Alysa Hutnik

Connected devices have existed in the marketplace in one form or another for decades (think vending machines or weather sensors). Yet, a confluence of forces in recent years has helped spur a mass proliferation of technology in the “Internet of Things,” and with it, the collection and analytics of big data. Demand is high to connect nearly everything to the Internet — from smart home platforms and connected cars, to wearable devices and even smart yoga mats. Analysts predict that the number of… Show more

Connected devices have existed in the marketplace in one form or another for decades (think vending machines or weather sensors). Yet, a confluence of forces in recent years has helped spur a mass proliferation of technology in the “Internet of Things,” and with it, the collection and analytics of big data. Demand is high to connect nearly everything to the Internet — from smart home platforms and connected cars, to wearable devices and even smart yoga mats. Analysts predict that the number of IoT devices will reach between 25 and 200 billion devices by 2020.

For such an ubiquitous topic, the IoT can be surprisingly difficult to describe. At a basic level, the IoT is an ecosystem of physical objects connected to the Internet generally featuring small, embedded sensors relying on wired and wireless technologies that collect and transmit data either passively or actively. The Federal Trade Commission, the nation’s top consumer protection cop, defines the IoT as “the ability of everyday objects to connect to the Internet and to send and receive data,” that includes both consumer- and nonconsumer-facing devices.[1] As the IoT has continued to grow into new and emerging areas, so too has FTC scrutiny. Show less

On March 31, 2016, the Federal Communications Commission (FCC or Commission) voted along party lines (3-2) to launch a notice of proposed rulemaking (Notice or NPRM) to establish privacy rules for Broadband Internet Access Service (BIAS) providers. This rulemaking stems from the 2015 Open Internet Order and proposes rules to apply Section 222 of the Communications Act of 1934, as amended (Communications Act or the Act), to BIAS. The proposed rules draw from a wide array of federal and state… Show more

On March 31, 2016, the Federal Communications Commission (FCC or Commission) voted along party lines (3-2) to launch a notice of proposed rulemaking (Notice or NPRM) to establish privacy rules for Broadband Internet Access Service (BIAS) providers. This rulemaking stems from the 2015 Open Internet Order and proposes rules to apply Section 222 of the Communications Act of 1934, as amended (Communications Act or the Act), to BIAS. The proposed rules draw from a wide array of federal and state laws, rules, and other guidance, as well as industry best practices, and if adopted could impose prescriptive and complex privacy obligations that would be among the most extensive in the country. Show less

Co-chairs of Kelley Drye’s TCPA Litigation Practice Alysa Zeltzer Hutnik and Lauri A. Mazzuchetti and senior associate Michael Innes authored an update to their Practical Law The Journal | Litigation article “TCPA Litigation: Key Issues and Considerations.” The update includes an addition to the “Offers of Judgment and Mootness” section in light of the recent Campbell-Ewald Co. v. Gomez decision.

On January 6, 2016, the Federal Trade Commission (FTC) released a report on the growing use of “big data” which discusses potential benefits and risks to big data use and offers practical and legal considerations for businesses. The report, Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues, focuses on the potential impact of big data on low-income and underserved populations and addresses a host of considerations related to how such data is used. The report follows the… Show more

On January 6, 2016, the Federal Trade Commission (FTC) released a report on the growing use of “big data” which discusses potential benefits and risks to big data use and offers practical and legal considerations for businesses. The report, Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues, focuses on the potential impact of big data on low-income and underserved populations and addresses a host of considerations related to how such data is used. The report follows the FTC’s public workshop, “Big Data: A Tool for Inclusion or Exclusion,” on September 15, 2014. Show less

Partners Lauri A. Mazzuchetti, Lee S. Brenner, Alysa Zeltzer Hutnik and senior associate Michael A. Innes authored the Metropolitan Corporate Counsel article “Dial M for Murderous Liability: Maximize TCPA Compliance to Minimize Potentially Devastating Consequences.” The article provides a roadmap for companies to minimize Telephone Consumer Protection Act (TCPA) exposure, discusses the increased scrutiny by the Federal Communication Commission (FCC) of service agreements and highlights appeals… Show more

