Archives: Cookies, Tracking & Online Behavioral Advertising

Subscribe to Cookies, Tracking & Online Behavioral Advertising RSS Feed

Update on Facebook fan pages: What should organisations do after the release of Facebook’s co-controller agreement?

After another statement by the German Data Protection Authorities (German DPAs) of 5 September 2018 (Statement, available in English here), stating that the operation of a fan page as offered by Facebook was illegal, Facebook reacted “overnight” and released a co-controller agreement, the “Page Insights Controller Addendum” (Insights Addendum, available here). In a press release … Continue Reading

Proposed amendments to the ePrivacy Regulation

On 10 July 2018, the Council of the European Union has published a draft of revisions to the proposed ePrivacy Regulation (ePR). The ePR is likely to come into force in 2019. The ePR will repeal and replace the Privacy and Electronic Communications Directive 2002/58/EC. The ePR will align Europe’s ePrivacy regime more closely with … Continue Reading

How big is the risk to operate Facebook fan pages in Germany?

On 5 June 2018, the Court of Justice of the European Union (CJEU) handed down its long-awaited Facebook fan page judgement (Case C-210/16), holding that the operator of a fan page on Facebook is jointly responsible with Facebook for processing the data of visitors to the page. Only a day later, the Conference of German … Continue Reading

German authorities: tracking and profiling cookies require opt-in consent

On 26 April 2018, the Conference of German Data Protection Authorities (German DPAs) released a highly criticised position paper on the applicability of the German Telemedia Act (TMA) after 25 May 2018 (Position Paper, available in German here). The Position Paper clearly states that tracking and profiling cookies now require informed prior opt-in consent. Position … Continue Reading

Territorial applicability of the GDPR

The GDPR is just around the corner and will be effective in less than three months – on 25 May 2018. Organizations are therefore in the midst of preparations to comply with the new Regulation in order to avoid the potentially high fines. Non-EU organizations have to assess whether the GDPR is applicable to them … Continue Reading

Sears Petitions to Change Its 8-Year-Old FTC Privacy Settlement Order

On October 30, 2017, Sears Holding Management Corporation (“Sears”) petitioned the Federal Trade Commission (“FTC”) to reopen and modify the settlement to which they agreed in 2009.  At that time, Sears agreed to a consent order to resolve the FTC’s complaint that Sears allegedly did not adequately disclose the scope of its collection of “online … Continue Reading

EDPS releases recommendations on ePrivacy Regulation – Still a long way to go

We are only eight months away from the new EU data protection regime entering into force. In addition to the General Data Protection Regulation (“GDPR”), which includes the general data protection provisions, the ePrivacy Regulation shall provide specific rules for electronic communications. However, the legislative process of the ePrivacy Regulation is still in its early … Continue Reading

Better Business Bureau Enforces IBA Self-Regulatory Principles

The Better Business Bureau’s Online Interest-Based Advertising Accountability Program has cracked down on two digital advertising companies for allegedly violating the industry’s self-regulatory principles concerning interest-based advertising. In the case of Exponential Interactive, the accountability program decision reminds third-party advertisers, as defined in the Digital Advertising Alliance Self-Regulatory Principles, that they are obliged to provide … Continue Reading

Get your update on IT & Privacy Law (Germany)

The Summer 2017 Edition of the quarterly IT & Privacy Newsletter by Reed Smith Germany has just been released. We cover the German GDPR Implementation Act, new case law on processing on the basis of legitimate interests, marketing consent, and provider liability, as well as the paper on Google Analytics by the Hamburg data protection … Continue Reading

EU Commission publishes its proposals for new e-Privacy Regulation

On 10 January, the EU Commission proposed a new Regulation on Privacy and Electronic Communications (“proposed Regulation”) to replace Directive 2002/58 (known as the “ePrivacy Directive”). The proposed Regulation The proposed Regulation aims to align the rules that apply to electronic communications services with the forthcoming General Data Protection Regulation (GDPR).… Continue Reading

Facebook Implements Additional Measures to Prevent Discriminatory Practices in Targeted Advertisements

Responding to news reports that journalists were able to purchase advertising on Facebook targeted to ethnic groups, Facebook announced several new changes to the company’s advertising products. The move highlights heightened scrutiny of advertising practices surrounding the increasing use of big data in many aspects of marketing and advertising. Facebook’s response grew out of a … Continue Reading

New Privacy Rules for Internet Service Providers

On October 27, 2016, the FCC adopted a new set of privacy and data security regulations applicable to “broadband service providers and other telecommunications carriers.” The rules place new restrictions on internet service providers’ (“ISPs”) ability to use and share their customers’ data. The Commission established two data classifications: (1) sensitive information, and (2) non-sensitive … Continue Reading

