August 5, 2017

August 04, 2017

Subscribe to Latest Legal News and Analysis

August 03, 2017

Subscribe to Latest Legal News and Analysis

August 02, 2017

Subscribe to Latest Legal News and Analysis

Data Privacy Day 2013 Post #3 — Look out for the Maryland Privacy Police!

Maryland’s Attorney General, Douglas Gansler, announced January 28, 2013 that Maryland has a new Internet Privacy Unit to monitor the data collection practices of online companies.    According to the Attorney General’s press release,  the Internet Privacy Unit will

monitor companies to ensure they are in compliance with state and federal consumer protection laws, including the Children’s Online Privacy Protection Act (COPPA), which, in most cases, restricts companies from collecting personal information of children under 13 years old. The Unit will also examine weaknesses in online privacy policies and work alongside major industry stakeholders and privacy advocates to provide outreach and education to businesses and consumers to broaden awareness about privacy rights so they are more equipped to manage online privacy challenges. Additionally, the Unit will pursue enforcement actions where appropriate to ensure consumers’ privacy is protected.

One of the most intriguing lines in the release is that the new Internet Privacy Unit will “examine weakness in online privacy policies.”    Regulatory agencies have to date focused on whether companies say what they do and do what they say in privacy policies, but not whether there were “weakness[es]” in those policies.  Without clear legislative standards, determination of what the Maryland Internet Privacy Unit considers to be a “weakness” could well be a data protection practice that is well within the scope of existing law.  We will be watching developments on this front with great interest.

Maryland joins California in setting up specific units within the Attorney General’s office to deal with privacy issues.  Since last July, California AG Kamala Harris has taken on mobile app developerswithout specific mobile privacy policies. Last month, she filed suit against Delta Air Lines for allegedly failing to post a privacy policy for the Fly Delta app and earlier this month, issued a set of mobile-specific developer “guidelines.”

©1994-2017 Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C. All Rights Reserved.


About this Author

Cynthia Larose, Privacy, Security, Attorney, Mintz Levin, Law Firm

Cynthia is Chair of the firm’s Privacy & Security Practice and a Certified Information Privacy Professional (CIPP).  She represents companies in information, communications, and technology, including e-commerce and other electronic transactions. She counsels clients through all stages of the “corporate lifecycle,” from start-ups through mid- and later-stage financings to IPO, and has broad experience in technology and business law, including online contracting issues, licensing, domain name issues, software development, and complex outsourcing transactions.

Cynthia has extensive...