House Committee on Energy and Commerce Chair Cathy McMorris Rodgers (R-WA) and Senate Committee on Commerce, Science and Transportation Chair Maria Cantwell (D-WA) have introduced the American Privacy Rights Act. 

According to the legislator’s press release, this proposal seeks to establish national data privacy rights and protections for Americans, eliminates the existing patchwork of state comprehensive data privacy laws, and establishes robust enforcement mechanisms to hold violators accountable, including a private right of action for individuals.

Furthermore, the release describes other provisions of the proposed legislation: 

• Establishes Foundational Uniform National Data Privacy Rights for Americans

• Gives Americans the Ability to Enforce Their Data Privacy Rights

• Protects Americans’ Civil Rights

• Holds Companies Accountable and Establishes Strong Data Security Obligations

• Focuses on the Business of Data, Not Mainstreet Business

The draft can be seen here.

Lanton Law's experience in privacy and data protection enables these companies to navigate the complex legal and regulatory landscape effectively. By partnering with us, tech and healthcare organizations can develop robust strategies, ensuring compliance, safeguarding personal data, and maintaining trust among your consumers.

Contact us to learn more. 

The U.S. Senate Finance Committee held a February 8, 2024 hearing titled “Artificial Intelligence and Health Care: Promise and Pitfalls.”

The following witnesses testified at the hearing:

• Peter Shen, Head of Digital & Automation for North America, Siemens Healthineers, Washington, DC

• Mark Sendak, MD, MPP, Co-Lead, Health AI Partnership, Durham, NC

• Michelle M. Mello, JD, Ph.D., Professor of Health Policy and of Law, Stanford University, Stanford, CA

• Ziad Obermeyer, MD, Associate Professor and Blue Cross of California Distinguished Professor, University of California – Berkeley, Berkeley, CA

• Katherine Baicker, Ph.D., Provost, University of Chicago, Chicago, IL

Senator Wyden (D-OR) made a few statements on AI. The Senator emphasized the importance of ensuring that AI in healthcare is used to improve patient outcomes and lower costs, rather than being driven by profit.. He also highlighted the need to address concerns regarding privacy, data security, and bias in AI algorithms.

Artificial Intelligence is clearly an emerging innovative field that is both exciting and risky. For tech and healthcare stakeholders, the possibilities can be endless when examining potential legal and regulatory pitfalls.

Lanton Law is a national boutique law and government affairs firm that closely monitors legislative, regulatory and legal developments in the healthcare and technology spaces. Contact us to learn about how either our legal or lobbying services can help you attain your goals.

Privacy has emerged as a critical issue in the digital age, prompting increased scrutiny and regulation. In New York, a hub for technology and healthcare industries, privacy trends have been shaping the legal and regulatory landscape. This blog post will explore the evolving privacy trends in New York and delve into how Lanton Law can help tech and healthcare companies navigate complex privacy laws and develop effective legal and regulatory strategies.

New York has been proactive in addressing privacy concerns, recognizing the importance of protecting personal information in an increasingly interconnected world. Several key privacy laws and regulations have been enacted, creating a robust privacy framework for businesses operating in the state.

The New York Privacy Act, if passed, would establish comprehensive privacy rights for consumers, similar to the European Union's General Data Protection Regulation (GDPR). It would empower individuals with control over their personal data and impose stringent obligations on businesses regarding data protection and transparency.

Additionally, the Stop Hacks and Improve Electronic Data Security (SHIELD) Act has enhanced data breach notification requirements and expanded the definition of personal information. It mandates businesses to implement reasonable security measures and imposes penalties for non-compliance.

