The Cybersecurity Law Report

Incisive intelligence on cybersecurity law and regulation

Articles By Topic

By Topic: Online Advertising

  • From Vol. 4 No.21 (Jul. 18, 2018)

    Overcoming Barriers to Cross-Border Data Flows, Contract Provisions and Other Digital Transformation Issues

    “Cross-border data matters because every industry is now data-driven,” Ambassador Robert Holleyman, a partner at Crowell & Moring, observed at a recent program presented by the firm. The panelists explored issues relating to the use and exchange of data in an increasingly interconnected world, including barriers to data flows, five key contract provisions for cross-border agreements and digital advertising and tracking. Along with Holleyman, the program featured Crowell & Moring partners Bryan Brewer and Amy B. Comer, as well as senior counsel Maarten Stassen. See “Reconciling Data Localization Laws and the Global Flow of Information” (Oct. 11, 2017).

    Read Full Article …
  • From Vol. 3 No.19 (Sep. 27, 2017)

    FTC Settlements in Privacy Shield Cases and With Lenovo Over Use of “Man-in-the-Middle” Software Highlight Vigorous Enforcement Efforts

    Despite operating with only two of five Commissioners, the FTC has continued its data-privacy-enforcement efforts. It recently struck a major settlement with Lenovo over adware that was pre-installed on laptops and, unbeknownst to consumers, acted as a “man-in-the-middle,” with the ability to capture all of the data users transmitted to e-commerce websites they visited. It also reached settlements with three companies based on allegedly false claims of compliance with the U.S.-E.U. Privacy Shield framework. We explain the facts and circumstances that gave rise to the FTC enforcement actions and the terms of the settlements. See also “FTC Priorities for 2017 and Beyond” (Jan. 11, 2017).

    Read Full Article …
  • From Vol. 3 No.15 (Jul. 26, 2017)

    Best Practices for Managing the Risks of Big Data and Web Scraping

    The $60.5 million judgment that craigslist obtained in April 2017 against RadPad, a third party that collected data from craigslist's site through automated means, highlights some of the issues faced by entities that collect – or engage others to collect – data through automated means for commercial purposes. The judgment was based on various claims relating to RadPad’s use of sophisticated techniques to evade detection and harvest content from craigslist’s site, as well as distribution of unsolicited commercial emails to craigslist users to market RadPad’s own apartment rental listing service. In a guest article, Proskauer partners Jeffrey D. Neuburger, Joshua M. Newville and Robert G. Leonard provide an overview of big data and web scraping, outline potential sources of liability to hedge fund managers that collect big data and describe best practices for navigating several areas of potential liability. See also “Using Big Data Legally and Ethically While Leveraging Its Value (Part One of Two)” (May 17, 2017); Part Two (May 31, 2017).

    Read Full Article …
  • From Vol. 3 No.6 (Mar. 22, 2017)

    Understanding Online Advertising Technology and the Pipeline Process 

    Understanding the technology behind online advertising is critical to navigate the significant privacy and other legal issues in play. The risks associated with getting it wrong are sizeable. For example, following nine years of litigation, Google Inc. has agreed to pay a $22.5 million settlement to a proposed class of advertisers who claimed Google had placed their ads on inactive websites. At a recent PLI program, Jonathan Mayer, Stanford University attorney and computer scientist, explained the technology behind tracking, targeting and ad delivery, as well as the “high-frequency trading for eyeballs” ad bidding exchange process. See also “Keeping Up With Technology and Regulatory Changes in Online Advertising to Mitigate Risks” (Jan. 6, 2016).

    Read Full Article …
  • From Vol. 3 No.2 (Jan. 25, 2017)

    Tracking Consumer Data: DAA Guidance Applies Core Principles to Cross-Device Technology

    No longer tied to a desk for internet browsing, consumers move among devices, platforms, software, apps and service providers. While the technology offers consumers great convenience and other benefits, it can also make them uneasy as new forms of tracking are continually being developed. On February 1, 2017, the Council of Better Business Bureaus and the Direct Marketing Association will begin enforcement of the Application of the Digital Advertising Alliance Principles of Transparency and Control to Data Used Across Devices. The guidance takes DAA standards and principles and applies those to the technology of cross-device tracking. “DAA has been really effective by focusing on advertising practices, like cross-app advertising or cross-device linking, rather than focusing on specific technologies,” because the technologies rapidly change, Lindsey Tonsager, a partner at Covington, explained. See also “FTC Chair Addresses the Agency’s Data Privacy Concerns With Cross-Device Tracking” (Nov. 25, 2015).

