Consumer Protection Connection

Consumer Protection
Connection

Category Archives: Privacy

Subscribe to Privacy RSS Feed

Agency Comings and Goings

Posted in Data Security, Privacy, Product Safety
This week has seen several significant changes at the Commission level at both the Consumer Product Safety Commission (CPSC) and the Federal Trade Commission (FTC). CPSC After several months of stasis, the Senate voted to confirm Peter Feldman as a Commissioner on the CPSC, with a term expiring October 26, 2019. Feldman takes the place… Continue Reading

NIST Launches Development of Voluntary Privacy Risk Management Framework

Posted in Cybersecurity, Data Security, Privacy
The National Institute of Standards and Technology (NIST) has launched a collaborative effort to develop a voluntary framework that will help organizations manage privacy risks and protect consumer privacy when developing and using innovative technologies. According to NIST, a robust cybersecurity program can help manage risks, but organizations need customizable tools for addressing the challenges… Continue Reading

FTC Approves ESRB’s Updated COPPA Safe Harbor Program

Posted in Data Security, Privacy
The Federal Trade Commission (FTC) approved modifications to the video game industry’s Children’s Online Privacy Protection Act (COPPA) program. Earlier this year, the Entertainment Software Ratings Board (ESRB) proposed several substantive changes intended to take account of recent FTC COPPA rules and guidance. To receive FTC approval, COPPA safe harbor programs must “implement substantially similar… Continue Reading

California Company Settles with FTC over Alleged Privacy Shield Misrepresentations

Posted in Data Security, Privacy
If a company claims to be certified under the EU-U.S. Privacy Shield framework when it hasn’t even completed the paperwork, the Federal Trade Commission (FTC) isn’t likely to let it slide. ReadyTech, a California-based online training services company, made such a claim on its website, in violation of the FTC Act’s prohibition against deceptive acts… Continue Reading

State Data Breach Notification Laws – Overview of Requirements for Responding to a Data Breach – Updated July 2018

Posted in Data Security, Privacy
With the ever-changing complexity of state data breach notification laws, companies facing a data breach need resources that will help them understand the issues. This summary provides an overview of the similarities and differences in data breach laws adopted in the 50 United States and the District of Columbia and includes laws enacted since our… Continue Reading

Online Talent Company Settles with FTC Over Alleged COPPA Violations

Posted in Data Security, Privacy
Online talent search company Explore Talent just landed in the spotlight of the Federal Trade Commission (FTC). The Vegas-based company was charged with violating the Children’s Online Privacy Protection Act (COPPA), which requires that companies collecting information online must obtain informed, verifiable parental consent before collecting any information from a child under 13. The company… Continue Reading

European Court of Justice Throws Out Class Action in Latest Schrems Battle

Posted in Data Security, Privacy
In the latest round of the ongoing battle between Austrian privacy activist Max Schrems and Facebook, the European Court of Justice (CJEU) ruled that Schrems did not have standing to bring claims on behalf of Austrian consumers over Facebook’s alleged violations of users’ privacy rights. The court did, however, allow for Schrems to continue with… Continue Reading

Internal Reforms Announced for FTC’s Bureau of Consumer Protection

Posted in Privacy
The Federal Trade Commission’s Bureau of Consumer Protection is about to undergo reform, according to FTC Acting Chairman Maureen Ohlhausen. In a press release issued on July 17, the FTC stated that the changes are part of an ongoing initiative to simplify information requests and improve transparency that began last April, when Ohlhausen announced new… Continue Reading

FTC Announces Date for PrivacyCon 2018 and Call for Presentations

Posted in Privacy
The Federal Trade Commission (FTC) has announced that its third annual PrivacyCon will take place in Washington, D.C., on February 28, 2018.  The conference will bring together researchers, academics, industry representatives, consumer advocates, and government representatives to explore an array of consumer privacy and data security issues, with a particular focus on emerging technologies, such… Continue Reading

Are Your Security Tools Up to Date?