Lanton Law has an emerging privacy and data protection section. Here's how our firm can help: 

a. Compliance Assessment: We can conduct comprehensive privacy assessments to identify areas of non-compliance and help businesses align their practices with applicable state and federal privacy regulations. We can review your policies, procedures, and data handling practices to ensure adherence to legal requirements.

b. Privacy Policy Development: We can assist in drafting and updating privacy policies that meet the specific needs of your industry. These policies often outline data collection practices, disclosure mechanisms, and individual rights, providing transparency and legal compliance.

c. Consent Mechanisms: With the increasing emphasis on consent, Lanton Law can help companies develop effective mechanisms for obtaining and managing consent. This includes ensuring clear and informed consent practices, implementing opt-in and opt-out mechanisms, and maintaining records of consent.

d. Privacy Impact Assessments: Lanton Law can conduct Privacy Impact Assessments (PIAs) to identify privacy risks associated with the implementation of new technologies, data-sharing practices, or changes in business operations. PIAs help companies proactively address privacy concerns and mitigate risks.

e. Dispute Resolution: In case of privacy-related disputes, Lanton Law can provide strategic guidance. 

Conclusion:

As privacy concerns continue to grow in the digital age, New York has been at the forefront of enacting comprehensive privacy legislation. Tech and healthcare companies in the state must adapt to these evolving trends to protect consumer data and maintain compliance with privacy regulations. 

Lanton Law's experience in privacy and data protection enables these companies to navigate the complex legal and regulatory landscape effectively. By partnering with us, tech and healthcare organizations can develop robust strategies, ensuring compliance, safeguarding personal data, and maintaining trust among your consumers.

Contact us to learn more. 

In late June 2022 H.R. 8152 was introduced which seeks to provide consumers with foundational data privacy rights, create strong oversight mechanisms, and establish meaningful enforcement. 

What are some of the important aspects of the bill?

According to the Congressional Research Service the bill proposes the following:

Covered Entities. It would apply to most entities, including nonprofits and common carriers. Some entities, such as those defined as large data holders that meet certain thresholds or service providers that use data on behalf of other covered entities, would face different or additional requirements.

Covered Data. It would apply to information that “identifies or is linked or reasonably linkable” to an individual.

Duties of Loyalty. It would impose several duties on covered entities, including requirements to abide by data minimization principles and special protections for certain types of data, such as geolocation information, biometric information, and nonconsensual intimate images.

Transparency. It would require covered entities to disclose, among other things, the type of data they collect, what they use it for, how long they retain it, and whether they make the data accessible to the People’s Republic of China, Russia, Iran, or North Korea.

Consumer Control and Consent. It would give consumers various rights over covered data, including the right to access, correct, and delete their data held by a particular covered entity. It would require covered entities to get a consumer’s affirmative, express consent before using their “sensitive covered data” (defined by a list of sixteen different categories of data). It would further require covered entities to give consumers an opportunity to object before the entity transfers their data to a third party or targets advertising toward them.

Youth Protections. It would create additional data protections for individuals under the age of 17, including a prohibition on targeted advertising, and it would establish a Youth Privacy and Marketing Division at the Federal Trade Commission (FTC).

Third-Party Collecting Entities. It would create specific obligations for third-party collecting entities, which are entities whose main source of revenue comes from processing or transferring data that it does not directly collect from consumers (e.g., data brokers). These entities would have to comply with FTC auditing regulations and, if they collect data above the threshold amount of individuals or devices, would have to register with the FTC.

Civil Rights and Algorithms. It would prohibit most covered entities from using covered data in a way that discriminates on the basis of protected characteristics (such as race, gender, or sexual orientation). It would also require large data holders to conduct algorithm impact assessments. These assessments would need to describe the entity’s steps to mitigate potential harms resulting from its algorithms, among other requirements. Large data holders would be required to submit these assessments to the FTC and make them available to Congress on request.

Data Security: It would require covered entities to adopt data security practices and procedures that are reasonable in light of their size and activities. It would authorize the FTC to issue regulations elaborating on these data security requirements.

Small- and Medium-size Businesses: It would also relieve small- and medium-size businesses from complying with several requirements; for instance, these businesses may respond to a consumer’s request to correct their data by deleting the data, rather than correcting it.

Enforcement. It would be enforceable by the FTC, under that agency’s existing enforcement authorities, and by state attorneys general in civil actions.

