Privacy and Data Security

Three Things Lead Generators Need to Know About the FCC New One-to-One Consent Rule

By Richard Newman / June 22, 2024
Posted in , , , , , ,

As previously blogged about here, the Federal Communications Commission recently published the final, single-seller, one-to-one lead generator consent rule (the “Rule”). The Rule amends the definition of “prior express written consent” for purposes of the Telephone Consumer Protection Act and will dramatically impact the lead generation industry.

How Does the New One-to-One, Single Seller Rule Impact Lead Generation?

When utilizing regulated technologies such as automatic telephone dialing systems (“ATDS”), artificial or prerecorded voice telephone calls, artificial intelligence voice telephone calls, outbound interactive voice response, and voicemail technology using artificial or pre-recorded  voice messages, consumers will be required to select each “seller” – the ultimate provider – of a product or service from whom they want to receive telephone calls from.

Note that manual dialing may not provide cover, including insofar as telephone numbers on a do-not-call registry and various state legal regulations are concerned.

Further note that single “seller” consent does not encompass lead generators and other intermediaries, with potentially limited exception.  Furthermore, it also appears that sharing consent across corporate affiliates will also be considered a Rule violation.

The cost of violating any of the Rule’s provisions are potentially devastating.  Plaintiffs’ attorneys will be ready to pounce.  Do not attempt to secure compliance on your own.  Contact an FTC lawyer to discuss legal regulatory considerations for keeping you and your business from becoming low hanging fruit.

The effective date for the single seller provisions of the Rule is January 2025. 

 » Read More

FTC Statement Regarding TikTok Complaint Referral to DOJ

By Richard Newman / June 20, 2024
Posted in , , ,

 On June 18, 2024, the Federal Trade Commission released a statement regarding the agency’s referral to the Department of Justice a complaint against TikTok, the successor to Musical.ly, and its parent company ByteDance Ltd.

The FTC’s investigation of these companies began in connection with its order compliance review of Musical.ly following a 2019 settlement with the company for alleged violations of the Children’s Online Privacy Protection Act.  The FTC also investigated additional potential violations of COPPA and the FTC Act, according to the statement.

The investigation uncovered reason to believe named defendants are violating or are about to violate the law and that a proceeding is in the public interest, so the FTC has voted to refer a complaint to the DOJ, according to the procedures outlined in the FTC Act.

The FTC does not typically make public the fact that it has referred a complaint.  Here, however, the agency states that it has “determined that doing so here is in the public
interest.”

Richard B. Newman is an FTC defense lawyer at Hinch Newman LLP.  Follow FTC defense attorney on X.

Informational purposes only. Not legal advice. May be considered attorney advertising.

 » Read More

New York Attorney General Endorses Legislation to Protect Children Online

By Richard Newman / June 7, 2024
Posted in , , , , ,

On June 7, 2024, the New York Attorney General announced that it applauds the passage of two legislative bills designed to protect children online and address the youth mental health in conjunction with the use of social media.

The bills, sponsored by Senator Andrew Gounardes and Assemblymember Nily Rozic, and advanced by Attorney General James in October 2023, are designed to protect children by prohibiting online websites from collecting and sharing their personal data and ”limiting addictive features of social media platforms that are known to harm their mental health and development.   The nation-leading legislation will serve as a model for other states to follow as governments work to curb the most dangerous aspects of social media to protect children online.”

“Our children are enduring a mental health crisis, and social media is fueling the fire and profiting from the epidemic,” said Attorney General James.  “The legislation my team worked on and supported along with bill sponsors Senator Gounardes and Assemblymember Rozic will help address the addictive features that have made social media so insidious and anxiety-producing.  I applaud Governor Hochul, Senate Majority Leader Stewart-Cousins, Assembly Speaker Heastie, and the legislative majorities for supporting this legislation and for agreeing that protecting children’s mental health must be a top priority.  New York state is once again leading the nation, and I hope other states will follow suit and pass legislation to protect children and put their mental health above big tech companies’ profits.”