Partners Lauri A. Mazzuchetti, Lee S. Brenner, Alysa Zeltzer Hutnik and senior associate Michael A. Innes authored the Metropolitan Corporate Counsel article “Dial M for Murderous Liability: Maximize TCPA Compliance to Minimize Potentially Devastating Consequences.” The article provides a roadmap for companies to minimize Telephone Consumer Protection Act (TCPA) exposure, discusses the increased scrutiny by the Federal Communication Commission (FCC) of service agreements and highlights appeals pending before the D.C. Circuit Court Appeals and the Supreme Court of the United States that could dramatically alter both the requirements for TCPA compliance and related litigation strategies.

As companies increase their use of mobile marketing strategies, mobile delivery platforms and cloud-based technologies to communicate with consumers, the business risks and potential for legal exposure under the TCPA increases in tandem. Nearly every company that interacts with consumers via phone, fax or text message should anticipate the possibility of being hit with a TCPA lawsuit, which could subject the company to potentially annihilating liability. Show less

Partner Alysa Hutnik and associate Robyn P. Mohr co-authored the Law360 article “Another Privacy Victory For Video Service Providers.” The article covers the recent Rodriguez v. Sony Computer Entertainment America LLC ruling and how it relates to trends in Video Privacy Protection Act (VPAA) cases. Generally, courts are ruling in favor of the streaming media companies that are being sued for alleged violations of the act, limiting their liability. The Rodriguez v. Sony Computer Entertainment… Show more

Partner Alysa Hutnik and associate Robyn P. Mohr co-authored the Law360 article “Another Privacy Victory For Video Service Providers.” The article covers the recent Rodriguez v. Sony Computer Entertainment America LLC ruling and how it relates to trends in Video Privacy Protection Act (VPAA) cases. Generally, courts are ruling in favor of the streaming media companies that are being sued for alleged violations of the act, limiting their liability. The Rodriguez v. Sony Computer Entertainment America LLC ruling was notable, as this was the first time the Ninth Circuit addressed the VPPA as it pertains to the retention of customer information. Ms. Hutnik and Ms. Mohr outline the VPPA, details surrounding Rodriguez v. Sony Computer Entertainment America LLC, and the implications of this ruling. Show less

Partner Alysa Zeltzer Hutnik and associate Robyn P. Mohr co-authored the Inside Counsel article "Stay Tuned for Details: 5 Tips Online Streaming Services Need to Know About the Video Privacy Protection Act." The article provides an overview of the Video Privacy Protection Act (VPAA) and tips for companies whose website or mobile app offers online video content. Ms. Hutnik provides five compliance questions to consider: "To whom does the law apply?" "Who's streaming your content?" "What data are… Show more

Partner Alysa Zeltzer Hutnik and associate Robyn P. Mohr co-authored the Inside Counsel article "Stay Tuned for Details: 5 Tips Online Streaming Services Need to Know About the Video Privacy Protection Act." The article provides an overview of the Video Privacy Protection Act (VPAA) and tips for companies whose website or mobile app offers online video content. Ms. Hutnik provides five compliance questions to consider: "To whom does the law apply?" "Who's streaming your content?" "What data are you collecting?" "How do you share that data?" "How can you prevent a violation?" She suggests that, "One way to ensure compliance is for a video provider to obtain informed, written consent to disclose a consumer's personal information." Show less

n this Client Advisory, we address the Ruling’s discussion of the definition of “autodialer,” reassigned phone numbers, consent revocation, and certain financial and healthcare exemptions. The Advisory also highlights other aspects of the Ruling, such as clarity that telecommunications carriers and VoIP providers can enable call blocking technologies in response to consumer requests, the liability for calling and texting platforms, a limited exemption for a one-time text immediately sent in… Show more

n this Client Advisory, we address the Ruling’s discussion of the definition of “autodialer,” reassigned phone numbers, consent revocation, and certain financial and healthcare exemptions. The Advisory also highlights other aspects of the Ruling, such as clarity that telecommunications carriers and VoIP providers can enable call blocking technologies in response to consumer requests, the liability for calling and texting platforms, a limited exemption for a one-time text immediately sent in response to a consumer’s request for information, the effect of consents obtained prior to the FCC’s 2012 rule change and the conclusion that Internet to text services fall within the scope of the TCPA.