Private right of action. It would create a delayed private right of action starting four years after the law’s enactment. Injured individuals would be able to sue covered entities in federal court for damages, injunctions, litigation costs, and attorneys’ fees. Individuals would have to notify the FTC or their state attorney general before bringing suit. Before bringing a suit for injunctive relief or a suit against a small- or medium-size business, individuals would be required to give the violator an opportunity to address the violation.

Preemption. It would generally preempt any state laws that are “covered by the provisions” of the ADPPA or its regulations, although it would expressly preserve sixteen different categories of state laws, including consumer protection laws of general applicability and data breach notification laws. It would also preserve several specific state laws, such as Illinois’ Biometric Information Privacy Act and Genetic Information Privacy Act and California’s private right of action for victims of data breaches.

Section by section specifics can be found here. 

We are going to see more privacy proposals on the state and federal level. 

Lanton Law is a national healthcare & technology law and government affairs firm. Our technology practice has been monitoring privacy developments nationwide. If you are a commerce, technology or healthcare/life science stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

The California Privacy Protection Agency, the regulator established by the California Privacy Rights Act in November 2020 has posted draft regulations for its upcoming June 8 Board meeting. The draft CPRA regulations can be viewed here. 

The draft regulations do need work to clarify several issues. The draft does address privacy notice requirements, as well as how companies must notify its contractors and vendors to delete personal information as well as how to respond to opt out preference signals. The rules are forecasted to take effect on January 1, 2023. 

Lanton Law is a national healthcare & technology law and government affairs firm. Our technology practice has been monitoring privacy developments nationwide. If you are a commerce, technology or healthcare/life science stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

According to the U.S. House Committee on Energy and Commerce:

“U.S. Representatives Frank Pallone, Jr., D-N.J. and Cathy McMorris Rodgers, R-Wash., Chairman and Ranking Member of the House Committee on Energy and Commerce, and U.S. Senator Roger Wicker, R-Miss., Ranking Member of the Senate Committee on Commerce, Science, and Transportation, today released a discussion draft of a comprehensive national data privacy and data security framework. The draft legislation is the first comprehensive privacy proposal to gain bipartisan, bicameral support.”  

What does the American Data Privacy and Protection Act do?

• Establish a strong national framework to protect consumer data privacy and security;

• Grant broad protections for Americans against the discriminatory use of their data;

• Require covered entities to minimize on the front end, individuals’ data they need to collect, process, and transfer so that the use of consumer data is limited to what is reasonably necessary, proportionate, and limited for specific products and services;

• Require covered entities to comply with loyalty duties with respect to specific practices while ensuring consumers don’t have to pay for privacy;

• Require covered entities to allow consumers to turn off targeted advertisements;

• Provide enhanced data protections for children and minors, including what they might agree to with or without parental approval; 

• Establish regulatory parity across the internet ecosystem; and

• Promote innovation and preserve the opportunity for start-ups and small businesses to grow and compete.

The discussion draft can be found here.

Lanton Law is a national healthcare & technology law and government affairs firm. Our technology practice has been monitoring privacy developments nationwide. If you are a commerce, technology or healthcare/life science stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

Snapchat’s parent company is defending against a class-action lawsuit in the U.S. District Court for the Northern District of Illinois brought by two platform users identified as Adrian Coss and Maribel Ocampo. 

The lawsuit alleges that the platform violates the Illinois Biometrics Information Privacy Act by failing to provide users with the required disclosures under the act while collecting, storing and sharing users’ unique facial features and voices. 

The Illinois Biometric Information Privacy Act enacted in 2008 was an important first step in developing policy on biometrics. According to the law, a private entity possessing biometric information accessible to the public must have a retention schedule and policy for permanently destroying biometric information. Additionally, there are restrictions on how a private entity may collect, capture, purchase, receive through trade, or otherwise obtain a person's or a customer's biometric identifier or biometric information. Most importantly, this law requires obtaining written consent prior to collecting biometric information as the law provides a private right of action for anyone injured under the Act. 

