In 2015, Verizon found itself in hot water over charges it was using a “super cookie” that continued to operate even when users believed they had opted out of mobile phone data tracking. Verizon allegedly then sent the data obtained to a third party for targeted advertising purposes without its customers’ consent. Verizon settled with
California Department of Toxic Substances Control Releases Draft Alternatives Analysis Guide
On December 12, 2016, the California Department of Toxic Substances Control (DTSC) released a draft Alternatives Analysis (AA) Guide under the state’s green chemistry program, Safer Consumer Products (SCP). Under the SCP program, product designers and manufacturers are encouraged to reduce or eliminate the use of certain targeted chemicals in their products, and the Guide
Avoid Being Held Hostage: FTC Releases Ransomware Guidance
New research from security company Kaspersky Labs suggests that the use of ransomware is now so widespread that nearly every moment, a ransomware attack is being launched somewhere in the world on businesses and consumers.
Ransomware, or malicious software that infiltrates computer systems and uses tools like encryption to deny access or hold data “hostage”
Best Buy Agrees to Pay $3.8 Million for Selling Recalled Products
Mega-retailer Best Buy agreed to pay $3.8 million to settle allegations that the company distributed and sold recalled products, a violation of the Consumer Product Safety Act (CPSA) after the 2008 amendments. U.S. Consumer Product Safety Commission (CPSC) staff alleged that the retailer sold more than 600 recalled units, including over 400 Canon cameras, to
Another State AG Weighs in on Children’s Privacy
Texas Attorney General (AG) Ken Paxton announced a settlement with an app developer over concerns that the developer’s apps infringed children’s privacy.
The developer, Juxta Labs, Inc., offers a range of mobile apps and games. According to the AG’s press release, the company’s apps and social media were easy for children of any age to
NTIA Announces Multistakeholder Workshop on IoT Security Patching
The National Telecommunications and Information Administration (NTIA) has announced it is convening a series of multistakeholder meetings concerning Internet of Things (IoT) Security Upgradability and Patching. The initial meeting will be held in Austin, Texas, on October 19, 2016. An associated Federal Register notice (expected to be published September 19, 2016) describes the short-term goal
Shielded: EU Approves Privacy Pact with the U.S., Fee Schedule Proposed
The European Commission (EC) approved the EU–U.S. Privacy Shield on Tuesday, July 12, after European Union member states, through the Article 31 committee, approved the pact the previous week (more on the draft adequacy decision back in March here and the earlier agreement laying out the Privacy Shield here). The decision will allow U.S.
The Scrutiny Continues: Social Media Activities Continue to Draw Consumers and Consumer Protection Enforcement Alike
Since we last wrote about how marketers can craft social media policies to offer engaging promotions while meeting the scrutiny of regulators, social media has continued to be a popular venue for marketers to reach consumers. The Federal Trade Commission (FTC) has also kept the spotlight on compliance with the FTC Guides Concerning Use of
State Data Breach Notification Laws – Overview of Requirements for Responding to a Data Breach (Updated June 2016)
We have updated our summary of state data breach notification laws in light of recent amendments to some of the laws since our last update in September 2015.
Notably, Tennessee amended its data breach notification law, the Identity Theft Deterrence Act, effective July 1, 2016, by eliminating an encryption safe harbor and requiring that
FAA Paves the Way for More Ubiquitous Use of Drones
On June 21, 2016, the Federal Aviation Administration (FAA) released its much-anticipated new Small Unmanned Aircraft System (UAS) Rule (Part 107). Simultaneously with its release, the White House issued a Fact Sheet for the new Rule. The Rule permits the operation of small UAS (an unmanned aircraft weighing less than 55 pounds) in the National