According the New York AG’s office,

 » Read More

FCC Privacy + Data Protection Task Force Announces Enforcement Partnership with State Attorneys General

By Richard Newman / January 2, 2024
Posted in , , ,

On December 6, 2023, Federal Communications Commission Chairwoman Jessica Rosenworcel announced a new initiative to strengthen and formalize the cooperation between the FCC and its state partners on privacy, data protection and cybersecurity enforcement matters.

As part of the work of the FCC’s Privacy and Data Protection Task Force, the FCC’s Enforcement Bureau has signed Memoranda of Understanding with Attorneys General of Connecticut, Illinois, New York and Pennsylvania to share expertise, resources and coordinated efforts in conducting privacy, data protection and cybersecurity-related investigations to protect consumers.

The Memoranda of Understanding

           The new MOU affirm that the FCC and State Attorneys General “share close and common legal interests in working cooperatively to investigate and, where appropriate, prosecute or otherwise take enforcement action in relation to privacy, data protection or cybersecurity issues” under sections 201 and 222 of the Communications Act.

Coordinated action and information sharing will take place under all applicable federal and state laws, and privacy protections.

Federal and State Comments

           FCC Chairwoman Rosenworcel said, in pertinent part, that  “[d]efending consumer privacy is an all-of-government responsibility and a shared challenge.  Today we take on evolving consumer threats with new formal partnerships with state law enforcement leaders, which  have already been successful in obtaining record-breaking results in combatting illegal robocalls.”

FCC Enforcement Bureau Chief Loyann A. Egal said, in pertinent part, that “[u]se of information and communications technology and services have significantly enhanced our lives while at the same time increasing vulnerabilities to our privacy and sensitive data. 

 » Read More

FCC ADOPTS NEW RULE TO CLOSE THE LEAD GENERATOR ROBOCALL AND ROBOTEXTS LOOPHOLE

By Richard Newman / December 14, 2023
Posted in , , , ,

On December 13, 2023, the Federal Communications Commission adopted new rules designed to protect consumers from “scam communications” by directly addressing some of the “biggest vulnerabilities” in America’s robotext defenses and closing the “lead generator” robocall/robotexts loophole.

The new rules allow blocking of “red flagged” robotexting numbers, codifies Do-Not-Call rules for texting, and encourages an opt-in approach for delivering email-to-text messages.

Closing the Lead Generator Loophole

The new rules close a loophole through which “unscrupulous robocallers and robotexters inundate consumers with unwanted and illegal robocalls and robotexts.” The new rules make it unequivocally clear that comparison shopping websites and lead generators must obtain consumer consent to receive robocalls and robotexts one seller at a time – rather than have a single consent apply to multiple telemarketers at once.

Combating Robotext Sources

The new rules allow the FCC to “red flag” certain numbers, requiring mobile carriers to block texts from those numbers. The rules also codify that Do-Not-Call list protections apply to text messaging, making it illegal for marketing texts to be sent to numbers on the registry. And the order encourages providers to make email-to-text messages an opt-in service, which would limit the effectiveness of a major source of unwanted and illegal text messages.

Groundwork for Future Steps

In addition to the rules, the FCC also proposed and will take public comment on additional steps it might take against robotexts. The FCC proposes additional blocking requirements when the FCC notifies a provider of a likely “scam text-generating number.” The FCC will also seek further comment on text message authentication – modeled on the implementation of STIR/SHAKEN protocols for phone calls – including on the status of any industry standards in development.

 » Read More

California Passes The Delete Act – What Lead Generators and Data Brokers Need to Know

By Richard Newman / October 13, 2023
Posted in , , , , ,

On October 10, 2023, California Governor Gavin Newsom signed the Delete Act (SB 362).  The Act is new legislation that requires businesses that meet the definition of “data broker” to provide detailed disclosures about its practices, register with the state and delete any personal information relating to a California resident upon receiving a verifiable deletion request.

