Privacy expert Jessica Rich, the former director of the Bureau of Consumer Protection at the Federal Trade Commission (FTC), wrote in the The New York Times this summer that it is “time for Congress” to grant the FTC “the increased authority and resources it has needed for the last 25 years.”
In hiQ Labs, Inc. v. LinkedIn Corporation, the U.S. Ninth Circuit Court of Appeals issued an especially notable decision with respect to the scraping of publicly-available data from the Internet for data analytics. While upholding a preliminary injunction prohibiting LinkedIn from cutting off access to hiQ, the court also held that hiQ’s scraping of such data did not constitute a violation of the federal Computer Fraud & Abuse Act (CFAA). This decision doesn’t completely clear the way for scraping of data from websites without the authorization of the website owner, but it is certainly helpful precedent for data analytics providers.
The marketing research and data analytics industry already has a helpful example of the costs of an overly broad data privacy law in the money spent attempting to comply with Europe’s General Data Protection Regulation (GDPR). A new study tries to quantify the cost of a comprehensive U.S. privacy law modeled on GDPR and the California Consumer Privacy Act (CCPA), the new law coming into effect in the Golden State on January 1, 2020.
The Federal Trade Commission (FTC) is publicly reviewing its rules for the Children’s On
The ranking member of the House Energy & Commerce Committee discusses federal privacy regulation in response to GDPR
The European Commission recently delivered a passing grade for the U.S.-EU Privacy Shield, the agreement allowing for trans-Atlantic data transfer, in their second annual review, despite urging from the European Parliament this past summer to abrogate the deal.
In the run-up to a Federal Trade Commission (FTC) hearing on data privacy, a coalition of data-driven industry groups urged the FTC to adopt a new privacy paradigm focused on "reasonableness" that would be "best suited to create lasting protections for consumers and foster a competitive and innovative marketplace." The proposed privacy approach would prohibit "unreasonable data practices that are harmful to consumers" while providing a comprehensible regulatory standard with "a set of factors a company can use to evaluate its data practices that is tailored to its circumstances and consumer relationships." It would also preempt the growing patchwork of state privacy laws.