The Federal Trade Commission (FTC) and U.S. Department of Education (ED) increasingly are responding to concerns about educational technology and its ability to capture and manipulate massive quantities of private student and parent data. “EdTech,” as it is called, broadly refers to online curriculum and instructional materials accessed by school and personal devices. EdTech has

On September 15, 2017, the Trump White House released a Press Release regarding the EU-U.S. Privacy Shield—reiterating that they “firmly believe that the upcoming review [of the EU-U.S. Privacy Shield] will demonstrate the strength of the American promise to protect the personal data of citizens on both sides of the Atlantic.”

The first alliance of

Building on the FTC’s “Start with Security” guide for businesses, the agency launched the “Stick with Security” blog on July 21, 2017. The blog provides additional guidance on each of the 10 fundamental principles of data security through hypotheticals based on FTC decisions, questions submitted, and FTC enforcement actions. Each week,

In another twist in the LabMD case, LabMD has succeeded in obtaining a delay on the FTC’s enforcement action during its appeal.  Of course, the substantive issues remain to be determined.

In 2013, the Federal Trade Commission (FTC) issued an administrative complaint against LabMD for alleged “unfair” data security practices culminating in an Opinion

Beginning early on October 21, 2016, Dyn, a New Hampshire based internet service company, was the victim of three distributed denial of service (DDoS) attacks.   The first attack began at 7am ET and was resolved within about two hours.  A second attack began just before noon and a third attack just after 4pm ET.  Described

As anticipated, things are getting even more exciting with the case previously covered in Password Protected.  Specifically, LabMD is appealing the landmark data security case between it and the Federal Trade Commission (“FTC”) that examines an alleged data breach, despite the absence of identifiable harm. The case is poised to become a major driver

While much of Washington, D.C. is enjoying the slow and hazy days of summer, the Federal Trade Commission (FTC) is staying busy solidifying its presence as the go-to authority for data security. Most recently, on July 29, 2016, the FTC issued a unanimous Opinion and Final Order against LabMD, Inc., for its unreasonable data security

LifeLock, Inc. made headlines in December 2015 when it finalized a $100 million settlement with the Federal Trade Commission—the largest monetary award ever in an FTC order enforcement action. As reported by McGuireWoods’ Password Protected blog, the 2015 enforcement action stemmed from allegations that LifeLock breached a 2010 settlement with the FTC mandating, among other

Consider this: A 42-year-old man arrives at the emergency room showing signs of a heart attack. The ER doctors, using the patient’s activity tracker—in this case, a Fitbit® —are able to pinpoint when the patient’s normal heartrate of 70 bpm jumped up to 190 bpm.  On the device’s mobile health app, the doctors are able