Posted in Cybersecurity, Data Security, Privacy
The effects of the massive cyberattack using ransomware known as “Wanna Cry” are still being felt all over the world. Tens of thousands of organizations have been infected, including the UK’s National Health Service, which ran some services on an emergency-only basis the day the attack began in earnest. Some security experts surmise that the… Continue Reading

FTC Seeks Comments on Proposed Changes to TRUSTE’s COPPA Safe Harbor Program

Posted in Privacy
In a Federal Register notice, the FTC has asked for comments on intended changes to TRUSTe’s existing safe harbor program under the Children Online Privacy Protection Act (COPPA). TRUSTe proposed the changes following its settlement earlier this month with the New York Attorney General over allegations that the compliance and security company did not adequately… Continue Reading

TRUSTe Settles COPPA Safe Harbor Enforcement Action with NYAG

Posted in Privacy
TRUSTe has settled allegations by the New York Attorney General that it did not adequately assess whether companies certified under its Children’s Online Privacy Protection Act (COPPA) Safe Harbor seal program allowed third party sites to track children. TRUSTe agreed to pay $100,000 and will be required to adopt new procedures to make its COPPA… Continue Reading

FCC Takes Initial Step to Give Privacy, Security Authority Back to FTC

Posted in Privacy
On March 1, the Federal Communications Commission (FCC) granted a temporary stay of one of the broadband privacy rules adopted in October of last year. That rule, which pertains to data security, would otherwise take effect on March 2. Newly installed FCC Chairman Ajit Pai and Federal Trade Commission (FTC) Acting Chair Maureen Ohlhausen issued… Continue Reading

Sealed: Three IT Companies Settle FTC Deceptive APEC Privacy Claims

Posted in Advertising, Privacy
If a business advertises it is a member of a privacy program, even a voluntary one, it had better be, according to the Federal Trade Commission (FTC). In separate but related complaints, the FTC alleged that three businesses – software provider Sentinel Labs Inc., private messaging app developer SpyChatter Inc., and cybersecurity software company Vir2us… Continue Reading

FCC Grants TCPA Relief to Energy Utilities and Schools

Posted in Data Security, Privacy
On August 4, 2016, the Federal Communications Commission (FCC) released a Declaratory Ruling granting in part two separate petitions that were filed last year – one by the Edison Electric Institute and American Gas Association, and another by Blackboard, Inc. – regarding application of the Telephone Consumer Protection Act of 1991 (TCPA) to certain types… Continue Reading

Shielded: EU Approves Privacy Pact with the U.S., Fee Schedule Proposed

Posted in Cybersecurity, Privacy
The European Commission (EC) approved the EU–U.S. Privacy Shield on Tuesday, July 12, after European Union member states, through the Article 31 committee, approved the pact the previous week (more on the draft adequacy decision back in March here and the earlier agreement laying out the Privacy Shield here). The decision will allow U.S. companies that… Continue Reading

State Data Breach Notification Laws – Overview of Requirements for Responding to a Data Breach (Updated June 2016)

Posted in Data Security, Privacy, Regulations
We have updated our summary of state data breach notification laws in light of recent amendments to some of the laws since our last update in September 2015. Notably, Tennessee amended its data breach notification law, the Identity Theft Deterrence Act, effective July 1, 2016, by eliminating an encryption safe harbor and requiring that affected… Continue Reading

Preparing for the EU General Data Protection Regulation: A Checklist for Businesses

Posted in Data Security, Privacy
The new European Union General Data Protection Regulation (GDPR) (Regulation 2016/679, Apr. 27, 2016) will replace the Data Protection Directive (Directive 95/46/EC) effective May 25, 2018.  The GDPR has been a long time coming, and introduces a host of new requirements for companies that use or process data in the EU, or simply use or… Continue Reading
.
Consumer Protection Connection

We and our analytics and advertising providers may use cookies and similar technologies to enhance the browsing experience, facilitate sharing of content, and generate statistics about use of the website. For more information or to change your preferences, click here.

I Agree