Sheila Millar and Boaz Green discuss CPSC’s activities in 2018 and give their predictions on possible agency actions in the coming year in the Law360 article “CPSC Is Shifting Toward Voluntary Standards” (Feb. 6). Law360 featured the article in its newsletter sections for Consumer Protection, Cybersecurity, and Product Safety. To read the full article, click… Continue Reading
Search Results for:
FTC Releases Cybersecurity Resources for Small Businesses
Posted in Cybersecurity, Data Security, PrivacySmall businesses face the same cybersecurity risks as large multinationals but lack a large IT infrastructure to help protect themselves. At the direction of former Federal Trade Commission (FTC) Acting Chairman Maureen Ohlhausen, the FTC launched a new cybersecurity campaign aimed at helping small businesses navigate the ever-evolving cyber landscape, coordinated with the Department of… Continue Reading
National Privacy Legislation May be on the Horizon
Posted in PrivacyThe recent passage of the California Consumer Privacy Act (CCPR) earlier this summer and the entry into force of the General Data Protection Regulation (GDPR) last May has put consumer privacy squarely on the national agenda. Now there are signs that government is responding. While a number of privacy bills have been introduced in Congress… Continue Reading
Agency Comings and Goings
Posted in Data Security, Privacy, Product SafetyThis week has seen several significant changes at the Commission level at both the Consumer Product Safety Commission (CPSC) and the Federal Trade Commission (FTC). CPSC After several months of stasis, the Senate voted to confirm Peter Feldman as a Commissioner on the CPSC, with a term expiring October 26, 2019. Feldman takes the place… Continue Reading
NIST Launches Development of Voluntary Privacy Risk Management Framework
Posted in Cybersecurity, Data Security, PrivacyThe National Institute of Standards and Technology (NIST) has launched a collaborative effort to develop a voluntary framework that will help organizations manage privacy risks and protect consumer privacy when developing and using innovative technologies. According to NIST, a robust cybersecurity program can help manage risks, but organizations need customizable tools for addressing the challenges… Continue Reading
FTC Approves ESRB’s Updated COPPA Safe Harbor Program
Posted in Data Security, PrivacyThe Federal Trade Commission (FTC) approved modifications to the video game industry’s Children’s Online Privacy Protection Act (COPPA) program. Earlier this year, the Entertainment Software Ratings Board (ESRB) proposed several substantive changes intended to take account of recent FTC COPPA rules and guidance. To receive FTC approval, COPPA safe harbor programs must “implement substantially similar… Continue Reading
California Company Settles with FTC over Alleged Privacy Shield Misrepresentations
Posted in Data Security, PrivacyIf a company claims to be certified under the EU-U.S. Privacy Shield framework when it hasn’t even completed the paperwork, the Federal Trade Commission (FTC) isn’t likely to let it slide. ReadyTech, a California-based online training services company, made such a claim on its website, in violation of the FTC Act’s prohibition against deceptive acts… Continue Reading
State Data Breach Notification Laws – Overview of Requirements for Responding to a Data Breach – Updated July 2018
Posted in Data Security, PrivacyWith the ever-changing complexity of state data breach notification laws, companies facing a data breach need resources that will help them understand the issues. This summary provides an overview of the similarities and differences in data breach laws adopted in the 50 United States and the District of Columbia and includes laws enacted since our… Continue Reading
Online Talent Company Settles with FTC Over Alleged COPPA Violations
Posted in Data Security, PrivacyOnline talent search company Explore Talent just landed in the spotlight of the Federal Trade Commission (FTC). The Vegas-based company was charged with violating the Children’s Online Privacy Protection Act (COPPA), which requires that companies collecting information online must obtain informed, verifiable parental consent before collecting any information from a child under 13. The company… Continue Reading
European Court of Justice Throws Out Class Action in Latest Schrems Battle
Posted in Data Security, PrivacyIn the latest round of the ongoing battle between Austrian privacy activist Max Schrems and Facebook, the European Court of Justice (CJEU) ruled that Schrems did not have standing to bring claims on behalf of Austrian consumers over Facebook’s alleged violations of users’ privacy rights. The court did, however, allow for Schrems to continue with… Continue Reading
Learning From Facebook’s WhatsApp EU Privacy Challenges
Posted in PrivacyNearly one year after it was first warned its privacy practices were inadequate under European law, popular messaging platform WhatsApp has been cited with privacy deficiencies for a second time. The Article 29 Data Protection Working Party (WP29), which is made up of data regulators from EU Member States and the Commission, sent a letter… Continue Reading
Internal Reforms Announced for FTC’s Bureau of Consumer Protection
Posted in PrivacyThe Federal Trade Commission’s Bureau of Consumer Protection is about to undergo reform, according to FTC Acting Chairman Maureen Ohlhausen. In a press release issued on July 17, the FTC stated that the changes are part of an ongoing initiative to simplify information requests and improve transparency that began last April, when Ohlhausen announced new… Continue Reading
FTC Announces Date for PrivacyCon 2018 and Call for Presentations
Posted in PrivacyThe Federal Trade Commission (FTC) has announced that its third annual PrivacyCon will take place in Washington, D.C., on February 28, 2018. The conference will bring together researchers, academics, industry representatives, consumer advocates, and government representatives to explore an array of consumer privacy and data security issues, with a particular focus on emerging technologies, such… Continue Reading
Are Your Security Tools Up to Date?