The Advisory concludes with a review of the effective dates of the Ruling and next steps regarding possible appeals, filing deadlines, and potential legislative solutions. Show less

Co-chairs of Kelley Drye’s TCPA Litigation Practice Alysa Zeltzer Hutnik and Lauri A. Mazzuchetti and senior associate Michael Innes authored the Practical Law The Journal | Litigation article “TCPA Litigation: Key Issues and Considerations.” The article explains that as more and more companies engage in mobile delivery platforms to communicate with consumers, there is a greater business risk and potential for legal exposure under the Telephone Consumer Protection Act (TCPA).

This… Show more

Co-chairs of Kelley Drye’s TCPA Litigation Practice Alysa Zeltzer Hutnik and Lauri A. Mazzuchetti and senior associate Michael Innes authored the Practical Law The Journal | Litigation article “TCPA Litigation: Key Issues and Considerations.” The article explains that as more and more companies engage in mobile delivery platforms to communicate with consumers, there is a greater business risk and potential for legal exposure under the Telephone Consumer Protection Act (TCPA).

This article discusses:

Rulemaking authority under the TCPA and the scope of the TCPA, highlighting the most commonly litigated areas.
Enforcement powers under the TCPA.
Key issues in class action lawsuits brought under the TCPA.
Recent Federal Communications Commission (FCC) TCPA rulings, which may expand and modify compliance obligations.
The potential for third-party liability under the TCPA.
Best practices for companies and their counsel to minimize internal and third-party TCPA-related liability risks. Show less

On May 27, 2015, Federal Communications Commission (FCC) Chairman Tom Wheeler released a “fact sheet” on his proposal to address two dozen pending petitions seeking clarification on various aspects of the Telephone Consumer Protection Act (TCPA). The Chairman intends to address all of the petitions in a single omnibus approval, which will be presented for a vote during the Commission’s Open Meeting on June 18, 2015.

Many of the issues identified in the Chairman’s announcement have been… Show more

On May 27, 2015, Federal Communications Commission (FCC) Chairman Tom Wheeler released a “fact sheet” on his proposal to address two dozen pending petitions seeking clarification on various aspects of the Telephone Consumer Protection Act (TCPA). The Chairman intends to address all of the petitions in a single omnibus approval, which will be presented for a vote during the Commission’s Open Meeting on June 18, 2015.

Many of the issues identified in the Chairman’s announcement have been pending before the Commission for a year or more. They cover core TCPA issues such as the definition of an “autodialer,” wrong number calls and texts, revocation of consumer consent and the sending of informational messages. His proposal appears to expand the scope of the TCPA and add new obligations on entities sending calls or texts.
Show less

Co-chairs of Kelley Drye’s TCPA Litigation Practice Alysa Zeltzer Hutnik and Lauri A. Mazzuchetti and senior associate Michael Innes authored the Practical Law The Journal | Litigation article “TCPA Litigation: Key Issues and Considerations.” The article explains that as more and more companies engage in mobile delivery platforms to communicate with consumers, there is a greater business risk and potential for legal exposure under the Telephone Consumer Protection Act (TCPA).

This… Show more

Co-chairs of Kelley Drye’s TCPA Litigation Practice Alysa Zeltzer Hutnik and Lauri A. Mazzuchetti and senior associate Michael Innes authored the Practical Law The Journal | Litigation article “TCPA Litigation: Key Issues and Considerations.” The article explains that as more and more companies engage in mobile delivery platforms to communicate with consumers, there is a greater business risk and potential for legal exposure under the Telephone Consumer Protection Act (TCPA).

