Earlier this month, three class action lawsuits were filed against companies for alleged violations of the Children’s Online Privacy Protection Act (“COPPA”). These lawsuits are raising eyebrows as COPPA does not provide for a private right of action, and a potential class certification could open the floodgates for COPPA-based lawsuits. Given these lawsuits and the recent enforcement actions brought by the FTC and the New York State Attorney General, companies more than ever need to understand their responsibilities and obligations under COPPA and maintain measures for compliance.
Continue Reading

In what is being hailed by the Federal Trade Commission as “a record-setting win for American consumers,” and what should be viewed as a cautionary tale for marketers, satellite TV provider Dish Network (“Dish”) was recently found liable for repeated and willful violations of various federal and state telemarketing laws and ordered to pay 280 million dollars in damages in connection with a long-running lawsuit brought by the FTC, Department of Justice, and various state attorneys general.  This decision comes on the heels of last month’s order in a North Carolina class action lawsuit brought against Dish, awarding damages of 61 million to the class action plaintiffs based on many of the same unlawful practices.  The high monetary awards in both cases, and the additional restrictions imposed on Dish in the government’s lawsuit, highlight just how seriously regulators and courts are taking violations of the telemarketing laws.  In addition to the take-aways listed below, the big lesson from the Dish cases is that marketers who rely on a network of third-party vendors to reach out to new customers and turn a blind eye to those vendors’ compliance with the telemarketing laws do so at their peril –  and at the risk of millions in penalties. 
Continue Reading

Protection background. Technology security, encode and decrypt, techno scheme, vector illustration

Biometric data — from, e.g., retina, face and fingerprint scans — plays a big role in the current wave of new technology services. For example, biometrics provide security features for financial and healthcare products. And biometrics are behind some cool new in-game offerings in the interactive entertainment and social media space. But companies using or thinking of using biometric data have to comply with myriad privacy and data security laws and regulations, or face potential enforcement action and litigation. On January 30, 2017, the Southern District of New York dismissed one such litigation brought against video game publisher Take-Two Interactive Software, Inc. for alleged violation of the Illinois Biometric Information Privacy Act (“BIPA“). Here’s a summary.


Continue Reading