Over the past decade, since the Federal Aviation Administration (FAA) first permitted the use of drones for commercial and hobbyist purposes, after the 2012 directive of Congress for the FAA to come up with a “comprehensive plan” for integrating drones into the National Airspace, drone use has grown substantially. However, with that growth has come

This week (May 8-12, 2017) is Privacy Awareness Week—an annual initiative of the Asia Pacific Privacy Authorities Forum (APPA) that concentrates on sharing information about privacy practices and rules.

The APPA is an interesting group made up of privacy regulators from Australia, British Columbia, Canada, Colombia, Hong Kong, Japan, Korea, Macao, Mexico, New South Wales,

The Federal Communications Commission (FCC) privacy rules required providers such as Comcast Corp. and AT&T Inc. to get subscribers’ permission before collecting and sharing their personal data. On April 4, 2017, President Donald Trump signed a congressional resolution rescinding those rules and sparking major concern both in the U.S. and Europe.

Indeed, according to a

As was expected, President Trump signed into law the rescinding of the broadband privacy regulations adopted in 2016 by the Obama administration’s Federal Communications Commission (FCC).

The now rescinded regulations would have required internet service providers (ISPs) to obtain consent from a customer before using or selling the customer’s Web browsing history, app usage history,

Last October, the Federal Communications Commission (FCC) approved new privacy rules governing how Internet Service Providers (ISPs) are permitted to use and share its customers’ personal information. The rules have been fiercely contested by telecom companies that contend they are being unfairly held to more stringent regulations than so-called edge providers (Google, Facebook, etc.), which are subject only to less restrictive guidelines established by the Federal Trade Commission (FTC). In particular, the FCC rules go beyond FTC regulations in defining “sensitive” customer information to include web browsing and application usage history and requiring ISPs to obtain affirmative “opt-in” consent before using or sharing such information. Certain data security obligations under the rules were scheduled to go into effect on March 2nd, with the remaining provisions relating to data breach notification and opt-in requirements slated for implementation later this year.
Continue Reading Congress, FCC Weigh Measures to Repeal ISP Privacy Rules

This year has been a busy year for education law in the area of data privacy. Educational institutions continue to be a rich target for hackers. Additionally, there were some important developments in the interpretation of Family Educational Rights and Privacy Act (FERPA) and the Telephone Consumer Protection Act (TCPA) as it applies to educational institutions.

  • In December, DeVry University Settled with the FTC for $100 million over allegations that it misled prospective students with ads that promised higher employment success and income upon graduation.
  • Also in December, UMass Amherst settled with the Office for Civil Rights (OCR) for $650,000 for HIPAA violations related to a malware infection that led to the release of names, addresses, Social Security numbers, dates of birth, health insurance information, diagnoses, and procedure codes.
  • In November, a hacker gained access to 1,213 records of applicants to the University of Wisconsin Law School.
  • On September 14, 2016, the Department of Education (DOE) issued a “Dear Colleague Letter” providing guidance on the application of FERPA to the disclosure of student medical records in the context of litigation.

Continue Reading Top Ten Education Developments, Breaches, and Settlements of 2016

We have previously warned consumers about IRS phone scams that defraud consumers.

Basically, the fraudsters call unsuspecting victims over the telephone impersonating an IRS official, and intimidate the recipient of the call to believe that they have an outstanding tax liability and telling them that if they don’t pay up, they will be arrested and

Last week, the Federal Communications Commission (FCC) released landmark protections for internet users, requiring permission from broadband subscribers before broadband providers can collect data on the subscribers’ web browsing, app use, location information or financial information. Broadband providers rely on subscriber data like this to create sophisticated, targeted advertising. Tom Wheeler, Chairman of the FCC,

In July we wrote about the exemption for robocalls made by the federal government (or its contractors) from the restrictions of the Telephone Consumer Protection Act (TCPA). Now, the Federal Communications Commission (FCC) added another caveat to the TCPA, advising that while federally backed debt collection calls to consumers at risk of delinquency are exempt

On August 4, 2016, the Federal Communications Commission (FCC) issued a ruling applicable to schools and utilities regarding the application of the Telephone Consumer Protection Act (TCPA) to robocalls and text messages to wireless numbers in emergencies.

The FCC ruling states that schools can make robocalls and sent automated texts to wireless phones without consent