This article discusses:

Rulemaking authority under the TCPA and the scope of the TCPA, highlighting the most commonly litigated areas.
Enforcement powers under the TCPA.
Key issues in class action lawsuits brought under the TCPA.
Emerging TCPA-related issues, including how the TCPA is being applied to new technologies.
The potential for third-party liability under the TCPA.
Best practices for companies and their counsel to minimize internal and third-party TCPA-related liability risks. Show less

Partners John J. Heitmann, Alysa Zeltzer Hutnik, Dana B. Rosenfeld and Associates Jameson J. Dempsey and Katherine Riley Townley co-authored the Metropolitan Corporate Counsel article “FTC Publishes Internet of Things Report.” The article provides best practice recommendations in light of the Federal Trade Commission’s report “The Internet of Things: Privacy and Security in a Connected World” which was issued on January 27th. The authors provide background on the report as well as data… Show more

Partners John J. Heitmann, Alysa Zeltzer Hutnik, Dana B. Rosenfeld and Associates Jameson J. Dempsey and Katherine Riley Townley co-authored the Metropolitan Corporate Counsel article “FTC Publishes Internet of Things Report.” The article provides best practice recommendations in light of the Federal Trade Commission’s report “The Internet of Things: Privacy and Security in a Connected World” which was issued on January 27th. The authors provide background on the report as well as data security, data minimization, “notice and choice”, and legislative recommendations. Show less

On January 28, 2015, TracFone Wireless, Inc. – the largest prepaid mobile provider in the United States – agreed to pay $40 million in restitution to the Federal Trade Commission (FTC) over charges that the company deliberately misled millions of consumers when it promised, and deceptively failed to provide, “unlimited” data plans.

The FTC alleged that TracFone advertised $45 per month unlimited plans, but systematically throttled and/or suspended customers’ connections after they passed… Show more

On January 28, 2015, TracFone Wireless, Inc. – the largest prepaid mobile provider in the United States – agreed to pay $40 million in restitution to the Federal Trade Commission (FTC) over charges that the company deliberately misled millions of consumers when it promised, and deceptively failed to provide, “unlimited” data plans.

The FTC alleged that TracFone advertised $45 per month unlimited plans, but systematically throttled and/or suspended customers’ connections after they passed a certain usage threshold, in violation of Section 5 of the FTC Act, which prohibits “unfair and deceptive” trade practices.

In addition to the blockbuster settlement figure, the Order stipulates that TracFone must comply with a number of stringent compliance reporting requirements.
Show less

On January 27, 2015, the Federal Trade Commission (FTC), by a 4 to 1 vote, issued a long-awaited staff report entitled The Internet of Things: Privacy and Security in a Connected World. The lengthy report summarizes the FTC’s November 19, 2013 workshop that explored the consumer privacy and security issues associated with the increasing number of connected devices, provides recommended privacy and security best practices for companies that create and sell connected devices, and repeats the… Show more

On January 27, 2015, the Federal Trade Commission (FTC), by a 4 to 1 vote, issued a long-awaited staff report entitled The Internet of Things: Privacy and Security in a Connected World. The lengthy report summarizes the FTC’s November 19, 2013 workshop that explored the consumer privacy and security issues associated with the increasing number of connected devices, provides recommended privacy and security best practices for companies that create and sell connected devices, and repeats the Commission’s call to Congress to enact broad, technology-neutral privacy and data security legislation. FTC Chairwoman Edith Ramirez announced the release of the report during her keynote address at the annual State of the Net conference, stating that “by adopting the best practices . . . laid out, businesses will be better able to provide consumers the protections they want and allow the benefits of the Internet of Things to be fully realized.” Show less

Partner Alysa Z. Hutnik and associate Katherine E. Riley authored the InsideCounsel article "Life's a Breach: Make a New Year's Resolution to be Prepared."

In this article they examine data breach trends in the retail industry and give advice for avoiding the same issues in 2015 by listing pre-beach and post-breach "resolutions." They suggest that it is never too late to reduce risk by reviewing and optimizing policies and procedures and understanding the common pitfalls that increase… Show more

Partner Alysa Z. Hutnik and associate Katherine E. Riley authored the InsideCounsel article "Life's a Breach: Make a New Year's Resolution to be Prepared."

In this article they examine data breach trends in the retail industry and give advice for avoiding the same issues in 2015 by listing pre-beach and post-breach "resolutions." They suggest that it is never too late to reduce risk by reviewing and optimizing policies and procedures and understanding the common pitfalls that increase the costs or delay notification of a data breach. Show less

On September 15, 2014, the Federal Trade Commission (“FTC”) hosted a public workshop entitled “Big Data: A Tool for Inclusion or Exclusion?” to further explore the use of “big data” and its impact on consumers.

