Perspectives on Consumer Data

FTC recently brought its first case under the 2010 Restore Online Shoppers’ Confidence Act that prohibits online sellers from charging consumers in an Internet transaction unless the seller has clearly disclosed all material terms of the transaction and obtained consumers’ express informed consent.

The outdoor sporting goods company Bass Pro recently agreed to pay $6 million to settle claims that it violated California privacy laws.

In testimony before the US Senate Judiciary Committee earlier this summer, the Federal Trade Commission (FTC) lent its support to federal legislation that would require businesses to obtain “affirmative express consent” from consumers before collecting geolocation data from mobile devices.

On September 15, 2014, Arent Fox was in attendance at the Federal Trade Commission’s (FTC) public workshop on so-called “Big Data” that was designed to explore how its use is impacting American consumers.

European Data Protection Authorities (DPAs) — the entities responsible for enforcing the European Union (EU) Data Directive and the EU Cookie Directive — are taking part in what is being referred to as “Cookie Sweep Day.”

Walmart recently argued that the US District Court for the Eastern District of California should not grant class certification in a suit alleging that Walmart’s data collection practices violate California’s Song-Beverly Credit Card Act of 1971 (Song-Beverly Act).

In 2014, Macy’s and Foot Locker became the latest retailers to be forced to defend allegations that they illegally collect personal information from shoppers.

The Federal Trade Commission (FTC) recently won a significant victory in federal court in its ongoing efforts to hold businesses accountable for their data security practices.

In the last year, more than 17 class actions have been filed against retailers based on their alleged collection of ZIP codes from their customers.

The Federal Trade Commission (FTC) recently charged two companies — Fandango, LLC, and Credit Karma, Inc. — with violating the FTC Act by misrepresenting the security of their mobile apps and failing to securely transmit sensitive personal information over the Internet.

According to the US District Court for the Northern District of California, Google’s co-mingling of the personal identification information (PII) it collects from users across multiple product platforms does not create an injury sufficient to grant standing to sue in federal court.

With the proliferation of smart phones and other mobile devices, it has never been easier for brands and marketers to collect data about the habits and desires of their customers.

Beginning January 1, 2014, websites and online service operators that collect consumers’ personally identifiable information will likely be forced to update their privacy policies to comply with a new law in California.