Jul. 17, 2024

FCC Forfeiture Orders Underline Need for Vigilance on Geolocation Sharing

The FCC recently imposed penalties totaling almost $200 million on the leading U.S. wireless carriers, after concluding that they had contravened regulations on sharing customer geolocation data with other businesses. The Forfeiture Orders (Orders) affect Verizon, AT&T and T‑Mobile US – the three big providers – and Sprint, which has since merged into T‑Mobile US. With insights from Squire Patton Boggs partner Eduardo Guzmán and Marashlian & Donahue counsel Linda McReynolds, this article examines the Orders, including the FCC’s definition of customer proprietary network information and treatment of consent, and offers compliance lessons that can be drawn from them regarding the sharing of geolocation data. See “Enforcing Consumer Consent: FTC Focuses on Location Tracking and Children’s Privacy” (Jul. 6, 2016).

Implications of Loper Bright: Demise of Chevron Deference and Effect on Cyber and Privacy Enforcement

The U.S. Supreme Court’s 1984 decision in Chevron U.S.A. Inc. v. Natural Resources Defense Council, Inc., gave regulatory agencies broad discretion to interpret ambiguous statutes – and required courts to heed those interpretations. Forty years later, Chief Justice Roberts, joined by the other five conservative Justices on the Court, put the last nail in the coffin of what is known as Chevron deference. This two-part article series examines the implications of the landmark Loper Bright Enterprises v. Raimondo decision, including insights shared with the Cybersecurity Law Report by Baker & McKenzie partner Helena J. Engfeldt and Paul Hastings partner Nathaniel Edmonds, and commentary from K&L Gates partners made during a firm presentation. This first part discusses Chevron deference and examines the Loper Bright opinion and its impact on cybersecurity and privacy enforcement. Part two will address the decision’s effect on Foreign Corrupt Practices Act enforcement, courts, Congress, administrative tribunals and companies. See “Navigating Evolving Data Breach Litigation and Regulatory Risks” (Aug. 2, 2023).

Thoughts From DOJ Experts on Using Data Analytics to Strengthen Compliance Programs

In recent years, U.S. enforcers have become increasingly knowledgeable about compliance programs and more nuanced in their expectations of companies. Top enforcers from the SEC and DOJ discussed their expectations for compliance programs, with a particular focus on how companies use data analytics, at a recent Practising Law Institute program. This article synthesizes their insights. See “Google Settlement Shows DOJ’s Increased Focus on Data Preservation” (Dec. 7, 2022).

Privacy and Data Expert Joins Ballard Spahr in New York

Hilary Lane has joined Ballard Spahr as a privacy and data security partner in New York. She arrives from Holland & Knight, where she was a partner. For commentary from Lane, see “How to Comply With Key CCPA Notice and Consumer Request Requirements” (Jun. 24, 2020). For insights from Ballard Spahr, see “Lessons From California’s DoorDash Enforcement Action” (Mar. 6, 2024).