Lanton Law’s technology practice, which includes biometrics and privacy issues, has been monitoring the Illinois Biometric Information Privacy Act for some time. We have posted several blogs addressing this issue as companies continue to evolve biometrics into their business models. 

Lanton Law is a national healthcare and life science boutique law and government affairs firm that closely monitors legislative, regulatory and legal developments for our clients. Our healthcare practice can help stakeholders understand what’s at issue so that we can help our valued clients reach their goals. Contact us to learn about how either our legal or lobbying services can help you attain your priorities.   

Lanton Law’s publications should not be construed as legal advice on any specific facts or circumstances. The contents are intended for general information purposes only and may not be quoted or referred to in any other publication or proceeding without prior written consent of us. To request reprint permission for any of our publications, please use our “Let’s Chat” form, which can be found on our website at www.lantonlaw.com. The mailing of this publication is not intended to create, and receipt of it does not constitute, an attorney-client relationship.

The FDA has just released a new cybersecurity draft titled “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions; Draft Guidance for Industry and Food and Drug Administration Staff; Availability.” The draft guidance can be viewed here. Comments are due July 7, 2022. 

What is the FDA proposing? 

In 2018, the FDA proposed updates to the final guidance, ‘‘Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,’’ and issued a draft guidance of the same name.”

This draft guidance replaces the aforementioned 2018 guidance and is “intended to further emphasize the importance of ensuring that devices are designed securely, are designed to be capable of mitigating emerging cybersecurity risks throughout the Total Product Life Cycle, and to clearly outline FDA’s recommendations for premarket submission content to address cybersecurity concerns.” 

Why is the FDA doing this? 

According to the draft guidance as “more medical devices are becoming interconnected, cybersecurity threats have become more numerous, more frequent, more severe, and more clinically impactful. As a result, ensuring medical device safety and effectiveness includes adequate medical device cybersecurity, as well as its security as part of the larger system.”

How Lanton Law can help

Society’s reliance on technology has become even more vital with the effects of COVID-19. With all of the hacking and malware attacks we have witnessed against various data stakeholders, we foresee cybersecurity as a major legal & policy area that will continue to be expanded.   

Lanton Law is a national boutique law and lobbying firm that focuses on technology and healthcare. If you are a tech or healthIT industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

At Lanton Law we have been monitoring the both exciting and emerging field of prescription digital therapeutics. While the technologies we have been witnessing are promising, there does remain the challenge of reimbursement, since there has not yet been a statutory benefit category established for this new technology. However; behavioral health shows the most immediate promise. 

A recent CMS meeting illustrates this point. CMS released a document titled “Centers for Medicare & Medicaid Services (CMS) Healthcare Common Procedure Coding System (HCPCS) Application Summaries and Coding Recommendations” for the Second Biannual, 2021 HCPCS Coding Cycle. The document can be viewed here. The document describes Pear Therapeutics’ reSET-O which is a “12-week interval prescription digital therapeutic for opioid use disorder (OUD).” CMS’ examination ended with its decision effective April 1, 2022 to establish a HCPCS Code to “facilitate options for non-Medicare payers to provide access to this therapy in the home setting,” so that CMS can continue its marketplace monitoring. This on top of the AMA’s CPT Editorial Panel’s actions (seen here) to establish a new CPT code for Cognitive Behavioral Therapy Monitoring effective January 2023 shows that there will definitely be more certainty in this field in the next coming years. 

Lanton Law is a national healthcare and life science boutique law and government affairs firm that closely monitors legislative, regulatory and legal developments for our clients. Our HealthIT practice can help stakeholders understand what’s at issue with topics like digital therapeutics, RTM and RPM so that we can help our valued clients reach their goals. Contact us to learn about how either our legal or lobbying services can help you attain your goals.

