Consumer Protection Connection

Consumer Protection
Connection

Tracy Marshall

Subscribe to all posts by Tracy Marshall

FTC Announces Date for PrivacyCon 2018 and Call for Presentations

Posted in Privacy
The Federal Trade Commission (FTC) has announced that its third annual PrivacyCon will take place in Washington, D.C., on February 28, 2018.  The conference will bring together researchers, academics, industry representatives, consumer advocates, and government representatives to explore an array of consumer privacy and data security issues, with a particular focus on emerging technologies, such… Continue Reading

White House Issues New Cybersecurity Executive Order

Posted in Cybersecurity
On May 11, President Trump issued Executive Order Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, which centers on federal networks, critical infrastructure, and the nation’s overall cybersecurity. The order largely expands on cybersecurity recommendations developed during the Obama administration. The order calls for a review of vulnerabilities and preparedness by the Secretary of… Continue Reading

Are Your Security Tools Up to Date?

Posted in Cybersecurity, Data Security, Privacy
The effects of the massive cyberattack using ransomware known as “Wanna Cry” are still being felt all over the world. Tens of thousands of organizations have been infected, including the UK’s National Health Service, which ran some services on an emergency-only basis the day the attack began in earnest. Some security experts surmise that the… Continue Reading

FTC Seeks Comments on Proposed Changes to TRUSTE’s COPPA Safe Harbor Program

Posted in Privacy
In a Federal Register notice, the FTC has asked for comments on intended changes to TRUSTe’s existing safe harbor program under the Children Online Privacy Protection Act (COPPA). TRUSTe proposed the changes following its settlement earlier this month with the New York Attorney General over allegations that the compliance and security company did not adequately… Continue Reading

FTC Warns Influencers to be Clear About Endorsements on Social Media

Posted in Advertising
Everyone who is anyone is on Instagram these days, apparently. But not all posts on the photo-sharing platform are purely organic; some result from material connections between influencer or celebrity posters and the brands or products they are endorsing. This connection is not always made clear to viewers, however, according to the Federal Trade Commission… Continue Reading

TRUSTe Settles COPPA Safe Harbor Enforcement Action with NYAG

Posted in Privacy
TRUSTe has settled allegations by the New York Attorney General that it did not adequately assess whether companies certified under its Children’s Online Privacy Protection Act (COPPA) Safe Harbor seal program allowed third party sites to track children. TRUSTe agreed to pay $100,000 and will be required to adopt new procedures to make its COPPA… Continue Reading

Government Agencies to be Rated on Cybersecurity Using NIST Framework

Posted in Cybersecurity
The Trump administration has announced that it will impose new metrics on federal agencies related to cybersecurity.  Agencies and departments will be required to comply with the framework developed by the National Institute of Standards and Technology (NIST) and report back to the Department of Homeland Security (DHS), the Office of Management and Budget (OMB),… Continue Reading

FCC Takes Initial Step to Give Privacy, Security Authority Back to FTC

Posted in Privacy
On March 1, the Federal Communications Commission (FCC) granted a temporary stay of one of the broadband privacy rules adopted in October of last year. That rule, which pertains to data security, would otherwise take effect on March 2. Newly installed FCC Chairman Ajit Pai and Federal Trade Commission (FTC) Acting Chair Maureen Ohlhausen issued… Continue Reading

Sealed: Three IT Companies Settle FTC Deceptive APEC Privacy Claims

Posted in Advertising, Privacy
If a business advertises it is a member of a privacy program, even a voluntary one, it had better be, according to the Federal Trade Commission (FTC). In separate but related complaints, the FTC alleged that three businesses – software provider Sentinel Labs Inc., private messaging app developer SpyChatter Inc., and cybersecurity software company Vir2us… Continue Reading

Smart TV Tracking Without Permission? Not So Clever

Posted in Privacy
Have you ever had the niggling suspicion your television was watching you?  Apparently, if it was made by smart technology manufacturer VIZIO, it very well may have been.  In a $2.2 million settlement with the Federal Trade Commission (FTC) and the New Jersey Attorney General, VIZIO acknowledged that it collected and sold data from 11… Continue Reading

NIST Issues New Update to Cybersecurity Framework

Posted in Cybersecurity
On January 10, 2017, the National Institute of Standards and Technology (NIST) released an update to its Cybersecurity Framework, first issued in 2014. The Framework focuses on using business drivers to guide cybersecurity activities and considering cybersecurity risks as part of the organization’s risk management processes. The new draft provides details on managing cyber supply… Continue Reading

