Dartmouth Study Finds P2P Networks Hemorrhaging Sensitive Data

While peer-to-peer may be a good metaphor for human interaction – social networking comes to mind – it may not always be the greatest model for the sharing of sensitive information.   Your medical history for instance, shouldn’t be shared with others on a P2P network.  Is this happening? Absolutely.  A study presented this week by Professor Eric Johnson of Dartmouth’s Tuck School of Business, describes how researchers found mounds of sensitive medical data on popular P2P networks: medical history, contact information, insurance details, treatment data, diagnosis and psychiatric evaluations – all mixed in with the song and movie downloads that usually make up the traffic on these networks.

So, how is this sensitive medical data getting on P2P networks in the first place?  Primarily through an employee’s computer – the employee downloads a P2P application on her work machine, and then uses that same machine to process sensitive medical data at work.  Sometimes the employee takes work home, making edits to a spreadsheet on her home computer (yes, a hospital-generated spreadsheet containing SSNs and other personally identifiable information for employees was one of the documents that the Dartmouth researchers found).  In both cases, the user configures the P2P application incorrectly, making all their personal data visible to other users on the P2P network.  Once that happens, the data is a prime target for cybercriminals and fraudsters who engage in identity theft.  Sensitive medical data is a particularly lucrative prize.  As Professor Johnson put it: “For criminals to profit, they don’t need to “steal” an identity, but only to borrow it for a few days, while they bill the insurance carrier thousands of dollars for fabricated medical bills.”

Arguably, this could be a potential area of concern for the companies covered by HIPAA and that deal with sensitive medical data online. But although HIPAA and the FTC’s Health Breach Notification Rule set out requirements for what companies need to do in case of a “breach” of sensitive medical data, they give little guidance to companies on what policies they could be implementing internally to prevent such breaches in the first place. Some may view this as a nod to self-regulation, but the truth is there are “best practices” that both HHS and the FTC could endorse.  A simple best practice that addresses the “data hemorrhaging” that Professor Johnson alludes to in his study, would be an internal policy against the use of P2P networks on machines that also handle sensitive medical data.  Another best practice – companies that deal with this type of data should consider partnering with regulators and health care providers to educate patients on the importance of securing their medical data – and how certain file-sharing technologies can promote medical ID theft when configured incorrectly.  Already, there’s collateral for such an effort – the FTC’s  tips to deter medical ID theft, which could be required patient reading (along with those HIPAA notices).

Categories: Regulation Tags: ,

Unintended Consequences? The Multistate Case Against Craigslist

Yesterday’s news about a Connecticut subpoena issued to Craigslist reminds us that sometimes, actions may have unintended consequences.

In November 2008, Craigslist negotiated a groundbreaking settlement with 43 states led by Connecticut AG Dick Blumenthal, concerning illegal use of its online listing services.  Specifically, Craigslist agreed to wall off the “erotic services” or adult ads section of its site and implement the appropriate age-verification procedures (via credit card).  Then, going a very charitable step further, Craigslist also agreed to donate 100% of its net revenue from the adult area of its site to charity, (and have that net revenue verified by an external auditor as part of the process).

Fast forward to May 2010, and it’s déjà vu all over again. Led by Connecticut, a group of 39 states is investigating the prevalence of prostitution ads on Craigslist, claiming that the site is earning “huge profits” from the sale of such ads.   According to a detailed subpoena issued to Craigslist yesterday the multistate group is “seeking evidence that the company is fulfilling its public promise to fight advertisements for prostitution and other illegal activity.”

Ironically, the age and credit card verification procedures Craiglist was required to implement for its adult only section in 2008 has boosted growth of this section.  According to the multistate group, Craiglist now makes over $36 million from hosting “adult and possibly illegal ads.”

The allegations – that the company may be withholding substantial amounts of money from charities – seem a bit disjointed.  This is Craigslist – a company that has always emphasized free over profit and has yet to fully exploit its enormous streams of traffic. Even though he knows that an IPO would make him a billionaire, Craiglist founder Craig Newmark refuses to take the company public.  Remember that unflattering article in Wired last August?  Clearly, this is a company that appears indifferent to income.

And yet, reading the subpoena requests (some of which are reproduced in the CT AGO’s press release) it is clear that the States are pursuing a theory that Craigslist is reneging on its settlement promise, and not donating all of the profits from its adult ad sales to charity.  I hope their allegations do not have an unintended consequence.  The damage to Craigslist reputation within its ecosystem – especially if these allegations are proven false – could prove particularly costly.

