Photo of Peter Hegel

Peter Hegel counsels clients on protection of personally identifiable information (PII) and infrastructure.

On Friday, January 28, the world celebrated its 16th Data Protection/Privacy Day. As the privacy community capped off a week of programming and gazed into the future of potential data privacy enforcement [1], the celebrations were quickly overshadowed by California Attorney General Rob Bonta, who announced that his office was targeting businesses operating loyalty programs for potential enforcement actions. According to Bonta, his office issued “notices to business[es] that operate loyalty programs and use personal information in violation of California’s data privacy law.” [2] Accordingly, it is expected that a plethora of businesses may soon receive notices of noncompliance. Once a business receives a notice of noncompliance, that business will have 30 days to cure or fix the alleged violation before an enforcement action is initiated. Enforcement actions may result in penalties of up to $7,500 per violation, which can quickly accrue to significant amounts.
Continue Reading Data Privacy Day Surprise Enforcement for Loyalty Programs

Last week while Americans were preoccupied with carving turkey and baking pies, the privacy world was aflutter with a string of developments in Europe that may drastically affect the future of worldwide website usage and global advertising technology as we currently know it. In short, due to some of the recent positions taken by regulators, “tracking” techniques and cookies as we know them may quickly be saddled with extra compliance requirements.
Continue Reading Requiem for a Cookie: The Beginning of the End for Current AdTech Models

On October 21, 2021, the FTC released a report making it quite clear: internet service providers (ISPs) are next in line for heightened FTC scrutiny. After analyzing the data collection, sharing, and usage practices of the six largest ISPs and three of their affiliated advertising entities, the FTC concluded that the ISPs “amass large pools of sensitive data, and that their uses of such data could lead to significant harms.” [1]

This report traces its lineage back to August 2019, when the FTC used its powers under Section 6(b) of the FTC Act to issue Orders to File Special Reports to the six largest ISPs that comprised approximately 98.8% of the mobile internet market.
Continue Reading ISPs, the FTC Has You In Their Crosshairs