Turn, Inc. Settles with FTC Over Deceptive Consumer Tracking

Posted in Privacy
In 2015, Verizon found itself in hot water over charges it was using a “super cookie” that continued to operate even when users believed they had opted out of mobile phone data tracking. Verizon allegedly then sent the data obtained to a third party for targeted advertising purposes without its customers’ consent. Verizon settled with… Continue Reading

Avoid Being Held Hostage: FTC Releases Ransomware Guidance

Posted in Cybersecurity
New research from security company Kaspersky Labs suggests that the use of ransomware is now so widespread that nearly every moment, a ransomware attack is being launched somewhere in the world on businesses and consumers. Ransomware, or malicious software that infiltrates computer systems and uses tools like encryption to deny access or hold data “hostage”… Continue Reading

Another State AG Weighs in on Children’s Privacy

Posted in Privacy
Texas Attorney General (AG) Ken Paxton announced a settlement with an app developer over concerns that the developer’s apps infringed children’s privacy. The developer, Juxta Labs, Inc., offers a range of mobile apps and games.  According to the AG’s press release, the company’s apps and social media were easy for children of any age to… Continue Reading

NTIA Announces Multistakeholder Workshop on IoT Security Patching

Posted in Cybersecurity, Data Security
The National Telecommunications and Information Administration (NTIA) has announced it is convening a series of multistakeholder meetings concerning Internet of Things (IoT) Security Upgradability and Patching. The initial meeting will be held in Austin, Texas, on October 19, 2016. An associated Federal Register notice (expected to be published September 19, 2016) describes the short-term goal… Continue Reading

FCC Grants TCPA Relief to Energy Utilities and Schools

Posted in Data Security, Privacy
On August 4, 2016, the Federal Communications Commission (FCC) released a Declaratory Ruling granting in part two separate petitions that were filed last year – one by the Edison Electric Institute and American Gas Association, and another by Blackboard, Inc. – regarding application of the Telephone Consumer Protection Act of 1991 (TCPA) to certain types… Continue Reading

Shielded: EU Approves Privacy Pact with the U.S., Fee Schedule Proposed

Posted in Cybersecurity, Privacy
The European Commission (EC) approved the EU–U.S. Privacy Shield on Tuesday, July 12, after European Union member states, through the Article 31 committee, approved the pact the previous week (more on the draft adequacy decision back in March here and the earlier agreement laying out the Privacy Shield here). The decision will allow U.S. companies that… Continue Reading

The Scrutiny Continues: Social Media Activities Continue to Draw Consumers and Consumer Protection Enforcement Alike

Posted in Advertising, Enforcement
Since we last wrote about how marketers can craft social media policies to offer engaging promotions while meeting the scrutiny of regulators, social media has continued to be a popular venue for marketers to reach consumers. The Federal Trade Commission (FTC) has also kept the spotlight on compliance with the FTC Guides Concerning Use of… Continue Reading

State Data Breach Notification Laws – Overview of Requirements for Responding to a Data Breach (Updated June 2016)

Posted in Data Security, Privacy, Regulations
We have updated our summary of state data breach notification laws in light of recent amendments to some of the laws since our last update in September 2015. Notably, Tennessee amended its data breach notification law, the Identity Theft Deterrence Act, effective July 1, 2016, by eliminating an encryption safe harbor and requiring that affected… Continue Reading

Supreme Court Requires Plaintiffs to Show Harm or Risk of Harm, Not Bare Procedural Violation, to Get Statutory Damages

Posted in Cybersecurity, Data Security, Litigation, Privacy
Joe Ravi | CC-BY-SA 3.0 Last year, we noted that the Supreme Court had granted certiorari in a case that could limit the ability of plaintiffs to sue defendants over bare statutory violations without the showing of actual injury. The case implicates a wide variety of statutes that grant monetary awards to successful plaintiffs on… Continue Reading

GDPR Publication Starts Countdown to May 2018 Compliance Date for New Privacy Rules

Posted in Legislation, Privacy, Regulations
The new General Data Protection Regulation (GDPR) (Regulation 2016/69, Apr. 27, 2016), approved by the European Parliament and the Council of the European Union, was formally published in the Official Journal of the European Union on May 4, 2016, and will replace the Data Protection Directive (Directive 95/46/EC) effective May 28, 2018. This new set… Continue Reading

NTIA Steps into IoT Debate

Posted in Cybersecurity, Privacy
Continuing its tradition of active involvement in digital economy questions, the Department of Commerce’s (DOC) National Telecommunications and Information Administration (NTIA) issued a request for public comment on questions posed by the growth of the Internet of Things (IoT). The explosive growth of connected products, anticipated to reach 25 billion by 2020, is one reason… Continue Reading
.
Consumer Protection Connection