Antitrust Law Source

Podcasts

Episode 25
Consumer data breaches

What happens if your personally identifiable information is stolen, but no harm has come to you…yet? Do the eyes of the court feel that simply the fear of harm warrants relief? Jay and Ryan Graham discuss the differing decisions to date and how things may evolve in the future.

iTunes
Episode 24
Representative evidence – Good, bad? The Supreme Court speaks

As we’ve reported previously, Tyson was challenging the certification of a class of employees who sued for unpaid time related to donning and doffing protective gear. Jay discusses the implications of the Supreme Court’s allowance of representative evidence to prove classwide liability and how the Court’s ruling may (or may not) impact future class actions.

iTunes
Episode 23
Are data breaches covered under insurance policies?

In defending against a class action case where patient information was found online for months without being secured, the insurance company was found to have a duty to defend the defendant, who held an insurance policy that covered the publication of patient information. The case, Travelers Indemnity vs. Portal Healthcare, is important because it’s one of the first decisions to rule on whether data breach litigation is covered under commercial insurance policies.

iTunes

You win some, you lose some – the story of the FTC’s week

Last week was an exciting week in the world of merger challenges. Decisions were issued by federal courts regarding the Federal Trade Commission’s (FTC) efforts to preliminarily block two different mergers – one involving office supply retailers, the other, hospitals. The FTC was able to convince one judge that its case had merit, but not the other. And while we won’t know Judge Sullivan’s reasons for granting the preliminary injunction blocking the Staples/Office Depot merger (FTC v. Staples, No. 1:15-cv-02115 (D.D.C. May 10, 2016)) until later this month (the opinion is currently under seal), an apparent contradiction in the federal government’s policy towards healthcare consolidation may have tilted the scales against the FTC for Judge Jones in FTC v. Penn State Hershey Medical Center, No. 1:15-cv-02362 (M.D. Pa. May 9, 2016). Continue Reading

ABA Section of Antitrust Law Spring Meeting 2016: Clarifying liability in hub-and-spoke conspiracies

Last in our series on the ABA Antitrust Section’s 2016 Spring Meeting, but certainly not least, we bring you Jetta’s summary of the panel discussion on hub-and-spoke conspiracies. These conspiracies seem to be in vogue now, with the Apple (e-book) case prominent among them. Not surprisingly, the government and the defense bar sees these cases very differently.

Kudos to our associates for preparing these summaries. We hope you have enjoyed them. Stay tuned for future articles and podcasts.

-Jay Levine

The concept of “hub-and-spoke” conspiracies can be found in cases dating back to at least 1939, most notably, the Supreme Court’s decision in Interstate Circuit v. United States. Such conspiracies involve both horizontal agreements, meaning agreements among competitors, and vertical agreements, which are agreements among parties at different levels of the distribution chain. In hub-and-spoke conspiracies, there has to be at least one vertical participant, which is referred to as the “hub.” The agreements between the hub and the competitor participants are the “spokes,” and the agreement among the competitors forms the “rim.” Continue Reading

ABA Antitrust Section’s Spring Meeting 2016: Agency update with Deputy Assistant Attorneys General

DOJ’s Antitrust Division is headed by an Assistant Attorney General, who is assisted by several Deputies, referred to as DAAGs (Deputy Assistant Attorneys General).  In one presentation, the various DAAGs presented their view on the Division’s enforcement efforts, both civil and criminal. Continuing our series on the 2016 Spring Meeting, Allen summarizes their presentation so you can hear what our enforcers are saying.

-Jay Levine

In a session presented by the Federal Civil Enforcement Committee, the various Deputy Assistant Attorneys General (DAAG) of the Antitrust Division provided a deep dive into the happenings at the Department of Justice’s Antitrust Division over the last year.