Senator Creem and Senator Lesser have introduced S.46 titled “An Act Establishing the Massachusetts Information Privacy Act.” The bill can be found here. The Act applies to Massachusetts businesses that earn $10,000 or more annual revenue through 300 or more transactions or that process or maintain the personal information of 10,000 or more unique individuals during the course of a calendar year. The bill has protections on the collection of biometric or location information and seeks to prevent companies from discriminating based on consumer personal information. The MA Information Privacy Commission would also be created by this proposal to oversee this bill’s regulatory scheme. 

This bill mirrors the efforts unleashed by the landmark General Data Protection Regulation (GDPR) in Europe which has been followed by efforts in California. Massachusetts did have a predecessor to S.46 in 2019 which stalled in the legislature.

The bill is currently in the Advanced Information Technology, the Internet and Cybersecurity Committee.  If you are a technology, healthcare or commerce stakeholder then this is something to keep a watch on.  

Lanton Law is a national healthcare & technology law and government affairs firm. Our technology practice has been monitoring privacy developments nationwide. If you are a commerce, technology or healthcare/life science stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

Senators Coons (D-DE), Kloubuchar (D-MN) and Portman (R-OH) have introduced a bi-partisan proposed bill that would require social media companies to provide vetted, independent researchers and the public with access to certain platform data.

According to the bill’s press release, PATA proposes the following:

• Under PATA, independent researchers would be able to submit proposals to the National Science Foundation, an independent agency designed to promote the progress of science by approving research and development proposals from researchers across the sciences. If the requests are approved, social media companies would be required to provide the necessary data subject to certain privacy protections.

  • Companies that failed to comply would be subject to enforcement from the Federal Trade Commission (FTC) and face the potential loss of immunity under Section 230 of the Communications Decency Act.  

• Additionally, the bill would give the FTC the authority to require that platforms proactively make certain information available to researchers or the public on an ongoing basis, such as a comprehensive ad library with information about user targeting and engagement.

• The proposal would also protect researchers from legal liability that may arise from automatically collecting platform information if they comply with various privacy safeguards.  

The bill can be viewed here. 

This bill is important to watch as part of an ongoing trend of increasing policy scrutiny on the tech sector.

Lanton Law is a national boutique regulatory law and lobbying firm that focuses on technology and healthcare/life science. Our technology practice monitors relevant policy and regulatory decision makers and we counsel clients on emerging trends within this rapidly developing field. 

If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

Senators Ron Wyden (D-OR) and Rand Paul (R-KY) have introduced the Protecting Data at the Border Act .

According to the press release “The bipartisan bill prevents law enforcement agencies from continuing to take advantage of the so-called border search “exception” in order to conduct warrantless searches of Americans’ phones and laptops.” 

“The Protecting Data at the Border Act would provide statutory clarity by recognizing that the principles from Riley v. California extend to searches of digital devices at the border. In addition, this bill requires that U.S. persons know their rights before they consent to giving up online account information (like social media account names or passwords) or before they consent to give law enforcement access to their devices.”

The bill summary can be found here.  

Lanton Law is a national boutique regulatory law and lobbying firm that focuses on technology and healthcare/life science. Our privacy practice monitors relevant policy and regulatory decision makers and we counsel clients on emerging trends within this rapidly developing field. 

If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

According to Senator Markey’s press release Senator Markey and Representatives Castor and Trahan have sent a letter to the Federal Trade Commission, urging the agency to use its full authority—including its authority under Section 5 of the FTC Act—to ensure these companies comply with their new policies. The Age Appropriate Design Code (AADC) took effect in the U.K. this September and requires online services available to children and teens to meet 15 key children’s privacy standards, many of which are similar to legislative proposals to update Senator Markey’s 1998 law, the Children’s Online Privacy and Protection Act (COPPA), in the United States.

It is no secret that technology stakeholders should be mindful of additional regulatory and policy scrutiny. Lanton Law is a national boutique regulatory law and lobbying firm that focuses on technology and healthcare/life science. We continue to monitor the policy and legal developments around the FTC.

