In the matter of LabMD Inc. v. Federal Trade Commission, case number 16-16270, the U.S. Court of Appeals for the Eleventh Circuit ruled against the FTC, finding that the order against LabMD for lax data security measures was … Continue Reading
U.S. Senate leaders may be close to reaching an agreement on a legislative proposal that would establish a national data breach notification and security standard (the Data Acquisition and Technology Accountability and Security Act) which would streamline nationwide … Continue Reading
On January 8, 2018, the FTC announced that VTech, maker of electronic toys for children, agreed to settle charges that it violated the law by collecting personal information without parental consent.
When Congress enacted the Children’s Online Privacy Protection Act … Continue Reading
Building on the FTC’s “Start with Security” guide for businesses, the agency launched the “Stick with Security” blog on July 21, 2017. The blog provides additional guidance on each of the 10 fundamental principles of data … Continue Reading
In another twist in the LabMD case, LabMD has succeeded in obtaining a delay on the FTC’s enforcement action during its appeal. Of course, the substantive issues remain to be determined.
In 2013, the Federal Trade Commission (FTC) issued … Continue Reading
As anticipated, things are getting even more exciting with the case previously covered in Password Protected. Specifically, LabMD is appealing the landmark data security case between it and the Federal Trade Commission (“FTC”) that examines an alleged data breach, … Continue Reading
While much of Washington, D.C. is enjoying the slow and hazy days of summer, the Federal Trade Commission (FTC) is staying busy solidifying its presence as the go-to authority for data security. Most recently, on July 29, 2016, the FTC … Continue Reading
LifeLock, Inc. made headlines in December 2015 when it finalized a $100 million settlement with the Federal Trade Commission—the largest monetary award ever in an FTC order enforcement action. As reported by McGuireWoods’ Password Protected blog, the 2015 enforcement action … Continue Reading
As businesses and financial institutions grapple with data security in the wake of high profile breaches, tensions between retailers and the credit card industry over the creation and implementation of security standards appear to be growing. The disagreements between these … Continue Reading
On December 17, 2015, the Federal Trade Commission (FTC) announced a $100 million settlement with LifeLock, Inc., to resolve litigation with the FTC and a national class of consumers relating to LifeLock’s marketing representations and information security programs. The settlement … Continue Reading
The Federal Trade Commission (FTC) and Federal Communications Commission (FCC) recently formalized an agreement to cooperate when regulating the “deceptive, unfair, unjust and/or unreasonable” acts and practices of common carriers. In addition to outlining the scope of the agencies’ enforcement … Continue Reading
The Federal Trade Commission (FTC) recently announced formation of its Office of Technology Research and Investigation (OTRI), an office meant to “ensure that consumers enjoy the benefits of technological progress without being placed at risk of deceptive and unfair practices.” … Continue Reading
Last week, President Obama proposed wide-reaching legislation to establish a uniform, nationwide standard for data breach notifications that envisions a significant enforcement role for the Consumer Financial Protection Bureau (CFPB). The proposal, titled the Personal Data Notification and Protection Act, … Continue Reading
The FTC’s recent settlement with a medical online payments company and its former CEO highlights the importance of using clear and non-deceptive notices when asking consumers to share or provide sensitive personal health information.
The Federal Trade Commission (FTC) has been busy this April bringing, litigating and settling privacy and cybersecurity-related actions. Below is a summary of the notable privacy and cybersecurity related actions thus far this month.
April 7: Jerk.com Charged with Deceiving … Continue Reading