    Read Full Article …
  • From Vol. 3 No.1 (Jan. 11, 2017)

    FTC Priorities for 2017 and Beyond

    From holding events on ransomware, disclosure and marketing tactics, to entering into settlement agreements for the misuse of location data, to tackling APEC’s privacy framework for the first time, 2016 was a busy year for the FTC’s privacy and security enforcement arm. The Commission’s actions indicate that it is intending to keep pace with the latest tech and policy developments. But what is in store for 2017? At IAPP’s recent Practical Privacy Series conference, FTC Commissioner Maureen Ohlhausen discussed the agency’s priorities for the coming year. See also “Demystifying the FTC’s Reasonableness Requirement in the Context of the NIST Cybersecurity Framework (Part One of Two)” (Oct. 19, 2016); Part Two (Nov. 2, 2016).

    Read Full Article …
  • From Vol. 3 No.1 (Jan. 11, 2017)

    Privacy, Security Risks and Applicable Regulatory Regimes of Smart TVs

    Technology often outpaces regulation. Connected devices such as smart TVs are no exception. Like other devices in the growing Internet of Things, smart TVs provide a variety of conveniences and content options to their users, along with a range of serious data privacy and security risks, and regulators are struggling to keep pace with developments. In a recent WilmerHale program, attorneys D. Reed Freeman and Sol Eppel discussed the FTC’s December 2016 workshop, and detailed the regulatory and legal regimes that may affect smart TV manufacturers, providers and users. See also “New NIST and DHS IoT Guidance Signal Regulatory Growth” (Nov. 30, 2016).

    Read Full Article …
  • From Vol. 2 No.17 (Aug. 24, 2016)

    Maximizing the Benefits of Big Data Within Permissible Bounds 

    Understanding how data is collected and shared is a critical component of cybersecurity and data privacy compliance. A recent PLI briefing looked at big data through the lens of businesses that use it for marketing, considering the various means by which it is collected, shared and used, the panoply of relevant laws and the related enforcement and litigation landscape. In addition to providing insight on these aspects, the program’s featured speaker, Robert H. Newman, a partner at Winston & Strawn, offered practical guidance for addressing big data issues in contracts and for dealing with data brokers. See also “Keeping Up With Technology and Regulatory Changes in Online Advertising to Mitigate Risks” (Jan. 6, 2016).

    Read Full Article …
  • From Vol. 2 No.14 (Jul. 6, 2016)

    Enforcing Consumer Consent: FTC Focuses on Location Tracking and Children’s Privacy

    The FTC is using its enforcement power to ensure meaningful choice when it comes to geo-location tracking that companies use to gain key marketing data, particularly when children are involved. The FTC brought an action against the global online advertising company InMobi alleging that the company had tracked millions of mobile app users, including children, even when they had opted out, and had misrepresented its practices to app developers and publishers. In the recent settlement, InMobi agreed to pay a significant fine and comply with a detailed long-term injunction. Donna Wilson, Manatt partner, told The Cybersecurity Law Report that companies should expect a “continued emphasis” from regulators on children’s privacy and geo-location practices, as well as a closer look at “how companies’ conduct in that area lines up with what they are telling either consumers and/or business partners and other third parties.” See also “FTC Director Analyzes Its Most Significant 2015 Cyber Cases and Provides a Sneak Peek Into 2016” (Jan. 6, 2016).

