U.S. Senate leaders may be close to reaching an agreement on a legislative proposal that would establish a national data breach notification and security standard (the Data Acquisition and Technology Accountability and Security Act) which would streamline nationwide … Continue Reading
On February 28, 2018, the Federal Trade Commission (FTC) hosted its third Privacy Con conference in Washington D.C., an event that highlights research and facilitates discussion of the latest research and trends related to consumer privacy and data security. The … Continue Reading
On January 8, 2018, the FTC announced that VTech, maker of electronic toys for children, agreed to settle charges that it violated the law by collecting personal information without parental consent.
When Congress enacted the Children’s Online Privacy Protection Act … Continue Reading
The Federal Trade Commission (FTC) and U.S. Department of Education (ED) increasingly are responding to concerns about educational technology and its ability to capture and manipulate massive quantities of private student and parent data. “EdTech,” as it is called, broadly … Continue Reading
On September 15, 2017, the Trump White House released a Press Release regarding the EU-U.S. Privacy Shield—reiterating that they “firmly believe that the upcoming review [of the EU-U.S. Privacy Shield] will demonstrate the strength of the American promise to protect … Continue Reading
Building on the FTC’s “Start with Security” guide for businesses, the agency launched the “Stick with Security” blog on July 21, 2017. The blog provides additional guidance on each of the 10 fundamental principles of data … Continue Reading
The FTC has updated its Children’s Online Privacy Protection Rule (COPPA) Six-Step Compliance Plan for Your Business “to reflect developments in the marketplace” – including the introduction of internet-connected toys and the Internet of Things.
COPPA applies to operators of … Continue Reading
On January 23, 2017, the FTC released a new report outlining its recommendations for companies using cross-device tracking. The report focused on the FTC’s continued commitment to consumer choice, transparency, and security.
What is cross-device tracking?
Cross-device tracking occurs when … Continue Reading
In another twist in the LabMD case, LabMD has succeeded in obtaining a delay on the FTC’s enforcement action during its appeal. Of course, the substantive issues remain to be determined.
In 2013, the Federal Trade Commission (FTC) issued … Continue Reading
The Federal Trade Commission (FTC) is conducting a three-part fall conference workshop on select technology issues. The first conference was held on September 7th about ransomware. The second conference was held on October 13th about Drones and … Continue Reading
Beginning early on October 21, 2016, Dyn, a New Hampshire based internet service company, was the victim of three distributed denial of service (DDoS) attacks. The first attack began at 7am ET and was resolved within about two hours. A … Continue Reading
As anticipated, things are getting even more exciting with the case previously covered in Password Protected. Specifically, LabMD is appealing the landmark data security case between it and the Federal Trade Commission (“FTC”) that examines an alleged data breach, … Continue Reading
While much of Washington, D.C. is enjoying the slow and hazy days of summer, the Federal Trade Commission (FTC) is staying busy solidifying its presence as the go-to authority for data security. Most recently, on July 29, 2016, the FTC … Continue Reading
Since its release on July 6, 2016, Pokémon Go has unofficially become the most successful mobile app to date. Generating over 2 million dollars in revenue per day, it already has more daily users than Twitter, and the highest average … Continue Reading
Consider this: A 42-year-old man arrives at the emergency room showing signs of a heart attack. The ER doctors, using the patient’s activity tracker—in this case, a Fitbit® —are able to pinpoint when the patient’s normal heartrate of 70 bpm … Continue Reading
On March 2, 2016, the Consumer Financial Protection Bureau (CFPB) filed the first consent order (Order) addressing data privacy since the CFPB’s inception in 2010. The Order serves as a warning to all companies that collect, store and use sensitive … Continue Reading
In late 2015, Congress passed the Fixing America’s Surface Transportation Act − a vehicle for an amendment to the Gramm-Leach-Bliley Act (GLBA) meant to eliminate the need for certain companies to provide annual privacy disclosures to consumers.
The amendment, which … Continue Reading
On December 17, 2015, the Federal Trade Commission (FTC) announced a $100 million settlement with LifeLock, Inc., to resolve litigation with the FTC and a national class of consumers relating to LifeLock’s marketing representations and information security programs. The settlement … Continue Reading
The Federal Trade Commission (FTC) and Federal Communications Commission (FCC) recently formalized an agreement to cooperate when regulating the “deceptive, unfair, unjust and/or unreasonable” acts and practices of common carriers. In addition to outlining the scope of the agencies’ enforcement … Continue Reading
Last week, the FTC launched a new resource, www.identitytheft.gov, designed to help victims report and recover from identity theft. It provides basic steps that all identify theft victims should take and offers interactive checklists that can be used online … Continue Reading
The Federal Trade Commission (FTC) recently announced formation of its Office of Technology Research and Investigation (OTRI), an office meant to “ensure that consumers enjoy the benefits of technological progress without being placed at risk of deceptive and unfair practices.” … Continue Reading
Last week, President Obama proposed wide-reaching legislation to establish a uniform, nationwide standard for data breach notifications that envisions a significant enforcement role for the Consumer Financial Protection Bureau (CFPB). The proposal, titled the Personal Data Notification and Protection Act, … Continue Reading
The FTC’s recent settlement with a medical online payments company and its former CEO highlights the importance of using clear and non-deceptive notices when asking consumers to share or provide sensitive personal health information.
The FTC is continuing its trend of enforcement actions against mobile application companies. Most recently, the FTC settled with Snapchat—yet another mobile application provider that allegedly failed to keep its word to consumers regarding data privacy and security. (Previously we … Continue Reading