Privacy and Information Security Law Blog

Tag Archives: IP Address

FTC Announces Updated COPPA Rule

Posted on December 19, 2012 by Hunton & Williams LLP

On December 19, 2012, the Federal Trade Commission announced the adoption of its long-awaited amendments to the Children’s Online Privacy Protection Rule (the “Rule”). The FTC implemented the Rule, which became effective on April 21, 2000, pursuant to provisions in the Children’s Online Privacy Protection Act of 1998 (“COPPA”).

Tags: Advertisement, Consumer Protection, Cookies, COPPA, Enforcement, Federal Trade Commission, Geolocation, IP Address, Online Privacy

German DPAs Adopt Resolutions on EU Data Protection and IPv6

Posted on November 16, 2012 by Hunton & Williams LLP

On November 8, 2012, the 84th Conference of the German Data Protection Commissioners concluded in Frankfurt (Oder). This bi-annual conference provides a private forum for the 16 German state data protection authorities (“DPAs”) and the Federal Commissioner for Data Protection and Freedom of Information Peter Schaar to share their views on current issues, discuss relevant cases and adopt Resolutions aimed at harmonizing how data protection law is applied across Germany.

Tags: Anonymization, Data Protection Authority, EU Data Protection Directive, EU Member States, EU Regulation, European Commission, European Union, Events, Germany, International, IP Address, Legislation, Online Privacy

FTC Seeks Comments on Additional Proposed Revisions to COPPA Rule

Posted on August 2, 2012 by Hunton & Williams LLP

On August 1, 2012, the Federal Trade Commission announced that it is seeking public comments on additional proposed modifications to the Children’s Online Privacy Protection Rule (“COPPA Rule” or “Rule”). According to the FTC, the second-round revisions modify certain COPPA Rule definitions to “clarify the Rule’s scope and strengthen its protections for the online collection, use, or disclosure of children’s personal information.” The FTC developed these new definitions after reviewing the 350 public comments submitted in response to the Commission’s September 2011 proposal to amend the Rule.

Tags: Advertisement, Consumer Protection, Cookies, COPPA, Federal Trade Commission, IP Address, Online Privacy

Article 29 Working Party Opines on Proposed EU Data Protection Law Reform Package

Posted on March 30, 2012 by Hunton & Williams LLP

On March 23, 2012, the Article 29 Working Party (the “Working Party”) adopted an Opinion on the European Commission’s data protection law reform proposals, including the draft Regulation that is of particular importance for businesses. The Working Party’s Opinion serves as the national data protection authorities’ contribution to the legislative process before the European Parliament and the European Council.

Tags: Accountability, Article 29 Working Party, Binding Corporate Rules, Cookies, Data Controller, Data Processor, Data Protection Authority, Data Transfer, EU Data Protection Directive, EU Member States, EU Regulation, European Commission, European Union, International, IP Address, Online Privacy, Privacy By Design, Right to Be Forgotten, Safe Harbor, Security Breach

German Federal Constitutional Court Restricts Access to User Data for Law Enforcement Purposes

Posted on March 1, 2012 by Hunton & Williams LLP

On February 24, 2012, the German Federal Constitutional Court (Bundesverfassungsgericht) ruled that certain provisions in the Federal Telecommunications Act concerning the disclosure of telecom user data to law enforcement agencies violate the German constitution. The Court held that strict conditions apply when law enforcement authorities and intelligence agencies ask telecommunications service providers (which may include hospitals and hotels) to turn over certain user data, i.e. passwords and PIN codes.

Tags: Enforcement, European Union, Germany, International, IP Address, Telecommunications

Representative Stearns Introduces Consumer Privacy Protection Act

Posted on April 15, 2011 by Hunton & Williams LLP

On April 13, 2011, Representative Cliff Stearns (R-FL) introduced the Consumer Privacy Protection Act of 2011 (the “Act”), which seeks to “protect and enhance consumer privacy” both online and offline by imposing certain notice and choice requirements with respect to the collection and use of personal information.

Tags: Advertisement, Cliff Stearns, Consumer Protection, Federal Trade Commission, IP Address, Marketing, Online Privacy, Personally Identifiable Information, Privacy Policy, Social Security Number, U.S. Federal Law

German DPAs Still Consider Google Analytics Illegal

Posted on October 5, 2010 by Hunton & Williams LLP

According to a press report dated October 2, 2010, the German state data protection authorities responsible for the private sector (also known as the “Düsseldorfer Kreis”) continue to consider the use of Google Analytics on company websites to be illegal. The Düsseldorfer Kreis reached this decision at a recent meeting of its Telemedia working group. The group has indicated that it hopes to continue negotiations with Google. Dr. Alexander Dix, the Berlin Commissioner for Data Protection and Freedom of Information who was interviewed on this issue, stated that although Google has undertaken some efforts to improve Analytics, that the DPAs do not consider these efforts to be sufficient. The DPAs have given Google eight weeks to improve the service. If Google fails to do so, the DPAs will commence enforcement actions against German companies using Google Analytics on their websites. The DPAs are primarily concerned with the fact that the Google Analytics software illegally transfers users’ IP addresses to the United States. According to Dix’s statements, such transfers are prohibited without the users’ consent.