    Read Full Article …
  • From Vol. 2 No.4 (Feb. 17, 2016)

    Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part Two of Two)

    Companies are capitalizing on increased personal and professional mobile device use by collecting, storing and sharing mobile-generated information to improve products and services and target advertising. During a recent webinar, WilmerHale partners D. Reed Freeman, Jr. and Heather Zachary examined the latest federal, state and self-regulatory privacy and data security expectations tied to mobile devices. In this second installment of our two-part series, Freeman and Zachary address: how to ensure compliance in the use of cross-device advertising and tracking; Telephone Consumer Protection Act lessons; and key differences in Canada and E.U. regulations. Part one covered how practitioners can navigate the regulatory environment for mobile advertising, including self-regulatory guidance and the increasingly important role of the FCC. See also “FTC Chair Addresses the Agency’s Data Privacy Concerns With Cross-Device Tracking” (Nov. 25, 2015).

    Read Full Article …
  • From Vol. 2 No.3 (Feb. 3, 2016)

    Legal and Regulatory Expectations for Mobile Device Privacy and Security (Part One of Two)

    With consumers now using mobile devices in nearly every aspect of their personal and professional lives, companies are collecting, storing and sharing information from mobile use for a wide range of initiatives such as improving products and services and targeted advertising. During a recent webinar, WilmerHale partners D. Reed Freeman, Jr. and Heather Zachary examined the latest federal, state and self-regulatory privacy and data security expectations. Part one in this two-part series covers the panelists’ detailed discussion about how practitioners can navigate the regulatory environment for mobile advertising, including self-regulatory guidance and the increasingly important role of the FCC. In part two, Freeman and Zachary address: how to ensure compliance in the use of cross-device advertising and tracking; lessons from the Telephone Consumer Protection Act; and key aspects of the E.U. and Canada’s mobile privacy and data security regulations. See also “FTC Chair Addresses the Agency’s Data Privacy Concerns With Cross-Device Tracking” (Nov. 25, 2015).

    Read Full Article …
  • From Vol. 2 No.1 (Jan. 6, 2016)

    Keeping Up with Technology and Regulatory Changes in Online Advertising to Mitigate Risks

    The advertising and marketing industries are continually transforming the ways they reach and track consumers.  These changes bring with them a moving target of privacy challenges as companies try to ensure security of the data they collect as well as legal and regulatory compliance.  At a recent PLI program, Joseph J. Lewczak, a Davis & Gilbert partner, and Matthew Haies, general counsel at global digital media platform Xaxis, analyzed the current state of consumer data collection and privacy issues in a discussion of technological, regulatory and legal developments.  See also “The Tension Between Interest-Based Advertising and Data Privacy” (Sep. 16, 2015).

    Read Full Article …
  • From Vol. 1 No.17 (Nov. 25, 2015)

    FTC Chair Addresses the Agency’s Data Privacy Concerns with Cross-Device Tracking

    Consumers’ online presence is constantly in motion as they jump from device to device throughout the day.  Companies that want to track consumer activity are using new methods that follow consumers, and the platforms and applications they use, on these various devices.  The FTC recently held a workshop to examine and address privacy issues raised by cross-device tracking.  FTC Chairwoman Edith Ramirez commenced the workshop by explaining the Commission’s goal to allow technological innovation – with all the consumer benefits it offers – while safeguarding consumer privacy.  We highlight the key points of her speech in which she emphasized the importance of effective transparency, notice, choice and security.  See also “In the Wyndham Case, the Third Circuit Gives the FTC a Green Light to Regulate Cybersecurity Practices,” The Cybersecurity Law Report, Vol. 1, No. 11 (Aug. 26, 2015).  

    Read Full Article …
  • From Vol. 1 No.12 (Sep. 16, 2015)

    The Tension Between Interest-Based Advertising and Data Privacy

    How can companies employ interest-based online advertising – targeting the exact consumers they covet – without running afoul of data privacy laws?  During a recent panel at PLI’s Sixteenth Annual Institute on Privacy and Data Security Law, Julia Horwitz, coordinator of the Electronic Privacy Information Center’s Open Government Program and Noga Rosenthal, general counsel and vice president for compliance and policy for the Network Advertising Initiative, offered their perspectives on the current interest-based advertising (IBA) climate.  The panelists discussed the evolution of IBA, potential privacy pitfalls and how companies are self-regulating.

    Read Full Article …