Note to Facebook: Privacy is Personalization Too

April 29, 2010 Leave a comment

Just last week, Facebook introduced “instant personalization” – a feature that extends your Facebook experience via familiar Facebook “plug-ins” (Activity Feed, the “Like” and “Recommend” buttons) – to partner websites such as yelp and nfl.com.  Already, the features are drawing much criticism – this time, from a Democratic quad of senators – Begich (AK), Bennet (CO), Franken (MN) and Schumer (NY) – who are urging Facebook to change its policies on sharing user data with third parties. Their letter to Facebook founder Mark Zuckerberg highlight three main concerns: Facebook’s continually elastic definition of what it considers personal information, the storage of Facebook user profile data with advertisers and other third parties, and the aforementioned “instant personalization” feature. The Senators acknowledge the FTC’s role in examining the issue but also advocate that Facebook take “swift and productive steps to alleviate the concerns of its users” while FTC regulation is pending.  On Monday, Senator Schumer followed up with an open letter that urges the FTC to investigate Facebook’s privacy practices.

Instant personalization is the latest Facebook feature to draw flak for its perceived impact on privacy.  It’s actually a very cool technology, designed for people who want to publicly share their likes and dislikes with their Facebook network.  It works by sharing certain Facebook profile data with a partner site.  The feature is personalization defined – every user using Facebook plug-ins on a partner site will have a different experience based on who they are friends with on Facebook.

A recent post on the Facebook blog describes the process:

“At a technical level, social plugins work when external websites put an iframe from Facebook.com on their site—as if they were agreeing to give Facebook some real estate on their website. If you are logged into Facebook, the Facebook iframe can recognize you and show personalized content within the plugin as if the visitor were on Facebook.com directly. Even though the iframe is not on Facebook, it is designed with all the privacy protections as if it were (emphasis added).”

Note the last sentence of that excerpt – it seems to suggest that as a Facebook user, you don’t have to worry about privacy whether you are on Facebook, or using a Facebook plug-in on another site.  So what’s the flap about?  What is fuelling the concerns with Facebook’s privacy practices – from the letter from Democratic Senators, to ongoing concerns from EPIC, to this thoughtfully penned article from a Facebook user who also happens to work for PC World?

I think it has to come down to notice – especially to users.  Facebook debuted “instant personalization” as an opt-in feature that automatically exposed a user’s Facebook profile data to partner sites. This has raised concerns with regulators, and certain Facebook users too – just take a look at the comments to this recent Facebook blog on the topic. To further complicate things, Facebook makes it particularly difficult to opt-out of the instant personalization features.

With this latest move, Facebook reaches outside its walled garden to extend its reach across the web – I almost think of it now as the world’s largest social platform (not network).  Consider for instance that it took Microsoft nearly twenty years to reach an install base of 1 billion for Windows; Facebook, now approaching 500 million users, will probably reach that number in less than a decade. As Facebook continues to evolve its platform strategy, its processes – particularly around informing users about what it plans to do with their profile data – must be better defined.  I think this goes beyond a static privacy policy – it may even involve engaging select users at the beta stage to pre-determine privacy concerns (like whether to launch a feature as opt-in or out).  Engaging trust with your ecosystem is essential for any platform company and when it comes to Facebook, users are an essential part of the ecosystem equation.

For the most part, Facebook users divulge data about themselves with the expectation that this data will be used on Facebook only; sharing that same data with other sites, even if it’s via a Facebook plug-in, is clearly not part of that expectation.  If Facebook wants to use user profile data for secondary purposes, it should first get the user’s permission to do so.  Such a system honors a user’s privacy preferences – which are also a personalization of sorts.  And when it comes to privacy, Facebook should be doing everything it can to ensure that this type of personalization is preserved.

