On January 7, 2020, the National Institute of Standards and Technology (NIST) released a draft of revised cybersecurity recommendations for IoT devices at both the pre-market and post-market stages. NISTIR 8259, Recommendations for IoT Device Manufacturers: Foundational Activities and Core Device Cybersecurity Capability Baseline, identifies six voluntary steps manufacturers should take to account
The EU Advocate General Opinion is Out: Standard Contractual Clauses are Valid
Businesses that rely on standard contractual clauses (SSCs) to transfer personal data outside the European Economic Area (EEA) just got good news. The long-awaited decision from the EU Advocate General (AG) is here: SCCs are valid. The AG’s opinion, although non-binding, is significant for the case brought by Austrian privacy activist Max Schrems against Facebook,
FTC Gives Energy Labeling Rule a Facelift
The Federal Trade Commission (FTC)’s Energy Labeling Rule has a new look. Following a public comment period, the FTC issued amendments to the Energy Labeling Rule that reorganize the Rule’s product descriptions and categories to make them clearer and simpler for stakeholders to understand and apply. But the FTC’s changes are cosmetic – the agency
FTC Publishes Practical Guidance for Influencers
From beauty gurus on Instagram to product reviewers on YouTube, influencers are big business for brands. However, the intentions aren’t always clear when reading the advice of a celebrity fitness trainer who was paid for his endorsement or watching a video of a fashionista who just received a new wardrobe from the clothing company she
FTC Says “Stalking” Apps Violate COPPA and the FTC Act
You know that movie where a person thinks they’ve barricaded themselves in their house against a stalker, only to grasp the awful realization that the threat is “coming from inside the house”? Unbeknownst to you, that threat may, in fact, be coming from your smartphone, according to a complaint by the Federal Trade Commission (FTC).
Reevaluating the COPPA Rule
In the two decades following the enactment of the Children’s Online Privacy Protection (COPPA) Rule, technological developments have changed the online landscape considerably. Recognizing this, the Federal Trade Commission (FTC) held a public workshop on October 7, 2019, to discuss whether, given the proliferation of smart devices, video games, online channels, and EdTech, the Rule,
Truly Organic? Not Really, Says FTC
Many consumers are drawn to products advertised as healthy and natural, and will often pay a premium for organic products, from foods to personal care items to clothing. But the Federal Trade Commission (FTC) takes a dim view of companies that don’t live up to their green promises. Case in point: Miami-based Truly Organic and
What’s Next After Facebook’s Record $5 Billion Fine and Cambridge Analytica?
Facebook is facing some big changes after the Federal Trade Commission (FTC) settled with the social media giant over charges that it violated an earlier consent agreement. The company will pay a penalty of $5 billion, which is not only the biggest privacy fine in history, but also, according to FTC commissioner Noah Phillips, “almost
Equifax to Pay Largest-Ever Data Breach Settlement
The Equifax data breach was one of the most massive data breaches of all time, and it has resulted in the biggest settlement for a data breach to date. After two years of investigations at the state and federal levels, credit reporting agency Equifax has agreed to a $675 million – up to possibly $700
FTC and D-Link Settle Data Security Dispute
After protracted litigation, the Federal Trade Commission (FTC) entered into a proposed settlement with computer software manufacturer D-Link over charges that the company misrepresented the security of its wireless routers and Internet-connected cameras and failed to take reasonable software testing and remediation measures to protect the devices.
As we previously reported, part of the