The Act requires the California Privacy Protection Agency to establish a simple deletion mechanism that permits individuals to submit deletion requests that data brokers must adhere to starting August 1, 2026.  Importantly, beginning in 2028 data brokers will be subject to audits intended to demonstrate compliance with the Act.

What Businesses are Covered Under the Act?

The Delete Act defines “data broker” as a business that knowingly collects and sells personal information of a consumer that it does not have a direct relationship with, to third parties.  Excluded are certain entities that may be covered by various federal and state laws relating to data, such as the Fair Credit Reporting Act, the Gramm-Leach-Bliley Act, the Health Insurance Portability and Accountability Act, the Confidentiality of Medical Information Act and the California Insurance Information and Privacy Protection Act.

Data brokers must register with the CPPA and pay registration fees, as well as fees for access to the deletion mechanism.

What are the Applicable Registration and Disclosure Requirements?

Data brokers are required to register with the CPPA on or before January 31 for each year that they meet the statutory definition of “data broker.”  In fact,

 » Read More

FTC and FCC Renew Memorandum of Understanding to Promote Cross-Border Law Enforcement Efforts to Combat Spam, Scams and Illegal Telemarketing

By Richard Newman / September 27, 2023
Posted in , , , , , ,

On September 21, 2023, the Federal Trade Commission announced that it has joined the Federal Communications Commission in signing a renewed memorandum of understanding (MOU) between public authorities who are members of the Unsolicited Communications Enforcement Network (UCENet).  The MOU aims to promote cross-border collaboration to combat unsolicited communications, including email and text spam, scams, and illegal telemarketing.

“The FTC is committed to using all of its tools to fight robocalls and other unsolicited communications that try to prey on consumers,” said FTC attorney and Chair Lina M. Khan.  “This scourge does not respect borders, and our recommitment to this MOU underscores the importance of international communication and cooperation to combat this problem.”

UCENet members agreed to renew and make evergreen the MOU, a non-binding instrument which the FTC and its partners signed in 2016.

The 2016 MOU was aimed at facilitating information sharing, capacity building, and enforcement assistance among the partners.  For the past seven years, it also has facilitated communication about emerging threats and complaint trends related to spam, scams, and illegal telemarketing.

The UCENET MOU is part of the FTC’s continuing to work to fight harms that can arise from unwanted messages.  According to the announcement, unsolicited communications in the form of illegal and spoofed robocalls, text messages, and emails are often the source of scams that harm millions of consumers in the United States each year.  The revised MOU also has been signed by UCENet partners in Canada,

 » Read More

Richard B. Newman Quoted in Cybersecurity Law Report on FTC’s Xbox and Alexa COPPA Case Lessons

By Richard Newman / June 26, 2023
Posted in , , , , , ,

FTC advertising compliance and defense attorney Richard B. Newman was recently quoted in an article for Cybersecurity Law Report titled “Xbox and Alexa COPPA Case Lessons: Avatars, Biometrics and Other New Expectations.”

The article discusses the FTC’s recent privacy enforcement run and how it reinforces regulators’ expanding expectations for companies using video and audio recordings, smart devices and AI.  The article further discusses recent agency settlements with Microsoft, Amazon and educational technology provider Edmodo that drew $51 million in penalties, broke new ground on the Children’s Online Privacy Protection Act Rule enforcement and signaled new expectations for all companies’ privacy compliance.

In discussing how COPPA is a tool for financial penalties and how these cases highlight the value of COPPA enforcement to the FTC versus its Section 5 authority under the FTC Act, Mr. Newman noted that “[i]n Amazon, obviously, the $25‑million settlement amount leaps out” for Alexa’s improper retention of voice recordings in violation of COPPA.

Mr. Newman further shared that “not just the FTC, but state attorneys general are becoming increasingly interested in expanding regulation of the use and sharing of consumer data, including geolocation data.”

