Internet of Things (IoT)

This week, the FTC published a blog post on the collection and use of consumer data in vehicles.  The FTC warned that “Car manufacturers—and all businesses—should take note that the FTC will take action to protect consumers against the illegal collection, use, and disclosure of their personal data” and provided a summary of some recent

Continue Reading FTC Publishes Blog Post on Cars and Consumer Data

Over the past few months, the Federal Trade Commission (“FTC”) has received requests from U.S. Senators asking the FTC to investigate the data collection practices of several automotive manufacturers.  Last week, Senators Ed Markey (D-MA) and Ron Wyden (D-OR) sent a letter to the FTC asking the agency to investigate several automakers for “deceiving their customers by falsely claiming to require a warrant or court order before turning over customer location data to government agencies.”  Among other things, the letter alleges inconsistent data collection and retention practices in the industry, asserting that some automakers only collect location data for a “critical safety event” (e.g., collision, air bag deployment, or automatic emergency braking event) while others “routinely collect[] and retain[] vehicle location data.”  The letter also states that only one automaker has a policy of informing consumers about legal demands for their data.  The letter refers to the FTC’s recent geolocation “crack down” in other contexts and urges “the FTC to investigate these auto manufacturers’ deceptive claims as well as their harmful data retention practices” and to, “in addition to taking appropriate action against the companies, . . . consider holding these companies’ senior executives accountable for their actions.”Continue Reading Data Collection by Auto Manufacturers under Scrutiny

A new post on the Covington Inside Privacy blog discusses remarks by California Privacy Protection Agency (CPPA) Executive Director Ashkan Soltani at the International Association of Privacy Professionals’ global privacy conference last week.  The remarks covered the CPPA’s priorities for rulemaking and administrative enforcement of the California Consumer Privacy Act, including with respect to connected

Continue Reading CPPA Executive Director Remarks on Policy and Enforcement Priorities

On March 14, the Federal Communications Commission (“FCC”) is expected to approve a Report and Order (“R&O”) that would create a voluntary cybersecurity labeling program for Internet of Things (“IoT”) devices.  As previewed in the Notice of Proposed Rulemaking (“NPRM”) released last August, which we covered here, this IoT Labeling Program would “provide consumers with an easy-to-understand and quickly recognizable FCC IoT Label that includes the U.S. government certification mark (referred to as the Cyber Trust Mark).”  

The R&O explains that the IoT Labeling Program would “help consumers make informed purchasing decisions, differentiate trustworthy products in the marketplace, and create incentives for manufacturers to meet higher cybersecurity standards.”  It provides details about the program and how manufacturers can seek authority to use the FCC IoT Label:Continue Reading FCC Planning to Move Forward with Voluntary IoT Labeling Program

On August 10, the Federal Communications Commission (“FCC”) released a Notice of Proposed Rulemaking (“NPRM”) concerning the creation of a “voluntary cybersecurity labeling program that would provide easily understood, accessible information to consumers on the relative security of an IoT device or product, and assure consumers that manufacturers of devices bearing the Commission’s IoT cybersecurity label adhere to widely accepted cybersecurity standards.” The NPRM reflects the proposal previewed in Chairwoman Jessica Rosenworcel’s announcement last month, which we covered here.Continue Reading FCC Proposes Voluntary Cybersecurity Labeling Program for Smart Devices

Updated August 8, 2023.  Originally posted May 1, 2023.

Last week, comment deadlines were announced for a Federal Communications Commission (“FCC”) Order and Notice of Proposed Rulemaking (“NPRM”) that could have significant compliance implications for all holders of international Section 214 authority (i.e., authorization to provide telecommunications services from points in the U.S. to points abroad).  The rule changes on which the FCC seeks comment are far-reaching and, if adopted as written, could result in significant future compliance burdens, both for entities holding international Section 214 authority, as well as the parties holding ownership interests in these entities.  Comments on these rule changes are due Thursday, August 31, with reply comments due October 2.Continue Reading Comments Due August 31 on FCC’s Proposal to Step Up Review of Foreign Ownership in Telecom Carriers and Establish Cybersecurity Requirements

On July 18, 2023, Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel announced that she has circulated a proposal to the FCC’s commissioners to create “a voluntary cybersecurity labeling program that would provide consumers with clear information about the security of their Internet-enabled devices.”Continue Reading FCC Chairwoman Rosenworcel Announces Proposed Voluntary Cybersecurity Labeling Program for Smart Devices

Late yesterday, the EU institutions reached political agreement on the European Data Act (see the European Commission’s press release here and the Council’s press release here).  The proposal for a Data Act was first tabled by the European Commission in February 2022 as a key piece of the European Strategy for Data (see our previous blogpost here). The Data Act will sit alongside the EU’s General Data Protection Regulation (“GDPR”), Data Governance Act, Digital Services Act, and the Digital Markets Act.Continue Reading Political Agreement Reached on the European Data Act

Updated April 12, 2023. Originally posted March 23, 2023.

In March, the Federal Communications Commission (FCC) adopted a Notice of Proposed Rulemaking (NPRM) that seeks public comment on a proposed licensing framework that would enable multiple satellite operators to supplement the network coverage of terrestrial wireless service providers.  Termed “Supplemental Coverage from Space” (SCS), this service would authorize certain satellite systems to use spectrum licensed to a terrestrial network provider partner to provide expanded coverage to the provider’s wireless customers, even in remote areas. Comments on the NPRM, which appeared in today’s Federal Register, are due Friday, May 12, with reply comments due the following month, on Monday, June 12.Continue Reading FCC Seeks Comment on “Supplemental Coverage from Space” Rules, Responding to Growing Trend towards Partnerships between Satellite Operators and Wireless Network Providers

This quarterly update summarizes key legislative and regulatory developments in the first quarter of 2023 related to Artificial Intelligence (“AI”), the Internet of Things (“IoT”), connected and autonomous vehicles (“CAVs”), and data privacy and cybersecurity.Continue Reading U.S. AI, IoT, CAV, and Privacy & Cybersecurity Legislative & Regulatory Update – First Quarter 2023