2) non-sensitive … Continue Reading

Google Makes Ad-Tracking Change in its Privacy Policy

By Sulina D. Gabale and Jason Gordon on Posted in Cookies, Tracking & Online Behavioral Advertising, Privacy & Data Protection
In 2007, Google bought online ad network DoubleClick, which uses cookies to collect and store data about Google users from their browsing history, to best place clients’ ads. This past June, Google revised its privacy policy to state that users’ activities on other sites tracked by DoubleClick “may be associated with [their] personal information.”  This … Continue Reading

Class Action Filed Against Indianapolis Colts over App

By Sulina D. Gabale and Jason Gordon on Posted in Cookies, Tracking & Online Behavioral Advertising, In the Courts
This month, the Indianapolis Colts, app developer Yinzcam, Inc., and ultrasonic technology provider Lisnr, Inc., were hit with a federal class action lawsuit in Pennsylvania for violating the Electronic Communications Privacy Act by allegedly allowing the Colts fan app to listen in on users’ personal phone conversations, and use that information for advertising purposes without … Continue Reading

Wisconsin Federal Court Finds Spokeo Spells the End for Consumer Privacy Class Action

By Brian J. Willett on Posted in Big Data, Cookies, Tracking & Online Behavioral Advertising, Global Data Transfers, In the Courts, Information Governance, Intellectual Property, Internet Domain Names/ICANN, Privacy & Data Protection, Regulatory, Social, Mobile, Analytics & Cloud (SMAC), Tech & Outsourcing
In a sign of the continuing significance of the U.S. Supreme Court’s recent ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016), another federal court has cited that ruling in dismissing claims for lack of Article III standing. In Gubula v. Time Warner Cable, Inc., No. 15-cv-1078 (E.D. Wis. June 17, 2016), … Continue Reading

European Commission Publishes E-commerce Geo-Blocking Inquiry Findings

By Cynthia O’Donoghue, Marjorie Holmes, Edward Miller and Michael Skrein on Posted in Cookies, Tracking & Online Behavioral Advertising
The European Commission (the executive of the EU) recently published the initial findings of its e-commerce inquiry, an investigative process conducted to determine whether and to what extent competition is being restricted or distorted in the sector. The inquiry focused on geo-blocking, a commercial practice whereby online providers block user access to the purchasing of … Continue Reading

Update on Initiation of FCC Rulemaking to Implement the New TCPA Exemption for the Collection of Government Debt

By Judith L. Harris on Posted in Cookies, Tracking & Online Behavioral Advertising, Regulatory
Some of you may remember that back in early November 2015, I wrote about a then little-noticed provision slipped into the Bipartisan Budget Act of 2015. That provision, designed to find more revenues to offset government spending (and thus help to reduce the federal deficit), created an exemption from the Telephone Consumer Protection Act (TCPA) … Continue Reading
LexBlog