The Division had a busy year. The increase in the Division’s headcount, now back up to 700 and a current announcement seeking 14 additional attorneys in Civil Enforcement, serves as an indicator of the Division’s increased activity. As compared to the past, the Division works on a cross-office basis more frequently now, too. The Deputies reported an ongoing merger wave—nearly a 36 percent increase in HSR transactions between 2013 and 2015—but also reported that the number of second requests, as a percentage of total HSR transactions, slightly decreased in the same period. In 2013, 1.7 percent of mergers triggered a second request versus 1.5 percent in 2015. Of course, the decrease in second requests does not reflect a policy change. Continue Reading

ABA Section of Antitrust Law Spring Meeting 2016: The FTC and the new frontier of privacy

Continuing our series on the 2016 Spring Meeting, Ryan Graham, an associate in the Antitrust Group and former analyst with the FBI’s Cyber Division, summarizes the panelists’ thoughts on the FTC’s future focus as it relates to privacy and data security.

Privacy and data security lawyers would love to know what initiatives the Federal Trade Commission (FTC) will be spearheading in privacy and data security in the future. A recent panel discussion at the Spring Antitrust Meeting sponsored by the American Bar Association provided some predictive insight into this question. In the panel discussion entitled “The FTC and the New Frontier of Privacy,” the panelists were asked to discuss what role the FTC would take in technology and data security following its Section 5 authority win in Wyndham, which has been discussed in previous posts on this blog.

The panel highlighted three initiatives currently underway that will guide the FTC into the near future: (1) network-enabled devices (NEDs) and the internet of things (IOT); (2) big data and its implications in discrimination; and (3) international data transfer mechanisms. While none of these areas are necessarily shocking, they do indicate the emphasis the FTC will place on emerging technology in the near term.

Concerning NEDs, the FTC remains concerned about the expansion of the IOTs due to the boom in the market for NEDs. Many of the smaller start-up companies producing NEDs may not possess the resources necessary to effectively secure those devices. The FTC is also concerned that some NEDs do not include any Human Machine Interface (HMI), making it entirely plausible that a consumer could install a NED in the home and never be exposed to its privacy policy, even if such a policy were included in the packaging material. The FTC is considering methods to ensure that companies producing NEDs make consumers aware of their privacy policies, including by potentially mandating that NEDs connect to human interfacing devices on the network, such as a personal laptop, to display the privacy policy for acceptance by the consumer. Interestingly, a representative from Consumer Reports noted that her organization would soon be rating consumer products, such as NEDs, on the basis of privacy, perhaps indicating the increase in the relative value of privacy in the consumer marketplace. Interestingly, this increasing desire to value (and perhaps pay a premium for) privacy could impact consumers’ ability to maintain standing for data breaches, as we have discussed previously.

There was also a discussion regarding big data and discrimination. Specifically, the FTC has two primary concerns about big data. The first is that big data may be used to further discrimination. In the rise of big data analytics, companies may use factors located within their data to unfairly discriminate against people based on attributes that align with discriminatory intent. The second issue concerning big data was whether big data had the potential to be used to exclude companies from the market place. Two panelists agreed that generally, big data was a non-excludable good and could not be used to exclude a company from the marketplace. Facebook was used as an example to support this position, as it rose in prominence despite the market dominance of MySpace in the market for social media data. Of course, the ability to use big data to exclude might well depended on the nature of the data. If the data was highly particular or specialized, then it could theoretically enable a company to exclude other competitors from a market.

Finally, the panel touched upon the current state of the law and regulation for European data transfers. The panel noted that the old US-EU data transfer regime, known as Safe Harbor, had been struck down. The EU has proposed a new regime, known as Privacy Shield, and an Article 29 working group recently provided a non-binding assessment of Privacy Shield’s provisions, indicating that the Privacy Shield policy required some additional modifications. Europe is also overhauling its directive on privacy into a general regulation. This regulation will affect numerous US companies because it regulates both EU companies and companies “pointed at” EU citizens. Among other provisions, it will require data breach notifications within 72 hours and may impose fines up to 4 percent of company turnover (generally, calculated as sales / revenue). Although it will be two years until this regulation goes into effect, its introduction combined with the uncertainty in data transfers in the European market emphasize the necessity for US companies to keep one eye on European requirements in privacy and data security.

While these three initiatives do not capture every focus the FTC will have in the near-term, it does provide some indication of where the FTC sees the issues in privacy and data security heading. Companies should consider the implications of these initiatives, and recognize that the FTC has no intention of reducing or narrowing its regulation of data and privacy security any time in the near future. As always, we will keep our readers up to date on these developments as they come through to fruition. Until then, stay tuned.

 

LexBlog