If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

The Federal Trade Commission (FTC) last month issued the FTC Report to Congress on Privacy and Security. 

What’s in the Report? 

According to the agency “This report responds to the Joint Explanatory Statement accompanying the Consolidated Appropriations Act, 2021, P.L. 116-260, directing the Federal Trade Commission (“Commission” or “FTC”) to “conduct a comprehensive internal assessment measuring the agency’s current efforts related to data privacy and security while separately identifying all resource-based needs of the FTC to improve in these areas. The agreement also urges the FTC to provide a report describing the assessment’s findings to the Committees [on Appropriations of the House and Senate] within 180 days of enactment of this Act.”

Additionally, “The report first provides an overview of the FTC’s authority related to privacy and security, highlighting certain recent efforts in those areas. Second, it discusses priorities for improving the effectiveness of our efforts to protect Americans’ privacy. Third, it identifies areas in which we could use additional resources to further ensure Americans’ privacy is protected. Finally, it discusses the need for Congressional action on the FTC’s authority.”

Lanton Law is a national boutique regulatory law and lobbying firm that focuses on healthcare/life science and technology. We continue to monitor the policy and legal developments around the FTC.

If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

Last week U.S. Senators Richard Blumenthal (D-CT), Marsha Blackburn (R-TN), and Amy Klobuchar (D-MN) introduced the Open App Markets Act. According to the press release, “ The Open App Markets Act would protect developers’ rights to tell consumers about lower prices and offer competitive pricing; protect sideloading of apps; open up competitive avenues for startup apps, third party app stores, and payment services; make it possible for developers to offer new experiences that take advantage of consumer device features; give consumers more control over their devices; prevent app stores from disadvantaging developers; and set safeguards to continue to protect privacy, security, and safety of consumers.”

Lanton Law is a national boutique regulatory law and lobbying firm that focuses on technology and healthcare/life sciences. If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

President Biden has issued an Executive Order (EO) titled Executive Order on Promoting Competition in the American Economy. The EO advocates for promoting “competition in the American economy, which will lower prices for families, increase wages for workers, and promote innovation and even faster economic growth.” In doing so multiple sectors of the economy including labor, healthcare, transportation, agriculture, communications, technology, banking and finance have been targeted.    

As our economy emerges from the pandemic, we foresee that state and federal policymakers will be taking a look to see what laws need to be strengthened or reworked for our reimagined economy. 

Lanton Law is a national boutique law and lobbying firm that focuses on highly regulated industries such as healthcare, technology, and finance. If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

Earlier this month the U.S. Senate passed a rare bi-partisan bill called the United States Innovation and Competition Act, which seeks to improve America's competitive edge by investing billions of dollars in scientific and technological innovations – including artificial intelligence, computer chips and robotics. The bill would boost funding for research and technology manufacturing to increase America's competitiveness, strengthen national security and grow the economy. The bill’s future is uncertain in the U.S. House of Representatives, where the House has a similar bill but it is unlikely that there will not be some kind of compromise between the House and Senate, especially where national security is concerned. 

Lanton Law’s technology practice has been monitoring similar legislative and legal developments. If you are a technology or healthcare/life science stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.  

U.S. Senator Gillibrand (D-NY) issued a press release announcing the Data Protection Act of 2021, which would create the DPA, an independent federal agency whose goal is to protect Americans’ data, instill privacy safeguards and work to ensure that there is transparency in data sharing practices. 

There have been some changes to this proposed legislation since last year’s version of the bill. These changes include:

• Supervision of Data Aggregators: Grants the DPA authority to review Big Tech mergers involving a large data aggregator, or any merger that proposes the transfer of personal data of 50,000 or more individuals.

• Office of Civil Rights: Establishes the DPA Office of Civil Rights to advance data justice and protect individuals from discrimination. 

• Enforcement Powers: Improves DPA enforcement powers to oversee the use of high-risk data practices and to penalize, examine, and propose remedies to the social, ethical, and economic impacts of data collection.

