Enforcement of U.S. Privacy and Security Laws

Question 1

Define:

criminal prosecution

Answer 1

• actions brought by the government for violations of criminal laws
• prosecuted by DOJ or state AG/DAs

Question 2

Define:

administrative enforcement actions

Answer 2

• carried out pursuant to statutes that create and empower an agency, such as the FTC
• rules for agency enforcement actions occur under the Administrative Procedure Act (APA) which sets forth rules for adjudication within an agency, where court-like hearings may take place before an administrative law judge

Question 3

Can a federal agency sue?

Answer 3

federal agency may sue a party in federal court, with the agency as the plaintiff in the civil action

Question 4

How is the U.S. Department of State involved in privacy oversight, enforcement and policy?

Answer 4

increasingly active, especially by negotiating internally on privacy issues with other countries

Question 5

How is the Department of Commerce involved in privacy oversight, enforcement and policy?

Answer 5

leading role in federal policy development and has traditionally administered agreement on privacy protection for data flows between the U.S. and the EU

Question 6

How is the Department of Transportation involved in privacy oversight, enforcement and policy?

Answer 6

traditionally enforced violations of agreement on privacy protections for data flows between the U.S. and EU for some transportation companies

Question 7

How is the FAA involved in privacy oversight, enforcement and policy?

Answer 7

increasing role for drones

Question 8

How is the Office of Management and Budget involved in privacy oversight, enforcement and policy?

Answer 8

lead agency for interpreting Privacy Act of 1974, which applies to federal agencies and private-sector contractors to those agencies

Question 9

How is the IRS involved in privacy oversight, enforcement and policy?

Answer 9

subject to privacy rules concerning tax records

Question 10

How is the Department of Homeland Security involved in privacy oversight, enforcement and policy?

Answer 10

faces numerous privacy issues such as E-Verify program for new employees; rules for air traveler records under TSA; and immigration and other border issues

Question 11

How is the Department of Energy involved in privacy oversight, enforcement and policy?

Answer 11

dealing with Smart Grid for electric utility system

Question 12

How is the DoJ involved in privacy oversight, enforcement and policy?

Answer 12

sole federal agency to bring criminal enforcement actions

Question 13

How does self-regulation occur through legislation?

Answer 13

only occurs at the quasi-legislative stage (i.e., voluntary industry rulemaking)

Question 14

Define:

third-party privacy seal and certification programs

Answer 14

• services offered by the 3Ps provide methods for third parties to oversee compliance
• companies may demonstrate compliance and improve consumer confidence by displaying a trust mark in the form of a seal, logo or other certification showing that they are part of the certification program

Question 15

Digital Advertising Alliance (DAA)

Answer 15

• coalition of media and advertising companies and developed an icon program intended to inform consumers about how they can exercise choice with respect to online behavioral advertising

Question 16

AdChoice system

Answer 16

AdChoice system allows users to click on an icon near an ad or to visit AdChoices website and choose to what extent the user will view behavioral ads from participating advertisers