While the FTC contests the issue at the federal level, data brokers and those that interact with them should expect that the plaintiffs’ class action bar and state AGs may lodge claims under state “little FTC acts” that echo the FTC’s July 2022 statement about geolocation data or the biometric one,

 » Read More

Florida Enacts Comprehensive Privacy Law

By Richard Newman / June 25, 2023
Posted in , , , , , ,

Florida has become the latest state – approximately ten – to enact a comprehensive privacy law.  On June 6, 2023, Governor DeSantis recently signed SB 262 which includes some new privacy provisions.  Florida also recently passed a child privacy law that is notably similar to California’s Age Appropriation Act that becomes effective July 1, 2024.

The Florida Digital Bill of Rights Law

Covered entities (“controllers”) include those that earn $1 billion in global gross annual revenues and either (i) receive 50% of gross annual revenue from online ad sales; (ii) operate a consumer smart speaker and voice command service with an integrated virtual assistant through a cloud-connected service and hands-free verbal activation; or (iii) operate an app store or digital distribution platform that has at least 250,000 apps available for download.

Note, however, that non-covered entities that serve as data processors for covered entities may potentially be impacted.  More specifically, such processors are required to support a covered entities’ compliance efforts and to maintain responsible contracts that include provisions governing data processing.  In fact, the new law sets forth specific requirements that must be included in such data processing agreements.

Not unlike other states, the Florida Digital Bill of Rights Law has numerous exemptions and applies to consumer information.  Exemptions include entities covered by HIPAA (and business associates), financial institutions and affiliates (subject to GLBA), non-profits, certain government entities, and higher education institutions.  There are also specific data exemptions.

 » Read More

FTC Reevaulates Green Guides and Pending Civil Penalty Implementing Rulemakings

By Richard Newman / June 4, 2023
Posted in , , , , ,

On May 23, 2023, the Federal Trade Commission hosted a national workshop designed to consider the current state of recycling practices and recycling-related advertising.

This follows an FTC announcement in December 2022 that the agency was seeking public comment on potential updates and changes to its ‘Green Guides’ for the use of environment marketing claims.  The Green Guides help marketers avoid making environmental marketing claims that are unfair or deceptive under Section 5 of the FTC Act.

Updates to ‘Green Guides’

In December 2022, the FTC announced that it would seek public comment on potential updates to its “Green Guides” for the use of environmental marketing claims.  FTC attorneys seek to update the Green Guides based on increasing consumer interest in buying environmentally friendly products.  The comment period was extended through April 24, 2023.

“Consumers are increasingly conscious of how the products they buy affect the environment, and depend on marketers’ environmental claims to be truthful,” said FTC lawyer and Bureau of Consumer Protection Director Samuel Levine.  “We look forward to this review process, and will make any updates necessary to ensure the Green Guides provide current, accurate information about consumer perception of environmental benefit claims.  This will both help marketers make truthful claims and consumers find the products they seek.”

The Green Guides were first issued in 1992 and were revised in 1996, 1998, and 2012.  They provide guidance on environmental marketing claims, including how consumers are likely to interpret particular claims and how marketers can substantiate these environmental claims to avoid deceiving consumers. 

 » Read More

Topics

Topics

Archives

Archives

About This Blog and Hinch Newman’s Advertising + Marketing Practice

Hinch Newman LLP’s advertising and marketing practice includes successfully resolving some of the highest-profile Federal Trade Commission (FTC) and state attorneys general digital advertising and telemarketing investigations and enforcement actions. The firm possesses superior knowledge and deep legal experience in the areas of advertising, marketing, lead generation, promotions, e-commerce, privacy and intellectual property law. Through these advertising and marketing law updates, Hinch Newman provides commentary, news and analysis on issues and trends concerning developments of interest to digital marketers, including FTC and state attorneys general advertising compliance, civil investigative demands (CIDs), and administrative/judicial process. This blog is sponsored by Hinch Newman LLP.

Featured Posts