Google Makes Ad-Tracking Change in its Privacy Policy

In 2007, Google bought online ad network DoubleClick, which uses cookies to collect and store data about Google users from their browsing history, to best place clients’ ads. This past June, Google revised its privacy policy to state that users’ activities on other sites tracked by DoubleClick “may be associated with [their] personal information.”  This … Continue Reading

Class Action Filed Against Indianapolis Colts over App

This month, the Indianapolis Colts, app developer Yinzcam, Inc., and ultrasonic technology provider Lisnr, Inc., were hit with a federal class action lawsuit in Pennsylvania for violating the Electronic Communications Privacy Act by allegedly allowing the Colts fan app to listen in on users’ personal phone conversations, and use that information for advertising purposes without … Continue Reading

Wisconsin Federal Court Finds Spokeo Spells the End for Consumer Privacy Class Action

In a sign of the continuing significance of the U.S. Supreme Court’s recent ruling in Spokeo v. Robins, 136 S. Ct. 1540 (May 24, 2016), another federal court has cited that ruling in dismissing claims for lack of Article III standing. In Gubula v. Time Warner Cable, Inc., No. 15-cv-1078 (E.D. Wis. June 17, 2016), … Continue Reading

European Commission Publishes E-commerce Geo-Blocking Inquiry Findings

The European Commission (the executive of the EU) recently published the initial findings of its e-commerce inquiry, an investigative process conducted to determine whether and to what extent competition is being restricted or distorted in the sector. The inquiry focused on geo-blocking, a commercial practice whereby online providers block user access to the purchasing of … Continue Reading

Update on Initiation of FCC Rulemaking to Implement the New TCPA Exemption for the Collection of Government Debt

Some of you may remember that back in early November 2015, I wrote about a then little-noticed provision slipped into the Bipartisan Budget Act of 2015. That provision, designed to find more revenues to offset government spending (and thus help to reduce the federal deficit), created an exemption from the Telephone Consumer Protection Act (TCPA) … Continue Reading

FTC’s PrivacyCon Highlights Consumer Privacy Perceptions and Targeting

The Federal Trade Commission is currently the most aggressive enforcement agency on privacy and data security. The agency kicked off 2016 with PrivacyCon on January 14, which put the spotlight on academic research on consumer privacy and security. The conference, which drew 400 attendees to Southwest D.C. and 1,500 more streaming online, showcased 19 papers … Continue Reading

The UK’s data protection regulator cracks the enforcement whip

As 2015 draws to a close, the UK’s Data Protection Regulator, the Information Commissioner’s Office (‘ICO’), is making sure it ends the year with a bang. The past few months have seen a significant increase in enforcement action, a theme which seems to be common for the regulator at this time of year because of … Continue Reading

Third Circuit Slams Google’s Allegedly ‘Deceitful’ Cookie Practices

Exploiting loopholes in Internet users’ cookie-blocking settings while claiming to protect them from cookies is a serious and deceitful invasion of privacy, the Third Circuit held November 10. Ruling on an appeal from consumer plaintiffs, whose multi-district litigation against Google and several other companies that run Internet advertising businesses was dismissed in Delaware District Court, … Continue Reading

The House and Senate passed a new budget deal potentially affecting the TCPA

Automated dialing systems are back – temporarily – like never before. The new Budget Act provision makes “robocalls” to mobile phones a nonissue when used to collect money owed to the United States government. Following this release, Sen. Ed Markey spoke out and is reportedly preparing a “Hang Up Act” aimed at repealing this robocall … Continue Reading

TCPA Litigation and Compliance Will Be Affected by the FCC’s TCPA Omnibus Declaratory Ruling

In its July 10, 2015 TCPA Omnibus Declaratory Ruling and Order, the Federal Communications Commission unfairly lumps legitimate businesses in with the telemarketing abusers that the Telephone Consumer Protection Act (TCPA) was intended to deter. Highlights within the ruling include: An Expansive Definition of “Automatic Telephone Dialing System” or “Autodialer” Liability for Calling Reassigned/Wrong Wireless … Continue Reading

Reactiv Media fine increased on appeal by UK Information Rights Tribunal

Reactiv Media has found itself facing a 50% increase in the fine it was attempting to overturn after an appeal to the First-Tier Information Rights Tribunal. The UK Information Rights Tribunal hears appeals against decisions of the Information Commissioner’s Office actions relating to data protection, privacy electronic communications, freedom of information and environmental information. The … Continue Reading
LexBlog