The Fabulous Fab-FTC Connection

April 27, 2010 Leave a comment

Post updated @ 4:45 PDT

Today, all ears and eyes were on the Senate hearing (and interrogation) of Goldman Sachs executives, regarding questionable mortgage lending and investment practices at the investment bank.  The witnesses included Fabulous Fab aka Fabricio Tourre, the Goldman trader who deemed himself as the only survivor of certain “complex, highly-leveraged, exotic trades” that were created without his “fully understanding all of the implications of these monstrosities.”  Tourre was instrumental in creating and selling mortgage investments in the now famous “Abacus” transactions.  According to the SEC, he committed fraud by failing to disclose to Abacus investors a material fact: that the hedge fund that chose the mortgage-backed securities going into the Abacus investments, was the same hedge fund betting against that deal.  Ultimately, Paulson & Co., the hedge fund in question, made over $1 billion in profit when the sub-prime mortgage market collapsed.  The investors made nothing.  According to Senator Carl Levin, chair of the Senate Permanent Subcommittee on Investigations, such practices “contributed to the economic collapse” of 2008.

If the story of Fabulous Fab and his fellow Goldman traders strikes a nerve, it’s likely that the Democrats will eventually get the votes they need to halt debate and put financial reform legislation to a vote.  Despite Senate Republican efforts to block a vote on the bill (for two days in a row), the legislation appears to have widespread public support – a much-cited poll finds that two-thirds of Americans now support financial reform.

Even the little provisions in this bill could have an enormous impact.  For those of us following Internet regulation, I’m referring to the provisions in the financial reform bill that would expand the FTC’s civil penalty and rulemaking authority.  Since I first blogged about this issue last week, the lobbying effort aimed at removing these provisions from the final bill has intensified almost exponentially.  Here as with the financial reform bill, the US Chamber is at the forefront of an alliance that includes IAB as well as many online advertisers and businesses.  Their concerns are outlined in this letter, sent last Thursday, to Senators Harry Reid and Mitch McConnell, the majority and minority leaders of the Senate.

The question of whether financial reform is also the right vehicle to effect FTC reform looms large.  Will consumers – who overwhelmingly appear to support financial reform – also support an expansion in the FTC’s authority?  Is financial reform legislation the right place to grant expanded power to an agency that will lose its consumer financial protection authority under the proposed legislation anyway?

Whether the FTC provisions will prevail will depend on whose lobbying effort is better: business, (as represented by the Chamber and its alliance of internet advertising and marketing businesses), or the FTC (as represented by Senator Jay Rockefeller, chair of the Senate Commerce committee and FTC Chairman, Jon Leibowitz).  Leibowitz has argued that an expansion of FTC power is “critical” to protecting consumers on the internet; similarly Rockefeller has stated that the new Consumer Financial Protection Bureau and the FTC need the right tools to “stop bad actors and protect Americans from fraudulent financial services and practices.”  And at least one commentator – Jeff Chester of the Center for Digital Democracy – has argued that there is a link between financial reform and a stronger, more effective FTC.  “Online advertisers want the same kind of lax oversight that led to the financial crisis, Chester recently told Internet News.  “They are truly terrified that an FTC with normal rulemaking power will force the industry to treat consumers responsibly.”

Which takes us back to the Goldman Senate hearing and Fabulous Fab.  Could his testimony, along with that of his other colleagues earlier today, be the tipping point that drives greater public support – not just for financial reform but also for general consumer protection enforcement?

If so, we may be looking at an FTC with expanded authority within the month.

Categories: Legislation Tags: ,

Today at the ABA: Expanding the FTC’s Role through Financial Reform

April 22, 2010 1 comment

I have also posted this entry to the ABA’s Secure Times blog.

The big question being debated at this morning’s session on financial reform legislation and the proposed Consumer Financial Protection Agency/Bureau: how will the legislation impact the FTC’s authority, both in terms of rulemaking and imposition of civil penalties?

In December 2009, the House passed the “Wall Street Reform and Consumer Protection Act of 2009” (HR 4173).  An important provision in the bill would strip the FTC of its powers to regulate consumer financial protection — while also expanding the agency’s powers in two key ways.  First, by giving the FTC “APA” rulemaking authority for areas that fall within the FTC’s jurisdiction and second, by giving the agency greater latitude to assess civil penalties for unfair and deceptive practices.

These amendments will surely impact FTC enforcement of online advertising, marketing, privacy, and data security.  For instance, violations under the FTC’s expanded authority could trigger civil penalties even in the absence of an FTC order. Civil penalties would be assessed in antitrust cases brought by the FTC that include a consumer protection claim.

In addition, the HR 4173 language that expands the FTC’s authority would impose liability on companies that “substantially assist” in an unlawful act, even if the company does not have direct knowledge or responsibility for the violation.  This provision will probably raise some serious concerns for companies currently enjoying a safe harbor under the Communications Decency Act.

