Privacy Regulations Are Heating Up This August

Don’t Get Burned 

There’s been significant movement on the privacy regulation front in the past few weeks. At a high-level, here’s what’s happening in the headlines:

  • The Federal Trade Commission (FTC) announced an ​​”Advanced Notice of Proposed Rulemaking” forum on Commercial Surveillance and Data Security, which could inform consumer data protections affecting businesses in all industries;
  • The Consumer Financial Protection Bureau (CFPB) issued an interpretive rule of the Consumer Financial Protections Act relating to digital marketing services for the financial services industry; 
  • Multiple class-action lawsuits have been filed against hospitals and Facebook’s parent company, Meta, for the mishandling of health data, bringing more attention and concern to data privacy for health-related websites.

We’re here to break it down for you, so that if you’re impacted, you can prepare and take action. Let’s dive in.

The Federal Trade Commission is Hosting a “Commercial Surveillance and Data Security Public Forum” on September 8th, 2022.

The FTC announced an “Advanced Notice of Proposed Rulemaking,” and will be hosting a public forum on commercial surveillance and data security practices on September 8th, 2022. Members of the public can sign up to speak or submit written comments about whether they feel new protections are necessary. The goal is to gather public opinion and build a record that could inform future rulings.

Much of the focus of these regulations is to prevent damage rather than to punish after the fact; which is something we’re all in for at LOKKER. The way to keep consumers safe is to block threats to consumer privacy before they happen. We are encouraged to see any movement on the regulatory front, and will be interested to learn about what comes out of the September 8th forum.

The Consumer Financial Protection Bureau Issued a Warning for Digital Marketing Providers

Earlier this month, the CFPB issued a stricter interpretation of the Consumer Financial Protection Act when it comes to digital marketing services for financial products, and specifically the use of sophisticated data harvesting/collection methods to identify and target prospective customers with messages related to financial products and services.

It’s not a new regulation, but rather a clarification that those offering digital marketing services for financial institutions must comply with the CFPA or could be “held liable by the CFPB or other law enforcers for committing unfair, deceptive, or abusive acts or practices as well as other consumer financial protection violations.”

This is an interesting step to ensure that people’s personal data isn’t used to advertise financial products in a way that could be deceptive or misleading for the recipient. One step that digital marketers should take is to make sure that data that’s being collected has been consented to by the users, and that marketers are clear to consumers about how this data is being used.

Hospitals and Facebook Sued Over Unlawful Data Collection and Sharing Practices

Facebook parent company Meta, as well as University of California San Francisco Medical Center and San Francisco-based Dignity Health, have been slapped with class-action lawsuits related to the unauthorized collection and sharing of sensitive health data, without patient consent, using the Meta Pixel. 

One complaint alleges at least 664 hospitals or medical providers deploy the tracking technology, meaning that they may also be at fault for the unlawful collecting and sharing of sensitive health information without the patients’ consent, which is required by health privacy law.

Trackers and the unauthorized sharing of information is a huge concern, especially for those handling sensitive data, like that related to health. While Facebook is the target of these suits, other social media pixels like Twitter, TikTok, Snapchat, LinkedIn, function in the same way.

Learn more about LOKKER’S web privacy tools that help you get control over third-party scripts like ad trackers and fingerprinters.