Partner Alysa Zeltzer Hutnik and associate Crystal N. Skelton authored the Bloomberg BNA’s Privacy and Security Law Report article “Privacy and Data Security 15 Do’s and Don’ts: Tips for Avoiding FTC Enforcement.” The article discusses how the FTC continues to remain focused on protecting consumers’ privacy and security online, offline and in the mobile environment. While nearly any company that financially benefits from the use of consumer personal data is a potential FTC target, to understand… Show more

Partner Alysa Zeltzer Hutnik and associate Crystal N. Skelton authored the Bloomberg BNA’s Privacy and Security Law Report article “Privacy and Data Security 15 Do’s and Don’ts: Tips for Avoiding FTC Enforcement.” The article discusses how the FTC continues to remain focused on protecting consumers’ privacy and security online, offline and in the mobile environment. While nearly any company that financially benefits from the use of consumer personal data is a potential FTC target, to understand what particular practices the FTC views as unlawful can be challenging. To help navigate that task, Ms. Hutnik and Ms. Skelton summarizes 15 do’s and don’ts to consider when implementing privacy and data security practices. Show less

Consistent with the FTC’s laser focus on mobile privacy, the Commission today announced its latest privacy law enforcement action – this time against a mobile device manufacturer. Today’s announcement, with HTC America, involves the FTC’s charges that the device manufacturer did not sufficiently secure the software that it developed for its smartphones and tablet computers, and did not accurately describe its data handling practices to device users. The FTC’s allegations underscore the… Show more

Consistent with the FTC’s laser focus on mobile privacy, the Commission today announced its latest privacy law enforcement action – this time against a mobile device manufacturer. Today’s announcement, with HTC America, involves the FTC’s charges that the device manufacturer did not sufficiently secure the software that it developed for its smartphones and tablet computers, and did not accurately describe its data handling practices to device users. The FTC’s allegations underscore the Commission’s view that companies are required under Section 5 of the FTC Act to (1) implement a number of specific privacy-by-design steps to products capable of collecting, accessing, and transmitting personal information, and (2) carefully confirm that any representations they make about a product and how personal information is handled – including statements in a product’s user guide and representations made on the interface of a software application – remain consistent with the product’s capabilities. Show less

On December 19, 2012, the Federal Trade Commission ("FTC") issued its long-awaited final amendments to the Children's Online Privacy Protection Rule ("COPPA" or the "Rule").1 COPPA requires commercial websites and online services that are either directed to children under 13 or have actual knowledge that they are collecting personal information from children under 13 to obtain verifiable parental consent before collecting personal information from such children. The final revisions… Show more

On December 19, 2012, the Federal Trade Commission ("FTC") issued its long-awaited final amendments to the Children's Online Privacy Protection Rule ("COPPA" or the "Rule").1 COPPA requires commercial websites and online services that are either directed to children under 13 or have actual knowledge that they are collecting personal information from children under 13 to obtain verifiable parental consent before collecting personal information from such children. The final revisions significantly modify or expand key definitions within the Rule, including the definitions of "operator," "personal information," and "website or online service directed to children," and update the Rule's requirements concerning parental notice and consent, and the existing safe harbor provisions. These changes both broaden the scope of online entities that are subject to COPPA and provide new pathways to compliance for certain child-directed sites. The amendments also include new safeguard requirements, including provisions that involve personal data minimization and disposal obligations. Show less

If you’re considering whether to add an Augmented Reality app to your marketing mix, be aware that traditional advertising law principles still apply, and that both federal and state regulators are keeping a watchful eye on AR’s potential impact on consumer privacy.... Read on....

On Sept. 5, 2012, the FTC published a marketing guide for mobile application developers entitled “Marketing Your Mobile App: Get it Right from the Start." In addition to identifying truth-in-advertising standards, the guide provides basic privacy principles for mobile app developers that align with the core principles contained in the FTC staff’s March 2012 privacy report, as discussed in this article.