Today, FTC rulemaking jurisdiction comes in two flavors – “APA” rulemaking under certain laws as prescribed by Congress e.g. the Children’s Online Privacy Protection Act, as well as general rulemaking authority under the 1975 Magnusson-Moss Act.  Under the latter, the FTC can only regulate “prevalent” unfair and deceptive acts, and must justify that regulation with “substantial evidence.”   The key difference between these two types of rulemaking occurs during judicial review; a court can overturn an FTC regulation under Magnusson-Moss if the rule lacks a substantial evidentiary record to support it.  In contrast, FTC regulations enacted under the APA rulemaking scheme, such as those implementing COPPA, can only be overturned if the agency was “arbitrary or capricious” in enacting the rule – a much higher standard. As former FTC Chairman Muris explained in his presentation at the panel, Magnusson-Moss gives the FTC authority to act only when a problem occurs often enough to justify a rule, or when a problem has a common cause in a sufficient number of cases.

Current FTC Chairman Jon Leibowitz, supported by President Obama and the Administration, has strongly advocated for an expansion in the FTC’s authority, stating that it is “critical” for the FTC to carry out its mission of protecting consumers.  In particular, Leibowitz has argued that the procedural requirements of Magnusson-Moss – such as the requirement that a practice be prevalent before the agency can act – makes FTC rulemaking more burdensome than at most other federal agencies. Although the relevant amendments expanding the FTC’s power are missing from the Senate version of the legislation, it is widely expected that these differences will be worked out in conference.  Financial reform legislation appears to be on a fast track – earlier today, a Senate panel approved the bill, and both Republicans and Democrats have indicated that passage is likely.

The CFPA would be a new independent federal agency – the composition of which would vary depending on whether you are looking at the House (5 members and a Director for two years) or Senate Bill (5 members).  Its enactment would strip the FTC and other federal banking agencies of their federal consumer protection powers under a number of laws, including the Electronic Funds Transfer Act, the Equal Credit Opportunity Act, the Fair Credit Reporting Act, the Fair Debt Collection Practices Act, the Home Mortgage Disclosure Act, the Real Estate Settlement Procedures Act, the Secure and Fair Enforcement for Mortgage Licensing Act, the Truth in Lending Act and the Truth in Savings Act.   In short, any product or service that results from or is related to engaging in a financial activity and that is to be used by a consumer “primarily for personal, family or household purposes” will come under the new agency’s purview.

At today’s session, we saw differing viewpoints from both Tim Muris, former FTC Chairman, and Julie Brill, incoming FTC Commissioner, on this current push to expand the FTC’s authority under financial reform legislation.

Former Chairman Muris views the FTC’s current role as important, and he sees FTC rulemaking as relevant in certain areas – e.g. the do-not-call rules.  He is concerned about the current proposals to expand the FTC’s authority because the agency often lacks industry-specific knowledge and expertise (I see this most recently in the area of privacy, as the FTC is currently gleaning this knowledge through its Exploring Privacy roundtable series). Muris also thinks the agency’s rulemaking authority under Magnusson-Moss is more than sufficient as it imposes an obligation on the agency to be clear about its proposed theories while focusing its evidence on key questions.  He cites the agency’s recent business opportunity rulemaking as an example of an instance where the FTC initially proposed a broad rule that would have disproportionately impacted both fraudulent and legitimate business.  The FTC eventually narrowed its proposed business opportunity rule after the public comment process.

On civil penalties, Muris thinks these are important only when a company violates an FTC order or rule.  He sees blanket civil penalty authority as a mistake that may have unintended consequences – such as a penalty on a firm’s stock price.  He’s also concerned that the standard of review laid out in the financial reform legislation will return the FTC’s definition of unfairness to its pre 1994 definition i.e. the Sperry-Hutchinson or “cigarette rule” which defines an unfair practice as one that is injurious to consumers, violate established public policy or is it unethical or unscrupulous.  As many know, Congress amended the FTC Act in 1994 to specify that an unfair act or practice is one that causes or is likely to cause substantial injury to consumers that is not reasonably avoidable and is not outweighed by countervailing benefits to consumers or competition.

