Photo of Sheila MillarPhoto of Tracy Marshall

One of the first formal privacy safe harbor programs was created under the Children’s Online Privacy Protection Act (COPPA). Put simply, businesses are deemed in compliance with COPPA if they belong to an FTC-approved COPPA safe harbor program and follow the safe harbor program’s guidelines. But the FTC takes seriously any false claim about participation

Photo of Sheila MillarPhoto of Tracy Marshall

The COVID-19 pandemic has prompted regulatory agencies to take swift action against companies that falsely advertise their products as treatments for the virus. As we previously reported, the Federal Trade Commission (FTC) and Food and Drug Administration (FDA) issued joint warning letters to seven companies in March for advertising and selling products or services

Photo of Sheila Millar

Online shopping has taken on greater importance for many people homebound since the coronavirus lockdowns began. And, while many are lounging at home in pajamas and yoga pants, there are still a lot of fashion-conscious shoppers out there anxious to take advantage of bargain prices and speedy deliveries. But how is a stay-at-home fashionista supposed

Photo of Sheila MillarPhoto of Tracy Marshall

Canadian company Tapplock, Inc. sells smart locks to the U.S. market that the company advertised as “sturdy,” “secure,” and even “unbreakable.” Tapplock’s assurances that the locks were strengthened with “double-layered lock design” and made with “anti-shim and anti-pry technologies” could be quite an enticement for consumers looking for top-of-the-line connected home security. There was a

Photo of Sheila MillarPhoto of Tracy Marshall

On January 7, 2020, the National Institute of Standards and Technology (NIST) released a draft of revised cybersecurity recommendations for IoT devices at both the pre-market and post-market stages. NISTIR 8259, Recommendations for IoT Device Manufacturers: Foundational Activities and Core Device Cybersecurity Capability Baseline, identifies six voluntary steps manufacturers should take to account

Photo of Sheila MillarPhoto of Tracy Marshall

Businesses that rely on standard contractual clauses (SSCs) to transfer personal data outside the European Economic Area (EEA) just got good news. The long-awaited decision from the EU Advocate General (AG) is here: SCCs are valid. The AG’s opinion, although non-binding, is significant for the case brought by Austrian privacy activist Max Schrems against Facebook,

Photo of Sheila MillarPhoto of Tracy Marshall

You know that movie where a person thinks they’ve barricaded themselves in their house against a stalker, only to grasp the awful realization that the threat is “coming from inside the house”? Unbeknownst to you, that threat may, in fact, be coming from your smartphone, according to a complaint by the Federal Trade Commission (FTC).

Photo of Sheila Millar

In the two decades following the enactment of the Children’s Online Privacy Protection (COPPA) Rule, technological developments have changed the online landscape considerably. Recognizing this, the Federal Trade Commission (FTC) held a public workshop on October 7, 2019, to discuss whether, given the proliferation of smart devices, video games, online channels, and EdTech, the Rule,