The National Telecommunications and Information Administration (NTIA) has published a request for comment on federal policy related to the Internet of Things (IoT). For more information, please refer to our post on C&M Health Law. Crowell & Moring is available to assist in preparing comments in advance of the May 23,2016 filing deadline.

 

FCC Adopts a NPRM for Privacy Proposal; FTC Chairwoman Wants IoT Threat Addressed; Consumer Reports Hit with Privacy Class Action; DOJ Accesses Shooter’s Phone and Drops Apple Suit

FCC Adopts a NPRM for Privacy Proposal

On Thursday, March 31 in a 3-2 party-line vote, the FCC advanced a Notice of Proposed Rulemaking (NPRM) for broadband privacy. The proposed rules would restrict ISP’s use of basic consumer data and require consumer consent for certain types of data collection.  Although ISPs under the rule could still collect basic consumer data to market communications- related services to subscribers, ISPs would have to allow users to opt-out of that data collection.  On the other hand, ISPs would have to allow used to opt-in to the use and sharing of other types of data, such as browsing history and physical location.  Under the proposed rules, providers are also required to share how data is used or shared with consumers.  Some have criticized the proposed rules, arguing that they have the potential to create an uneven enforcement regime as companies have the potential to face varied FCC and FTC standards.

FTC Chairwoman Wants IoT Threat Addressed

On Thursday, March 31, FTC Chairwoman Edith Ramirez urged manufacturers of Internet of Things (IoT) devices to “design devices that take into consideration unexpected uses of their IoT data, and the potential for misuse.” In a speech at the American Bar Association’s conference on IoT in Washington, DC, Chairwoman Ramirez outlined a series of steps that she recommends manufacturers take as they develop new IoT technology.  Drawing on common privacy practices, Chairwoman Ramirez advised manufacturers to provide consumers with clear notice of data collection practices and to allow consumers to opt in or out of particular data collection practices.  She also encouraged manufacturers to build security into devices from the outset and keep track of issues through a device’s life cycle.   The FTC plans to hold a series of workshops this fall to look at a series of issues arising from new technology, such as smart televisions and UAVs.


Continue Reading

US Changes Stance on Wassenaar Arrangement Hacking Amendment; FCC Proposes Privacy Rules for Internet Providers; New Jersey Supreme Court Unanimously Approves Roving Wiretaps; FTC Commissioner Opposes Encryption Backdoor Legislation

US Changes Stance on Wassenaar Arrangement Hacking Amendment

Last week, the U.S. executive branch announced that it will change its stance on the 2013 amendment to the Wassenaar Arrangement that closely regulates the international export of cyber hacking and surveillance technology.  This is a big win for the private sector.  Indeed, industry has long been critical of this amendment to the Wassenaar Arrangement, a multilateral export control regime with 41 participating states, because of its potential to chill and stifle innovation in the cybersecurity.  The controversy over this rule has highlighted the difficulty of applying export controls, which are usually restricted to physical items, to the virtual world.   Now, the U.S. faces the daunting task of convincing the 40 other countries on the Arrangement to agree with its new position before the controversial amendment can be formally changed.

FCC Proposes Privacy Rules for Internet Providers

After much anticipation, on March 10 the FCC unveiled its proposed broadband privacy rules, which will be voted on by the full commission at its March 31 open meeting.  According to the fact sheet published alongside the rules, the FCC sought to emphasize customer choice, transparency, and security. Generally, the proposed requirements parallel requirements of other consumer privacy efforts, such as the proposed SPY CAR Act, where lawmakers have sought to require industry to better inform consumers about the use and collection of their data.

Among other things, the proposed rules would oblige providers to obtain customer consent via an “opt-in” to use customer data outside of marketing for “communications-related services.”  The proposed rules also require ISPs to take “reasonable steps” to safeguard customer information.   Those reasonable steps include, “at a minimum,” adopting risk management practices, instituting personnel training practices, adopting strong consumer authentication requirements, identifying senior management responsible for data security, and taking responsibility for the use and protection of customer information when shared with third parties.  Providers must also notify consumers, the Commission, the FBI, and the Secret Service in the event of some breaches.


Continue Reading

Crowell & Moring LLP is pleased to release its “2016 Litigation & Regulatory Forecasts: What Corporate Counsel Need to Know for the Coming Year.” The reports examine the trends and developments that will impact corporations in the coming year—from the last year of the Obama administration to how corporate litigation strategy is transforming from the inside out. This year will bring remarkable change for companies, as market disruptions and the speed of innovation transform industries like never before, and the litigation and regulatory environments in which they operate are keeping pace.

Continue Reading

The Internet of Things has found its way into the court room once again.  Last week, two mothers filed a putative class action stemming from their children’s use of “Hello Barbie,” an interactive version of the popular doll that relies on cloud-based technology to talk back to its playmates and that the mothers allege violated

Please join Crowell & Moring for the fourth in a series of webinars focused on key issues of importance to the health care industry on September 29, 2015 at 2 PM ET. With the size, severity, and complexity of cyber threats continuing to increase, health care companies are high risk targets due to the

Crowell & Moring would like to invite government contractors to ring-side seats for the fight of the year – Congress v. the White House.  This year’s Ounce of Prevention Seminar (OOPS) will focus on the dynamic interplay between the opposite ends of Pennsylvania Avenue and how it will ultimately impact government contractors across the industry.  

On Monday, the Senate passed Resolution 110, calling for the development of a national strategy that incentivizes and accelerates the country’s use of the “Internet of Things,” or IoT.  The Resolution comes amidst increased attention on the IoT industry, including the first Congressional hearings on the subject in both the House and the Senate.  The discussion has centered around the question of whether and to what extent the U.S. Government should regulate the burgeoning industry. 
Continue Reading

Last week, the Senate Committee on Commerce, Science, and Transportation convened to hold a hearing on “The Connected World: Examining the Internet of Things.” Signaling that Congress may be interested in delving into this area, Senators pressed witnesses about the best ways to strike a balance between fostering innovation and protecting consumer interests. Senators and witnesses also wrestled with whether lawmakers should take an industry-by-industry or global approach to regulating this area –or if lawmakers should enter this space at all.
Continue Reading

Yesterday, the FTC released a report summarizing comments and recommendations arising out of its November 2013 workshop The Internet of Things: Privacy and Security in a Connected World. The report suggests that we are “at the beginning of this technology trend” and estimates that, by 2020, some 50 billion devices will be connected to the