• Penalties and Fines: Prohibits data aggregators from committing any unlawful, unfair, deceptive, abusive, or discriminatory data practices; and allows for penalties and fines to be levied if violated, including triple penalties for violations against children.

• Defines Key Terms for Transparency: Provides Key Definitions for Privacy Harm, Data Aggregators, and High-Risk Data Practice, among other key terms.

According to the release “The DPA would be an executive agency. The director would be appointed by the president and confirmed by the Senate, serves a 5-year term, and must have knowledge of technology, protection of personal data, civil rights, and law. The agency may investigate, subpoena for testimony or documents, and issue civil investigative demands. It may prescribe rules and issue orders and guidance as is necessary to carry out federal privacy laws. The authority of state agencies and state attorneys general are preserved in the Act. The DPA would have three core missions:

1. Give Americans control and protection over their own data by authorizing the DPA to create and enforce data protection rules. 

2. Maintain the most innovative, successful tech sector in the world by ensuring fair competition within the digital marketplace. 

3. Prepare the American government for the digital age.”

Lanton Law’s technology practice has been monitoring privacy developments nationwide. If you are a banking/finance, technology or healthcare/life science stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

The Federal Trade Commission (FTC) announced an April 29, 2021 virtual workshop to examine digital “dark patterns,” a term that has been used to describe a range of potentially manipulative user interface designs used on websites and mobile apps.

“Bringing Dark Patterns to Light: An FTC Workshop” will explore the ways in which user interfaces can have the effect, intentionally or unintentionally, of obscuring, subverting, or impairing consumer autonomy, decision-making, or choice. For example, some sites sneak extra items into a consumer’s online shopping cart, or require users to navigate a maze of screens and confusing questions to avoid being charged for unwanted products or services.

Some of the topics the workshop will examine include:

• how dark patterns differ from sales tactics employed by brick-and-mortar stores;

• how they affect consumer behavior, including potential harms;

• whether some groups of consumers are unfairly targeted or are especially vulnerable;

• what laws, rules, and norms regulate the use of dark patterns; and

• whether additional rules, standards, or enforcement efforts are needed to protect consumers.

The FTC will be seeking public comment on the following topics with a deadline to submit comments by May 29, 2021. 

• Defining dark patterns

• Prevalence of dark patterns

• Factors affecting dark pattern adoption

• Dark patterns and machine learning

• Effectiveness of dark patterns

• Harms of dark patterns

• Consumer perception of dark patterns

• Market constraints and self-regulation

• Solutions

Dark pattern policy discussion has increased over the last few months. If you are a technology stakeholder, it is a discussion to take note of. 

Lanton Law is a national boutique law and lobbying firm that focuses on fintech, technology and healthcare. If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.

The U.S. House Antitrust Subcommittee Chairman Cicilline (D-RI) issued a statement shortly after the Committee marked up and approved the Committee’s report which after a 16 month investigation examined the state of competition within the digital economy.

The Congressman’s statement stated: 

“Amazon, Apple, Google, and Facebook each hold monopoly power over significant sectors of our economy. This monopoly moment must end. I’m grateful to my colleagues on both sides of the aisle who worked with me over the past two years to compile this Report, which makes clear that Congress and the antitrust enforcement agencies must step up to restore a competitive marketplace, enhance innovation, and protect our democracy. Now that the Judiciary Committee has formally adopted our findings, I look forward to crafting legislation that addresses the significant concerns we have raised.”

The report is expected to become an official committee report shortly. Lanton Law has been closely monitoring legislation from Senator Klobuchar (D-MN) and Congressman Cicilline (D-RI) and we strongly believe that this year we will see legislation based off of this Committee report to strengthen antitrust laws aimed at tech companies. 

Lanton Law is a national boutique law and lobbying firm that focuses on technology and healthcare. If you are an industry stakeholder with questions about the current landscape or if you would like to discuss how your organization’s strategic initiatives might be impacted by either Congress, regulatory agencies or legal decisions, contact us today.