HHR New Media, Entertainment and Technology Group

Last Tuesday, U.S. Senators John Kerry (D-Mass.) and John McCain (R-Ariz.) introduced the Commercial Privacy Bill of Rights Act of 2011 which is intended to “establish a regulatory framework for the comprehensive protection of personal data for individuals under the aegis of the Federal Trade Commission.”  According to the bill, current laws at the state and federal level provide inadequate privacy protection for individuals and the Federal Government has “eschewed general commercial privacy laws in favor of industry self-regulation” which has largely been unenforceable and has provided insufficient privacy protections.  Continue Reading »

As discussed in our recent webinar “Whose Data Is It Anyway: Privacy in the De-Centralized Digital World”, currently there is no comprehensive federal statutory scheme to govern the protection of privacy.  While lawmakers and agencies at the federal level continue to grapple with developing useful legislation to address privacy and security breach concerns, lawmakers in three states recently introduced legislation in attempts to strengthen their respective state’s security breach notification systems. Continue Reading »

In one of the latest advances in what has been called “a technological arms race between tracking companies and people who seek not to be monitored,” device fingerprinting, a technology originally developed to prevent software piracy and credit card fraud, appears set to become a powerful new tool for online marketers.  But recent calls to increase consumer control of personal information will likely impact how device fingerprinting technologies are integrated into marketing efforts and may slow its widespread adoption. Continue Reading »

The recent Wall Street Journal report revealing that some of Facebook’s most popular applications have been leaking user information has brought attention to a little-known corner of the Web advertising business.  And that attention may ultimately lead to substantial changes in the way companies do business both with Facebook and throughout the wider Web. 

The Facebook disclosures were the result of a common Web standard called a referer.  As web users navigate from site to site, the referer tells the new site which page the user is coming from.  Most of the time, this is an innocuous tool used to help websites track the source of their traffic flow and customize user experience.  However, when user IDs are included in web addresses, as is the case with Facebook and other social networking sites, this practice could potentially expose the browser’s identity.  The user IDs can be used to look up public information on the user’s Facebook profile, which, depending on the selected privacy settings, could include anything from the user’s name to his age, hometown, or even photos. Continue Reading »

Recent activities out of Washington have again turned the spotlight on the complexity of protecting privacy in an era of targeted advertising and what role, if any, the federal government might take to implement regulations on the collection and use of data related to consumers’ digital habits.

This week the chair of the House Caucus on Privacy, Rep. Edward Markey of Massachusetts, criticized responses received by the Caucus from several large Web publishers admitting that keeping track of data collection on their sites is technically difficult, if not impossible.  Markey said that while the publishers detail their own privacy policies and opt-out procedures, these are often too complicated for the average consumer to follow.  He also pointed out that a single website may have dozens of firms collecting data through ads on the site and consumers would need to consult the policies of each of those firms to determine precisely what information was being collected and how it was being used.  (We recently wrote about this issue in a previous Digitalhhr post in connection with location-based advertising and Apple’s iPhone app policy.)  Continue Reading »