In November 2009, the German DPAs issued a resolution which included requirements for website analytics software based on the data protection provisions of the German Telemedia Act. In May 2010, Google released a Google Analytics Opt-out Browser Add-on that allows webmasters to activate an “IP Masking” function to anonymize information collected by tracking mechanisms by removing a portion of IP addresses prior storing them.

Tags: Anonymization, Data Protection Authority, Enforcement, European Union, Germany, Google, International, IP Address, Online Privacy

German Court Finds No Right to Immediate Deletion of IP Addresses

Posted on July 13, 2010 by Hunton & Williams LLP

In a recently published decision rendered on June 16, 2010, the Frankfurt am Main Higher Regional Court ruled that an Internet access provider may store IP addresses for seven days, and therefore, customers have no right to demand immediate deletion of their IP addresses. The Court’s ruling upheld a decision originally rendered by the regional court of Darmstadt.

The claimant had requested that Deutsche Telekom AG delete the dynamic IP address assigned and stored for each Internet session immediately upon disconnection by a user. Up to that point, the Internet provider had been retaining IP addresses for 80 days after each billing cycle. In June 2007, the lower court granted the claimant request, imposing a maximum retention period of seven days for IP addresses. The Internet provider reduced its IP address retention period accordingly, based on an agreement with the German federal data protection authority.

Tags: Behavioral Advertising, Data Protection Authority, European Union, Germany, International, IP Address, Online Privacy, Record Retention, Telecommunications

Twitter Settles FTC Data Security Charges

Posted on June 24, 2010 by Hunton & Williams LLP

Twitter has agreed to settle Federal Trade Commission charges that it deceived consumers and put their privacy at risk by failing to safeguard their personal information. The charges stem from alleged lapses in the company’s data security that permitted hackers to access tweets that users had designated as private and to issue phony tweets from the accounts of some users, including then-President-elect Barack Obama. According to the FTC’s complaint (main document, exhibits), these attacks on Twitter’s system were possible due to a failure to implement reasonable safeguards, including:

requiring employees to use hard-to-guess administrative passwords that are not used for other programs, websites or networks;
prohibiting employees from storing administrative passwords in plain text within their personal email accounts;
suspending or disabling administrative passwords after a reasonable number of unsuccessful login attempts;
providing an administrative login webpage that is made known only to authorized persons and is separate from the login page for users;
enforcing periodic changes of administrative passwords by, for example, setting them to expire every 90 days;
restricting access to administrative controls to employees whose jobs required it; and
imposing other reasonable restrictions on administrative access, such as by restricting access to specified IP addresses.

The proposed settlement agreement contains a consent order requiring Twitter to implement data security safeguards and submit to periodic independent security audits. The FTC’s press release contains more details.

Tags: Consent Order, Consumer Protection, Enforcement, Federal Trade Commission, Information Security, IP Address, Online Privacy, Social Media, Twitter, Workplace Privacy

The Digital Economy Act 2010: A Step Toward Censorship?

Posted on April 19, 2010 by Hunton & Williams LLP

On April 8, 2010, the Digital Economy Act (the “Act”), containing provisions relating to online copyright infringement, network infrastructure and digital safety, became law in the UK. The Act’s main provisions include:

new duties for the Office of Communications (the UK’s communications regulator), to report every three years on issues such as the UK’s communications infrastructure and Internet domain name registration;
additional obligations on Internet Service Providers (“ISPs”) that seek to reduce online copyright infringement;
increased penalties for online copyright infringement; and
intervention powers with respect to Internet domain registries.

Tags: European Union, International, IP Address, Online Privacy, Right to Privacy, United Kingdom

Privacy and Information Security Law Blog - Global privacy and information security law updates and analysis

Tag Archives: IP Address

FTC Announces Updated COPPA Rule

German DPAs Adopt Resolutions on EU Data Protection and IPv6

FTC Seeks Comments on Additional Proposed Revisions to COPPA Rule

Article 29 Working Party Opines on Proposed EU Data Protection Law Reform Package

German Federal Constitutional Court Restricts Access to User Data for Law Enforcement Purposes

German DPAs Still Consider Google Analytics Illegal

German Court Finds No Right to Immediate Deletion of IP Addresses

The Digital Economy Act 2010: A Step Toward Censorship?

Published By Hunton & Williams

Search

Subscribe

Topics

Recent Updates

Blogroll

Stay Connected

Privacy News