Privacy Insider Newsletter | Data Privacy News Delivered Weekly

VPPA: The 40-Year-Old Law Being Used to Protect Privacy

Written by Arlo Gilbert | Jun 1, 2023 3:30:00 PM

Hello all, and happy Thursday!  

Recently, the Boston Globe settled a lawsuit for $5 million on the grounds that it had violated plaintiffs’ privacy and the Video Privacy Protection Act, or VPPA. On its own, this isn’t especially remarkable—nowadays, as businesses, laws, technologies, and the public adjust to the new privacy-first era, fines and settlements are commonplace. 

However, the settlement does illustrate the lopsided, patchwork nature of privacy in the United States. To see why, we’ll have to look back to 1987. 

 When Justice Lewis Powell announced his retirement from the Supreme Court in 1987, President Reagan nominated Robert Bork to serve as his replacement. What followed was a hotly contested debate over Bork’s suitability as a Supreme Court candidate. The debate became so fierce that Bork’s video rental history was leaked to the press in the hopes that it contained something scandalous. 

There was nothing particularly scandalous within Bork’s video rental history. However, it seems that some Congress members realized that their own video rental history did contain some titles they’d rather keep private. Soon after, Congress passed the VPPA.  

The law prohibits the “wrongful disclosure of video tape rental or sale records [or similar audio visual materials, to cover items such as video games and the future DVD format].” 

 There aren’t many video cassette rental stores anymore, but video remains a staple of the average media diet—and video providers still funnel individuals’ viewing data to third parties. In the case of the Boston Globe suit, the Globe used Facebook’s tracking pixel to provide the social media company with viewing data that could be used for targeted advertising without disclosing this data transfer to viewers and without offering a means of opting out.  

 Thus, a nearly four-decade-old law inspired by a Supreme Court candidate’s viewing habits is being used—successfully—to provide the data privacy protection that Americans otherwise lack. It’s a pretty convoluted method just to prevent Facebook from seeing what videos you’ve watched. Without a comprehensive U.S. data privacy law, it’ll have to suffice. 

Best, 

Arlo 

P.S. If you haven’t already seen it, take a look at this press release to hear more about some of the latest and greatest developments happening at Osano!

 

Top Privacy Stories of the Week

 

The Globe Agrees to a $5m Settlement for Sending User Video Data to Facebook 

Boston Globe has agreed to settle a $5 million class action lawsuit filed by a California man over an alleged violation of the Video Privacy Protection Act. Specifically, the plaintiff alleged that the Globe was funneling his viewing habits and browsing data to Facebook via its tracking pixel without his consent. 

Read more 

UK ICO Publishes New Guidance on Subject Access Requests 

The UK Information Commissioner’s Office (ICO) recently published new guidance on how businesses and employers should respond to subject access requests. The guidance touches on questions about when to seek clarification from the requester, what information should or can be withheld from a subject access request, and more.  

Read more 

European Commission, Google Working on AI Governance Standards 

EU industry chief Thierry Breton recently released a statement announcing the formation of a voluntary pact between the European Commission and Google to develop an agreement on universal rules for AI in advance of the AI Act. The collaboration is intended to address the rapid advances in AI technology and future advances that may be made prior to the release of the AI Act. 

Read more 

The Government Can’t Seize Your Data—But It Can Buy It 

The U.S. Constitution prohibits the government from seizing your personal data without due process, but there are no prohibitions against purchasing said data from data brokers. Reportedly, the FBI, the military, and several other government and regulatory agencies regularly purchase personal data from data brokers. 

Read more 

Indiana Doctor Who Reported Ohio 10-year-old’s Abortion Violated Privacy Laws, Medical Board Finds 

After performing an abortion on a 10-year-old rape victim, Dr. Caitlin Bernard provided patient details to the press in an effort to bring awareness around the impacts that have been created by the Supreme Courts decision to overrule Roe V. Wade. Recently, the Indiana Medical Licensing Board found that Dr. Bernard violated patient privacy in doing so. Although her license could have been revoked, the Board levied a $3,000 fine against Dr. Bernard instead. 

Read more 

Osano Blog: Establish Total Customer Trust With a Commitment to Data Privacy 

Nowadays, data privacy is one of consumers’ chief concerns. For businesses, this should represent an opportunity to build trust with their customers. Osano’s Head of Privacy, Rachael Ormiston, explains how in this blog.  

Read more 

If you’re interested in working at Osano, check out our Careers page! We might have the perfect opportunity for you.