On October 30, 2017, Sears Holding Management Corporation (“Sears”) petitioned the Federal Trade Commission (“FTC”) to reopen and modify the settlement to which they agreed in 2009.  At that time, Sears agreed to a consent order to resolve the FTC’s complaint that Sears allegedly did not adequately disclose the scope of its collection of “online browsing” data collected from users of Sears’ desktop software application.  This landmark enforcement action was one of the FTC’s first uses of its section 5 authority to regulate privacy-related disclosures and the tracking of users’ online activity.

With Sears’ petition, a company under a privacy-related consent order has for the first time asked the FTC to scale back the breadth of the order’s applicability because of changes in technology, consumer expectations, and the marketplace.

Changes in Mobile App Ecosystem and Consumer Expectations. In its petition, Sears argued that the current online marketplace demonstrates that the consent order is too broad and “does not align with today’s mobile application ecosystem and consumer expectations.”  Sears explained that the consent order requires handling consumer notices in its mobile applications in a way different from other companies’ industry-standard mobile apps, and the order’s prescriptive manner does not fit with how consumers obtain mobile applications through app stores.  According to Sears, more recent FTC orders recognized exceptions to certain consumer notices for normal functioning of mobile applications that are expected by consumers, e.g., notices related to application configurations, crash monitoring, and usage activity.  Sears seeks an order more in-line with the new FTC orders that include the exceptions.Continue Reading Sears Petitions to Change Its 8-Year-Old FTC Privacy Settlement Order

The oracle of Silicon Valley, Mary Meeker – a partner at Kleiner Perkins – just published her highly anticipated 2015 Internet Trends Report.  Meeker’s report is the ultimate compilation of essential technology statistics, and is one of the most widely read and respected insights into the future of the Internet and technology trends.

Encompassing everything from smartphone penetration to drones, messaging apps to India as the next Internet penetration growth market, Meeker, in 197 slides, does a deep dive into technology trends and provides an optimistic future for growth, especially in education, government and health care.

The entire report is well worth the time to read, but below we have highlighted some of the key takeaways.
Continue Reading Into the Future

In December, 23 privacy authorities – many of which are members of the Global Privacy Enforcement Network (GPEN) – signed an open letter to the operators of seven app marketplaces, urging them to improve consumers’ access to privacy information on mobile apps.

The letter states that:

  • Mobile apps that collect data in and

In May this year, members of the Global Privacy Enforcement Network (GPEN) conducted a privacy sweep of 1,200+ mobile apps. The findings are now available (here).

GPEN is an informal network of 27 Data Protection Authorities (“DPAs”) established in 2007. Its members include the UK’s ICO, Australia’s OAIC, and Canada’s OPC.

This post was also written by Rob Jackson.

The U.S. District Court for the Southern District of Florida recently released a decision in a TCPA suit brought by a man seeking damages in connection with a series of autodialed telephone calls made to his mobile phone. In his decision on cross motions for summary judgment,

Today, the Federal Trade Commission released detailed guidance on privacy in the mobile environment – at the same time it announced its largest-ever settlement with an app developer for alleged privacy violations. Combined with aggressive action on mobile privacy issues by the California attorney general’s office, Mobile Privacy Disclosures provides every company associated with

This post was written by Amy S. Mushahwar. 

On July 11, the National Institute of Standards and Technology (“NIST”) released Guidelines for Managing and Securing Mobile Devices in The Enterprise, its draft policy for securing mobile devices that will supplement its already-published general security recommendations for any IT technology. In these draft Guidelines, which

This post was also written by Frederick Lah.

In early June, New Jersey Attorney General Jeffrey Chiesa and the New Jersey Division of Consumer Affairs brought a complaint against California-based mobile app developer 24×7 Digital LLC for alleged violations of the Children’s Online Privacy Protection Act (“COPPA”). The state alleged that 24×7 Digital, through