All in Privacy + Cybersecurity

What You Need to Know About the FTC’s Hearing on Consumer Privacy

As part of the FTC’s hearings on Competition and Consumer Protection in the 21st Century, the agency convened a two-day hearing on consumer privacy.  The hearing featured remarks from the FTC Commissioners and numerous panel discussions by leading experts in the field.  After the dust settled, the hearing revealed insights from the Commissioners and both areas of consensus and deep fault lines among privacy stakeholders.  Here’s what you need to know.

As the FTC Re-Examines its Approach to Consumer Privacy, It Faces Echoes of Past Failed Rulemaking

On Tuesday, the FTC kicks off a two-day hearing to help it reevaluate its approach to consumer privacy.  At the same time, the push for federal privacy legislation is moving forward in 2019, and one common theme from the bills that have been introduced is a greater role for the FTC.  But, despite these developments, the FTC so far has been relatively conflicted about seeking wide-ranging power from Congress to set privacy rules across the country -- a reluctance that reflects the agency’s history, and in particular its ill-fated history with attempting to regulate children’s advertising.

FTC’s Look at Device Repair Policies Will Implicate IoT Privacy and Security and the Right-to-Repair Debate

On March 13, the FTC announced that it will be holding a workshop on repair restrictions – ways in which manufacturers might limit repairs of devices by consumers and third-party repair shops.  The agency is seeking empirical research and data on topics like the risks associated with repair by third parties and impact of any restrictions on prices.  Device manufacturers should pay close attention and evaluate whether certain restrictions can be beneficial for device security and consumer privacy throughout the lifecycle of the device, as the FTC’s workshop will set the stage for greater federal action in this area.

Zappos and the Supreme Court’s Reluctance to Address Privacy Harms Under Article III Standing

On Monday, the Supreme Court denied cert in Zappos.com, Inc. v. Stevens, signaling that the Court remains reluctant to address privacy harms under Article III standing.  The petition for certiorari in Zappos asked the Court to resolve a circuit split over whether individuals have standing where their personal information is held in a database breached by hackers, even if they have not actually suffered an injury from that data breach. 

Issue-spotting Federal Privacy Framework from Congressional Hearings

On February 26 and 27, commerce committees in the House and Senate convened the first consumer data privacy hearings of the 116th Congress. These hearings reflect a growing consensus on Capitol Hill that, in light of developments both in the states and overseas, a comprehensive federal privacy framework is becoming increasingly necessary to address an increasingly fragmented and incongruous patchwork of privacy regulation to the detriment of consumers and industry.