Alex Schneider

Photo of Alex Schneider

 

 

Email
(202) 342-8634
Bio

 

 

 

Latest Articles

A federal judge allowed a class-action lawsuit alleging Bose collected and shared data about its headphone users to proceed last week on the basis of deceptive advertising. The decision underscores the risks that internet of things (IoT) businesses can face if they fail to accurately communicate to consumers how a mobile app or “smart” product collects and uses personal data. At issue in the case is an allegation that Bose offered a companion app for…
The Danish and Polish data protection authorities issued their first GDPR fines last month. The cases serve as indicators of the kinds of technical violations enforcement officials are looking to deter as they police the EU’s new privacy regulation. In Denmark, Datatilsynet recommended fining the taxi company Taxa 4×35 nearly $180,000 for failing to delete records on 9 million taxi rides after they were no longer needed.  Article 5 of the GDPR discourages companies from…
The National Institute of Standards and Technology (NIST) released a preview of its plans for a standard Privacy Framework this past week.  The purpose of the Framework is to help organizations better manage privacy risks. The Privacy Framework would breakdown privacy functions into five categories: identify the context of processing, protect private data, control data through data management, inform individuals about data processing, and respond to adverse breach events. Also, organizations would be able to…
The Federal Trade Commission (FTC) announced this week that it would not update its anti-spam rule, completing the agency’s first 10-year review of the regulation. The FTC last updated the rule, known as the CAN-SPAM Rule, in 2008. The rule requires, among other things, that commercial e-mail messages have a mechanism for allowing the recipient to opt out of future messages. As part of the FTC’s review process, the FTC sought comments on whether the…
The FTC’s “Hey Nineteen” blog post caught our attention this past week, and not just for its witty title. One of those reasons is the reference to continued interest in “Made in USA” claims.  As we’ve written about here, “Made in America” has been a frequent enforcement target in recent years and 2018 generally continued this trend.  Here’s how it stacked up: The FTC completed 25 investigations, settling four enforcement actions and…
In the Data Business? You May Be Obligated to Register in Vermont by Thursday Data brokers have until this Thursday to register with the Vermont Secretary of State as part of a new data broker oversight law that became effective January 1st. Approved unanimously by the Vermont Senate last May, the Vermont Data Broker Regulation, Act 171 of 2018, requires data brokers to register annually, pay an annual filing fee of $100, and maintain minimum…
On Monday, France’s Data Protection Agency announced that it levied a €50 million ($56.8 million) fine against Google for violating the EU’s new General Data Protection Regulation (GDPR).  The precedent-setting fine by the Commission Nationale de l’Informatique et des Libertés (“CNIL”) is the highest yet imposed since the new law took effect in May 2018. How Does Google Violate GDPR, According to CNIL? Lack of Transparency: GDPR Articles 12-13 require a data controller to provide…