Patrick Bernhardt

Latest Articles

As consumers increasingly connect to the Internet using multiple devices—such as mobile phones, tablets, computers, TVs and wearable devices—advertising technology companies have rapidly developed capabilities to reach the same consumers across their various devices. Such “cross-device” tracking enables companies to target ads to the same consumer regardless of the platform, device, or application being used. Last week, the Federal Trade Commission (FTC) announced that it will host a workshop on November 16, 2015, to explore…
President Obama provided a preview of his State of the Union address next week which will propose comprehensive data privacy legislation, including a nationwide data-breach notification law, a Consumer Privacy Bill of Rights, and limitations on the use of student data. The announcement comes at a pivotal time for privacy in the wake of the high-profile data breaches that filled the news in 2014. In his remarks, President Obama called for Congress to create a…
Last year, California made child-related revisions to its Online Privacy Protection Act that have ramifications even for websites and other online services that are not directed to children.  The revision, “Privacy Rights for California Minors in the Digital World,” imposes obligations on any website, application, or other online service that (1) is directed to minors—that is, was created to reach an audience predominantly composed of minors—or (2) has actual knowledge that a minor is using…
Not to be outdone by Florida, California has yet again amended its data security breach law and again in groundbreaking (yet confusing) fashion. On September 30, 2014, California Governor Brown signed into law a bill (“AB 1710”) that appears to impose the country’s first requirement to provide free identity theft protection services to consumers in connection with certain data security breaches. The law also amends the state’s personal information safeguards law and…
California Attorney General Kamala Harris released a long-awaited report entitled Making Your Privacy Practices Public (Report) on May 21, 2014. The Report recommends “best practices” for compliance with the California Online Privacy Protection Act (CalOPPA). It was originally intended to answer critical questions about exactly what website, online service, and mobile application operators (collectively, “site operators”) must do to comply with CalOPPA’s new do not track (DNT) disclosure obligations, which took effect on January 1,…
California Attorney General Kamala Harris released a long-awaited report entitled Making Your Privacy Practices Public (Report) on May 21, 2014. The Report recommends “best practices” for compliance with the California Online Privacy Protection Act (CalOPPA). It was originally intended to answer critical questions about exactly what website, online service, and mobile application operators (collectively, “site operators”) must do to comply with CalOPPA’s new do not track (DNT) disclosure obligations, which took effect on January 1,…
In a much anticipated decision in the class action In re Hulu Privacy Litigation, U.S. Magistrate Judge Laurel Beeler of the U.S. District Court for the Northern District of California has shed new light on the meaning of “personally identifiable information” (PII) under the Video Privacy Protection Act (VPPA). This has important implications for companies that host videos on their websites and integrate their services with social media companies or web analytics service providers. The…
In a much anticipated decision in the class action In re Hulu Privacy Litigation, U.S. Magistrate Judge Laurel Beeler of the U.S. District Court for the Northern District of California has shed new light on the meaning of “personally identifiable information” (PII) under the Video Privacy Protection Act (VPPA). This has important implications for companies that host videos on their websites and integrate their services with social media companies or web analytics service providers. The…
The Better Business Bureau’s Online Interest-Based Advertising Accountability Program (“the Accountability Program”) issued its first ever compliance warning on October 14, a move that is intended to clarify the obligations of websites where data are gathered for Online Behavioral Advertising (“OBA”) purposes.  The result is that operators of such websites are now expected to ensure that consumers receive “enhanced notice” under the Principles, and cannot simply rely in all instances on third parties, such as…
The Better Business Bureau’s Online Interest-Based Advertising Accountability Program (“the Accountability Program”) issued its first ever compliance warning on October 14, a move that is intended to clarify the obligations of websites where data are gathered for Online Behavioral Advertising (“OBA”) purposes.  The result is that operators of such websites are now expected to ensure that consumers receive “enhanced notice” under the Principles, and cannot simply rely in all instances on third parties, such as…