Providing a counterpoint to Muris’ remarks, FTC Commissioner Julie Brill, speaking “on behalf of herself,” is generally in favor of expanding the FTC’s authority.  She sees the FTC as both a law enforcement and regulatory agency.  She views civil penalties as just “one of the arrows” in the FTC’s quiver – not to be used in every instance, but as appropriate.  As a law enforcer, she does not see the FTC’s request to have civil penalty authority as unusual – since most state AGs already have this type of authority.  To view such penalties as “automatic” is particularly misleading to her, since the FTC would only be able to obtain such penalties after judicial review in court. Brill also sees the FTC as a regulatory agency and notes that APA rulemaking is enjoyed by most other federal agencies. In addition, she points out that APA rulemaking under the proposed amendments would also be subject to review by a judge in court. Brill also views civil penalties as helpful in quantifying equitable remedies to compensate consumers for their injury – e.g. disgorgement or restitution for data breach violations.

Taking a broader view of the situation, Brill sees an expansion of the FTC’s authority as a way to make the agency’s enforcement efforts more effective – which benefits both consumers and competition in the long run. She also feels that consumers want an agency that has the right enforcement tools – not an “emasculated” FTC – and finds it surprising that the issue is even being debated, given the events of the financial meltdown and the current economic recession.

On the subject of FTC regulation, Brill is strongly in favor of an update, noting that rulemaking under Magnusson-Moss can often take up to 8 – 10 years.  She recalls comments she made on the hearing aid rule as an Assistant AG in Vermont in 1992 – rules that have yet to be issued, nearly 20 years later.  Her statements suggest that expanded rulemaking authority might give companies in dynamic industries – such as technology – FTC regulation that actually keeps pace with innovation.

The question of course, is whether such FTC regulation would also stifle innovation preemptively.  Companies have started to take note of the recent push to expand the FTC’s power, and it is likely that the topic will continue to be debated fiercely in the coming weeks as financial reform legislation comes to a vote. Some have even expressed concerns that such an expansion of the FTC’s rulemaking authority could impact funding and investment in technology and Internet companies by both Wall Street and Silicon Valley VCs.  For more, take a look at this transcript of the Progress & Freedom Foundation’s recent forum entitled “Supersizing the FTC.”

Today at the ABA: State AG Advertising Actions

April 21, 2010 Leave a comment

Greetings from the ABA’s Spring Antitrust Meeting in Washington DC!

The day started with a truly informative session on state Attorney General enforcement actions in the area of deceptive and unfair advertising.  The session was moderated by Kevin O’Connor of Godfrey & Kahn (formerly with the Wisconsin AG’s office), and included the following panelists:

  • William Brauch, Director, Consumer Protection Division, Iowa Attorney General’s Office
  • Patricia A. Conners, Associate Deputy Attorney General, Florida Attorney General’s Office
  • Robert M. Langer, Wiggin and Dana LLP
  • Paul L. Singer, Assistant Attorney General, Consumer Protection and Public Health Division, Texas Attorney General’s Office

The panel discussion touched on a number of procedural and substantive questions about this emerging area of state AG enforcement.

What types of deceptive or unfair advertising actions are state AG offices initiating? Since 2008, the States have brought and settled numerous actions for deceptive and unfair advertising violations – individually, as multi-states, and in coordination with the FTC. These include:

  • Off-label marketing – Multistate action against Eli Lilly for Zyprexa, led by Iowa AGO
  • Deceptive promotion & marketing – Multistate action against Pfizer, led by Oregon AGO
  • Deceptive advertising – Multistate action against Michelin, led by Kentucky AGO
  • Deceptive advertising – Joint action and settlement involving 35 states and the FTC against Lifelock

In the wake of the recession, the States are particularly focused on debt management programs and healthcare marketing; they are also keeping an eye on retailer marketing practices, especially towards children, and have also submitted comments to the FTC on negative option marketing practices. Clearly, AG enforcement in this area is not limited to any one industry or type of advertising/marketing activity.  Instead, state AG offices are looking closely at any instance where consumers are relying on deceptive or unfair representations made by companies about products and services.  And now, more than ever, they are working in close contact with both other state AG offices and the FTC, a trend that the panelists said is likely to continue.

How does a state AG office investigate and develop advertising actions? Consumer complaints are often a starting point for these investigations, and most states now accept complaints electronically (although online comments often lack requisite specificity).  According to Paul Singer of Texas, a common misconception is that there must be a certain number of complaints for a state to act.  Instead, States do their own research first to determine the validity of such complaints before initiating an investigation.  For instance, Bill Brauch of Iowa noted that a lack of complaints did not prevent the States’ investigation and subsequent settlement with Ameriquest in 2006.

