Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Monthly Archives: March 2014

Subscribe to Consumer Privacy RSS Feed
Posted in Consumer Privacy

FTC Continues to Enforce Security Statements

The Federal Trade Commission (“FTC”) has settled with two mobile application developers, Fandango and Credit Karma, over charges that they misrepresented the security of their mobile applications. According to the FTC, the developers failed to provide reasonable and appropriate security when their mobile applications transmitted consumers’ sensitive information. The particular issues noted by the FTC in its complaints against the developers differ to some degree, but the complaints share a common thread: the developers disabled the Secure Sockets Layer (SSL) protocol, which authenticates and encrypts communications across networks. In our post, we provide a high-level description of how SSL works, summarize the FTC’s complaints against Fandango and Credit Karma, and identify some important takeaways from these settlements.

Posted in Consumer Privacy

Recent TCPA Compliance Developments and Risk Minimization Tips

The Hogan Lovells Telephone Consumer Protection Act (TCPA) Working Group has published an alert addressing recent TCPA litigation and regulatory compliance developments. The alert notes that the number of TCPA cases is increasing and summarizes recent decisions that provide guidance regarding what constitutes prior express consent for non-telemarketing calls under the TCPA and its regulations. The alert concludes with some regulatory compliance tips to help minimize risk.

Posted in Consumer Privacy

Department of Education Clarifies Obligations of Schools When Contracting With Online Service Providers

The Department of Education recently released a fourteen-page guidance document that intensifies the pressure on school districts, schools, and higher education institutions to examine and confirm the sufficiency of the procedures they use when engaging a service provider to host or process student data. A recent Hogan Lovells Education and Privacy Alert analyzes this guidance, through which the department has put entities covered by student privacy laws on notice of its expectations regarding their responsibilities when entering into these arrangements. Service providers who store and process student data on behalf of school districts and schools should therefore carefully consider the guidance and how it may affect the market for their services and the contractual demands from their education customers.