The nations of the Amazon rainforest have all but lost the battle over the dot Amazon domain (.Amazon), with the governing body, ICANN, saying that Amazon.com’s application for the .Amazon TLD can proceed. The Amazon basin nations, represented by the Amazon Cooperation Treaty Organization (ACTO) include Peru, Brazil, Ecuador, Colombia, Bolivia, Venezuela, Guyana and Suriname.
A newly proposed Federal law, if enacted, will extract large fines from Credit Reporting Agencies that experience data breaches, and will also establish an Office of Cybersecurity at the Federal Trace Commission.
Legislation introduced in Washington would make the practice of using so-called ‘dark patterns’ illegal. The bipartisan (!) bill is called the DETOUR Act, and stands for the Deceptive Experiences To Online Users Reduction (DETOUR) Act. Dark patterns are web interface designs created to manipulate users into taking actions and providing data that they otherwise wouldn’t. Dark patterns are based on behavioral psychology.
There is a groundswell of GDPR-like privacy legislation being introduced in several states, with laws to protect the privacy of online personal information and data being introduced in Washington, Massachusetts, Maryland, New York, Rhode Island and Hawaii.
Google is providing law enforcement agencies with lists of devices it has identified as being in the area of a crime scene at the time of the crime. With the data from Google’s massive device location database called Sensorvault, law enforcement then creates lists of possible suspects and witnesses.
With little national fanfare, Vermont’s new data brokering law – requiring businesses which buy and sell your personal data to register and disclose to the state of Vermont that they are a data broker – went into effect a few weeks ago.
We are very pleased to welcome Explaining the Law.com to our ISIPP Publishing family! ExplainingTheLaw.com is a project spearheaded by our editor and publisher, Anne P. Mitchell, attorney at law. Anne is a graduate of Stanford Law School, and a retired professor of law, so she’s pretty darned good at explaining the law in plain English.
Facebook has been sued by the Washington D.C. District Attorney for Facebook’s lax and improper handling of Facebook users’ data following last March’s privacy scandal in which Cambridge Analytica was able to harvest and use the personal information of 50 million Facebook users.
California governor Jerry Brown signed a new California net neutrality law into law yesterday (yes, on a Sunday, September 30th), and on that same Sunday, hours later, the Department of Justice filed a lawsuit against California’s new net neutrality law, saying that it “unlawfully imposes burdens on the Federal Government’s deregulatory approach to the Internet.”
Countless organizations have found, to their dismay, that they must buy all new wireless mic equipment, or be dead in the water when it comes to their sound system, owing to a decision by the FCC.
Hot on the heels of California passing their California Consumer Protection Act (CCPA) which is actually a consumer data protection law, and on the slightly more distant heels of the passage and enactment of the General Data Protection Regulation (GDPR), Colorado has both passed and enacted the Colorado Consumer Data Protection Act (CCDPA).
LifeLock, the company that offers identity theft insurance, has settled a lawsuit with the FTC after the Federal Trade Commission sued LifeLock for deceptive advertising claims. Life Lock says that they were happy to settle the suit because the suit was based on facts that are two years old, and no longer applicable.
Two weeks ago California passed AB 375, now Title 1.81.5 of the California Code, and known as the California Consumer Privacy Act of 2018 (AB stands for Assembly Bill, meaning it was first introduced in the Assembly; SB would mean it had been introduced in the Senate). Also now known as the CCPA, the original sponsors of AB375 were California Assemblyman Edwin Chau, and California Senators Bob Hertzberg and Bill Dodd, Democrats all. The CCP is the California equivalent of GDPR.
In a fairly stunning win for mobile phone privacy, the Supreme Court has ruled that law enforcement agencies must obtain a warrant before they can demand and receive from mobile carriers and mobile providers access to the cell phone location data (known as ‘cell site location information’, or CSLI for short) of a given cellular phone. In the case of Carpenter v. United States, the Supreme Court held that tracking a cell phone is barely different than putting an ankle bracelet on an individual and monitoring their movements, and so overturned related case law that has been around for (up to) decades.
With today’s Supreme Court decision in the Wayfair v. South Dakota case, the Supremes have cleared the way for states to collect sales tax from Internet-based merchants who do not have a physical presence within the state; however the ruling is quite narrow in its scope and so does not open the floodgates for states to tax anybody and everybody who arguably does business online within a given state. Read on for a plain English explanation of this Internet sales tax decision, as well as a link to the full South Dakota v. Wayfair decision and the dissenting opinions.