How companies collect and use consumer data – and how they inform consumers
of those practices – is increasingly in the public eye. With several high profile data
mining debacles, online privacy is a hot topic among government regulators, consumer
advocacy groups and industry leaders. It’s also a topic generating attention among
consumers. These days, consumers are more regularly reading websites’ and apps’ terms
and conditions, which they used to hastily click through. And government agencies
and private groups are policing companies’ practices to monitor whether companies are
complying with their own privacy policies.
New regulatory initiatives, like the FTC’s proposed revisions to the Children’s Online
Privacy Protection Act (COPPA) rules, and the Obama Adminstration’s Privacy Bill
of Rights; and new self-regulatory projects, like the Digital Advertising Alliance’s
and the World Wide Web Consortium’s “Do Not Track” standards, lead to the reality
that companies doing business online need to think hard about their privacy policies.
Increasing enforcement actions to ensure companies comply with privacy policies leads
to the reality that companies also need to vet their data collection and usage practices.
Ifrah Law offers extensive experience in drafting privacy policies for various clients
and website operators, as well as in litigation of privacy matters dealing with issues of
data and information. Attorneys represent businesses and individuals with counsel on
information storage and rights of retrieval, including criminal background websites and
children’s privacy protections online through COPPA.
Our team includes a former staff attorney for the Federal Trade Commission’s Bureau
of Consumer Protection and we have managed high-profile FTC and CFTC investigations and
enforcement actions.
Takedown Notice Success for an International VIP
When a blogger posted information from a hacked computer about an important Middle Eastern leader, Ifrah Law was asked to help. The site contained threats to the national security of the politician’s country as well as the United States – and to the life of the politician. The matter needed immediate attention and we responded to get the site (and others where the statements had been posted) taken down.
The case was made more complex when two web hosting companies created a sub-domain for the website, and refused to disclose their users – as is their privacy policy.
But the law offers some remedies of its own. One is the Digital Millennium Copyright Act (DMCA), which is U.S. copyright law as well as part of two World Intellectual Property Organization (WIPO) treaties. The DMCA assigns no liability to an Internet service Provider (ISP) for transmitting information that may infringe a copyright, but it forces the ISP to remove materials from users’ websites that appear to be copyright infringement. The DMCA provides for a takedown notice to be sent to an infringer’s ISP.
Ifrah Law successfully utilized takedown notices with two of the blogger’s ISPs as well as Facebook and is pursuing other sites. We impressed upon the web hosting companies that the content posed an immediate threat to national security. We also emphasized to one company that the blogger had violated their terms and conditions.
Privacy issues on the Internet may be rampant, but they do not have to be a fact of life.
Don’t be a Jerk
Last week the Federal Trade Commission (“FTC”) charged the operators of Jerk.com with harvesting personal information from Facebook to create profiles for more than an estimated 73 million people, where they could not be labeled a “Jerk” or “not a Jerk.” In the complaint, the FTC charged the defendants, Jerk, LLC and the operator of […]
“Heartbleed” Bug – Antibiotics Won’t Help, Changing Passwords Might
By Michelle Cohen, CIPP-US After recovering from high-profile data breaches at Target and Neiman Marcus, signing up for free credit monitoring and analyzing our credit reports, a new Internet villain recently emerged: the “Heartbleed Bug.” The Heartbleed Bug is a security flaw present on Open SSL, popular software run on most webservers. This open source software […]
FTC Sends Message: Make Your Mobile App Secure
Mobile payments have become so commonplace that consumers rarely stop to think about whether their online payment is secure. Mobile app developers can fall into a similar trap of assuming that the necessary security measures are enabled without performing the necessary audits to assure security on a regular basis. A recent settlement between the FTC […]
Attorney General Holder Calls on Congress to Establish Strong National Data Breach Notification Standard
By Michelle Cohen, CIPP-US Yesterday, in his weekly video address, Attorney General Eric Holder urged Congress to create a national data breach notification standard requiring companies to quickly notify consumers of a breach of their personal or financial information. In the wake of the high profile holiday season data breaches at retailers Target and Neiman Marcus, […]
Data Privacy Day
By Michelle Cohen, CIPP-US On January 28th, in an effort raise awareness of privacy and data privacy, the United States, Canada and 27 countries of the European Union celebrate International Data Privacy Day. Many organizations use Data Privacy Day as an opportunity to educate their employees and stakeholders about privacy-related topics. With the recent, high-profile data […]
