President Trump signed a Congressional Review Act (CRA) resolution on April 3, 2017 that nullified the Federal Communication Commission’s (FCC) privacy rule aimed at Internet Service Providers (ISPs). As discussed in the WLF Legal Pulse’s reading list for FCC regulators last month, the Commission adopted the rule just before the 2016 election over the opposition of two Commissioners (including one who has since become FCC Chairman). WLF filed comments last May opposing the proposed rule. Many media commentators and self-styled consumer advocates proclaimed that the proverbial sky was falling due to the nullification. Such ideologically-fueled Chicken-Little rhetoric, however, does not reflect reality.
Post-nullification analyses bemoaned ISPs’ collection of consumers’ “personal information” and the ability of these companies to sell such information to expand their businesses. Nay-sayers’ complaints essentially boiled down to the bromide offered in the Washington Post: the CRA resolution “wipe[d] away landmark privacy protections for Internet users.” Continue reading
Civil Justice/Class Actions
Frank Cruz-Alvarez, a Partner in the Miami, FL office of Shook, Hardy & Bacon L.L.P. with Rachel Forman, an Associate with the firm.
On February 6, 2017, the U.S. Court of Appeals for the Fourth Circuit, in the consolidated appeal Beck v. McDonald, 848 F.3d 262 (4th Cir. 2017), affirmed the district court’s order dismissing the plaintiff veterans’ putative class-action claims against the Secretary of Veterans Affairs and Dorn Veterans Affairs Medical Center (“Dorn VAMC”) officials for lack of subject-matter jurisdiction. The Fourth Circuit held that the plaintiffs “failed to establish a non-speculative, imminent injury-in-fact for purposes of Article III standing.” Id. at 267. Continue reading
By Logan Cochran, Judge K.K. Legett Fellow at Washington Legal Foundation and a rising third-year student at Texas Tech University School of Law.
For the second time in less than a year, the U.S. Court of Appeals for the Third Circuit has ruled on minor consumers’ claims that Google and Viacom had “unlawfully collected personal information about them on the Internet, including what webpages they visited and what videos they watched on Viacom’s websites.” In re Nickelodeon Consumer Privacy Litigation. Although several issues raised by the plaintiffs substantially overlapped with the Third Circuit’s November 2015 decision In re Google Inc. Cookie Placement Consumer Privacy Litigation, two claims involved questions of first impression for the court: (1) a violation of the federal Video Privacy Protection Act (VPPA), and (2) an alleged invasion of privacy under New Jersey law. Continue reading
In the wake of the U.S. Supreme Court’s decision in Spokeo Inc. v. Robins, defendants in pending cases where the only harm the plaintiff alleged is violation of a federal statute should be filing new motions to dismiss due to lack of Article III standing. A Video Privacy Protection Act (VPPA) case decided recently by the First Circuit could provide an immediate opportunity to witness the impact of the Spokeo decision.
In Spokeo, the Court reaffirmed that plaintiffs must possess Article III standing to bring suit, and held that such standing required plaintiffs to allege that they were concretely injured by defendants’ actions. The Court held that the Spokeo plaintiff’s mere allegation that the defendant violated the terms of the Fair Credit Reporting Act (FCRA) was not necessarily enough to provide standing. Because Congress cannot abrogate standing requirements, even by providing private rights of action, each plaintiff must allege a concrete and particularized harm. A “bare procedural violation” is not sufficient to confer standing, the Court explained. Because the Ninth Circuit did not apply the correct standing test, the Court remanded the case for the lower court to determine whether the plaintiff could allege a concrete injury. Continue reading
*Jared McClain, WLF staff attorney, contributed to this post.
On March 31, 2016, the Federal Communications Commission (FCC) issued a Notice of Proposed Rulemaking (NPRM) purporting to bring “clarity, choice, and security” to the broadband industry. In the name of accomplishing those seemingly worthwhile and innocuous goals, the Commission released a 147-page document that details a complex scheme to curtail Internet Service Providers’ (ISPs) right to use the data they lawfully collect on customer behavior. WLF filed comments last week laying out a number of commonsense, statutory, and constitutional arguments against the Proposed Rule in its current form. Continue reading
David Zetoony, Partner, Bryan Cave LLP
There is no shortage of data-privacy and security laws in the United States. By our count there are now about 300 state and federal statutes. They include breach-notification laws, data-disposal laws, data-safeguard laws, payment card information-protection laws … the list goes on and on. Many of these laws, and practical strategies for managing compliance with them, are discussed in a Washington Legal Foundation Contemporary Legal Notes paper I authored, Data Privacy and Security Practical Guide for In-House Counsel.
Nonetheless the push continues to be a push for more regulation to make sure that the consumer data held by companies is secure. Continue reading