Another potential trigger for an AG investigation are competitor complaints.  Of course, the challenge here is not to appear too self-serving.  To successfully initiate an investigation in this manner, the panelists suggested that the complaint should be framed in terms of its impact on consumers (and perhaps competition), and not just the competitors’ business.  The AG’s office may pro-actively initiate an investigation – based on news reports, or on information shared by another AG offices or federal agency.

A key point here is that AG offices often seek to settle a complaint before bringing a lawsuit.  This is often due to resource constraints.  So it’s important for clients to cooperate with a state AG office in the event of an investigation.  An investigation will most likely begin with informal contacts, followed by the issuance of a subpoena or CID.  In many cases, it might actually be preferable to have a CID issued – to protect the confidentiality of the information being produced.

What statutory authority does an AG office have to bring advertising actions? Most states bring actions under their UDAP statutes; more than half the states have “little FTC” Acts, while others still apply the “capacity to deceive” or “credulous consumer” standard.  According to Bob Langer (formerly with the Connecticut AG’s office), there is little practical difference in how these two standards are applied when it comes to deception claims.

The statutory analysis gets a little more difficult with unfairness claims because of inconsistent application under different state laws of the FTC’s unfairness test.  Several states still apply the definition of unfairness that was articulated in the 1972 Supreme Court case of Sperry v. Hutchinson, i.e. is the practice injurious to consumers, violate established public policy or is it unethical or unscrupulous? Other states follow the current FTC test for unfairness that was articulated in the 1994 amendments to the FTC Act.  These amendments define an unfair act or practice as one that causes or is likely to cause substantial injury to consumers, is not reasonably avoidable and is not outweighed by countervailing benefits to consumers or competition.  An added complication is that not all states follow all prongs of either test.  This means that practitioners should carefully research the relevant state’s laws and case law – to determine how that state defines an unfairness claim.

According to Trish Conners of Florida, the statutory bases for state AG enforcement may be increasing. One recent example was found in the HiTech Act, which now allows state AGs to file for HIPAA violations.  Such expansions of state AG enforcement authority under federal consumer statutes may allow state AG offices to file consumer multi-state advertising actions more easily.

How does a state AG advertising action differ from one brought by private litigants? Probably the biggest difference comes in the area of remedies – the States’ primary objective is usually to stop the bad conduct and an AG lawsuit will most likely seek equitable remedies including injunctive relief, consumer restitution and disgorgement.   In contrast, private class action litigants are usually focused on obtaining damages.

Blogging (or Live-Blogging) at the ABA Spring Antitrust Meeting

April 16, 2010 Leave a comment

Depending on wireless access, I will either be blogging or live-blogging certain tracks of the 2010 ABA Spring Antitrust Meeting, which will be held next week, April 21 – 23, in Washington DC.  The posts will appear on the ABA’s Secure Times blog and here, at the Balancing Act.

Please check back here on April 21st – I look forward to your review of my posts and of course, I always welcome comments!

The consumer protection and private advertising tracks for this year’s ABA Spring Antitrust Conference are laid out below:


8:45-11:45: Antitrust and Consumer Protection Fundamentals

9:00-10:30: Handling State Attorney General Advertising Cases: Substantive & Procedural Questions

10:45-12: It’s Not Easy Being Green: Environmental Claims, Standards and Deception (this session with focus on  third-party certification)

2-3:30 Administrative Litigation at the FTC – Navigating the Shifting Procedural Waters

2-3:30 Is Nothing Typical?  Applying the New Standards in the Revised FTC Testimonial Guides

3:34-5:15 Economics & Consumer Protection Law

3:45-5:15 False Claims of IP Protection: Competition & Consumer Protection Perspectives


8:15-9:45: Consumer Financial Protection:  Assessing the New Landscape

8:15-9:45: False Advertising Litigation: The Lanham Act Preliminary Injunction Hearing

1:30-3: Enforcement Priorities in Advertising Law


8:15-9:45: Changing Standards for Certifying Class Actions (the panel will address both antitrust and consumer protection standards)

8:15-9:45: Security & Privacy in the Cloud: Developing the Right Framework for Service Providers, Business customers, and Consumers

Categories: Uncategorized Tags: , , , ,