Posted in Cybersecurity, Data Security, PrivacyThe effects of the massive cyberattack using ransomware known as “Wanna Cry” are still being felt all over the world. Tens of thousands of organizations have been infected, including the UK’s National Health Service, which ran some services on an emergency-only basis the day the attack began in earnest. Some security experts surmise that the… Continue Reading
New Mexico Enacts Data Breach Notification Law; Tennessee Reinstates Encryption Safe Harbor
Posted in PrivacyNew Mexico is the 48th state to enact a data breach law. That law, the Data Breach Notification Act (HB15), is scheduled to take effect on June 16, 2017. Alabama and South Dakota are now the only states without a data breach notification law. The New Mexico law is like other state breach notification laws… Continue Reading
FTC Seeks Comments on Proposed Changes to TRUSTE’s COPPA Safe Harbor Program
Posted in PrivacyIn a Federal Register notice, the FTC has asked for comments on intended changes to TRUSTe’s existing safe harbor program under the Children Online Privacy Protection Act (COPPA). TRUSTe proposed the changes following its settlement earlier this month with the New York Attorney General over allegations that the compliance and security company did not adequately… Continue Reading
TRUSTe Settles COPPA Safe Harbor Enforcement Action with NYAG
Posted in PrivacyTRUSTe has settled allegations by the New York Attorney General that it did not adequately assess whether companies certified under its Children’s Online Privacy Protection Act (COPPA) Safe Harbor seal program allowed third party sites to track children. TRUSTe agreed to pay $100,000 and will be required to adopt new procedures to make its COPPA… Continue Reading
FCC Takes Initial Step to Give Privacy, Security Authority Back to FTC
Posted in PrivacyOn March 1, the Federal Communications Commission (FCC) granted a temporary stay of one of the broadband privacy rules adopted in October of last year. That rule, which pertains to data security, would otherwise take effect on March 2. Newly installed FCC Chairman Ajit Pai and Federal Trade Commission (FTC) Acting Chair Maureen Ohlhausen issued… Continue Reading
Sealed: Three IT Companies Settle FTC Deceptive APEC Privacy Claims
Posted in Advertising, PrivacyIf a business advertises it is a member of a privacy program, even a voluntary one, it had better be, according to the Federal Trade Commission (FTC). In separate but related complaints, the FTC alleged that three businesses – software provider Sentinel Labs Inc., private messaging app developer SpyChatter Inc., and cybersecurity software company Vir2us… Continue Reading
Smart TV Tracking Without Permission? Not So Clever
Posted in PrivacyHave you ever had the niggling suspicion your television was watching you? Apparently, if it was made by smart technology manufacturer VIZIO, it very well may have been. In a $2.2 million settlement with the Federal Trade Commission (FTC) and the New Jersey Attorney General, VIZIO acknowledged that it collected and sold data from 11… Continue Reading
Turn, Inc. Settles with FTC Over Deceptive Consumer Tracking
Posted in PrivacyIn 2015, Verizon found itself in hot water over charges it was using a “super cookie” that continued to operate even when users believed they had opted out of mobile phone data tracking. Verizon allegedly then sent the data obtained to a third party for targeted advertising purposes without its customers’ consent. Verizon settled with… Continue Reading
Another State AG Weighs in on Children’s Privacy
Posted in PrivacyTexas Attorney General (AG) Ken Paxton announced a settlement with an app developer over concerns that the developer’s apps infringed children’s privacy. The developer, Juxta Labs, Inc., offers a range of mobile apps and games. According to the AG’s press release, the company’s apps and social media were easy for children of any age to… Continue Reading
FCC Grants TCPA Relief to Energy Utilities and Schools
Posted in Data Security, PrivacyOn August 4, 2016, the Federal Communications Commission (FCC) released a Declaratory Ruling granting in part two separate petitions that were filed last year – one by the Edison Electric Institute and American Gas Association, and another by Blackboard, Inc. – regarding application of the Telephone Consumer Protection Act of 1991 (TCPA) to certain types… Continue Reading
Shielded: EU Approves Privacy Pact with the U.S., Fee Schedule Proposed
Posted in Cybersecurity, PrivacyThe European Commission (EC) approved the EU–U.S. Privacy Shield on Tuesday, July 12, after European Union member states, through the Article 31 committee, approved the pact the previous week (more on the draft adequacy decision back in March here and the earlier agreement laying out the Privacy Shield here). The decision will allow U.S. companies that… Continue Reading