Hunton Retail Law Resource

As reported on the Privacy & Information Security Law blog, the Enforcement Bureau of the Federal Communications Commission (“FCC”) entered into a Consent Decree with cable operator Cox Communications to settle allegations that the company failed to properly protect customer information when the company’s electronic data systems were breached in August 2014 by a hacker. The FCC alleged that Cox failed to properly protect the confidentiality of its customers’ proprietary network information (“CPNI”) and personally identifiable information, and failed to promptly notify law enforcement authorities of security breaches involving CPNI in violation of the Communications Act of 1934 and FCC’s rules.

On Monday, October 19, US Transportation Secretary Anthony R. Foxx and FAA Administrator Michael P. Huerta announced the formation of a task force charged with developing recommendations for a registration system for Unmanned Aircraft Systems (the “Task Force”). The Task Force will be directed to deliver its report by November 20. In connection with the announcement, the secretary and the administrator also issued a Clarification of the Applicability of Aircraft Registration Requirements for Unmanned Aircraft Systems (UAS) and Request for Information Regarding Electronic Registration for UAS (the “CRFI”), which was published in the Federal Register on Thursday, October 22. Through the CRFI, the agencies seek, for the first time, to impose the aircraft registration requirement on “model aircraft,” including recreational UAS, effective immediately, while also soliciting comments from industry and the public on the nature and parameters of the UAS registration process. Comments must be submitted by November 6 in order to be considered by the Task Force.

As reported in the Privacy & Information Security Law blog, the United States District Court for the District of Minnesota, in large part, upheld Target’s assertion of the attorney-client privilege and work-product protections for information associated with a privileged, internal investigation of Target’s 2013 data breach.

On October 22, 2015, staff in the Division of Corporation Finance (the “Division”) at the Securities and Exchange Commission (the “Commission”) issued Staff Legal Bulletin 14H (the “Bulletin”). The Bulletin is the latest in a series of Division interpretations under Rule 14a-8 governing shareholder proposals. The Bulletin focuses specifically on circumstances in which the Division will grant no-action relief to exclude a shareholder proposal under two hot-button issues from last year’s proxy season: (1) Rule 14a-8(i)(7), for proposals dealing with a company’s ordinary business operations, and (2) Rule 14a-8(i)(9), for a proposal that directly conflicts with one of the company’s own proposals to be submitted to shareholders at the same meeting. We discuss the Bulletin below.

As reported on the Privacy & Information Security Law blog, Hunton & Williams welcomes Phyllis H. Marcus as counsel to the firm’s privacy and competition teams. Phyllis joins the firm from the Federal Trade Commission, where she held a number of leadership positions, most recently as Chief of Staff of the Division of Advertising Practices. Phyllis led the FTC’s children’s online privacy program, including bringing a number of enforcement actions and overhauling the Children’s Online Privacy Protection Act (“COPPA”) Rule. She offers the privacy team a keen ...

An important Federal Trade Commission (FTC) decision was announced yesterday that trains a spotlight on claims of “biodegradability.” The FTC found that a manufacturer’s unsubstantiated claims regarding the biodegradability of plastic pellets used as product additives deceived industry and end-use customers. The case reemphasizes the FTC’s intent to enforce the FTC Act against unsupported “green” claims. For retailers and consumer product manufacturers, this case and the recent increase in consumer false advertising class actions emphasizes the importance of:

• due diligence regarding product claims made by vendors – ask for and maintain material to back up the claims and stick to the claims that can be supported; and
• strong indemnities against false and deceptive advertising claims.

As reported in the Privacy & Information Security Law blog, the Seventh Circuit rejected Neiman Marcus’ petition for a rehearing en banc of Remijas v. Neiman Marcus Group, LLC, No. 14-3122. In Remijas, a Seventh Circuit panel found that members of a putative class alleged sufficient facts to establish standing to sue Neiman Marcus following a 2013 data breach that resulted in hackers gaining access to customers’ credit and debit card information. No judge in regular active service requested a vote on the rehearing petition. Additionally, all members of the original panel voted ...

In a ruling of particular importance to the digital currency community, the US Commodity Futures Trading Commission (CFTC) for the first time has definitively ruled that Bitcoin and other digital currencies (also known as virtual currencies or cryptocurrencies) are commodities subject to the CFTC’s jurisdiction. Specifically, in an enforcement action announced on September 17, 2015, the CFTC issued an order against an online platform and its CEO for facilitating the trading of Bitcoin options contracts. We discuss some of the implications of this order below.

As reported in the Privacy & Information Security Law blog, Judge Magnuson of the U.S. District Court for the District of Minnesota certified a Federal Rule of Civil Procedure 23(b)(3) class of financial services institutions claiming damages from Target Corporation’s 2013 data breach. The class consists of “all entities in the United States and its Territories that issued payment cards compromised in the payment card data breach that was publicly disclosed by Target on December 19, 2013.”

The en banc US Court of Appeals for the Federal Circuit issued its opinion today in SCA Hygiene Products Aktiebolag, et al. v. First Quality Baby Products, LLC, et al., Case No. 2013-1564. In a 6-5 decision, the court reaffirmed that laches is a defense to a suit for damages for patent infringement. In reaching this decision, the Federal Circuit distinguished Petrella v. Metro-Goldwyn-Mayer, Inc., 134 S. Ct. 1962 (2014), in which the US Supreme Court held that laches is not a defense to a suit for damages under the Copyright Act.