On October 31, 2022, the Federal Trade Commission announced a proposed settlement with education technology provider Chegg in connection with the company’s alleged poor cybersecurity practices.
Continue Reading FTC Takes Action Against Chegg for Alleged Security Failures that Exposed Data of Employees and 40 Million Consumers

On October 18, 2022, the New York State Department of Financial Services announced that EyeMed Vision Care LLC agreed to a $4.5 million settlement for violations of the Cybersecurity Regulation that contributed to the exposure of hundreds of thousands of consumers’ health data in connection with a cybersecurity event in 2020.
Continue Reading NYDFS Fines EyeMed $4.5 Million for Cybersecurity Violations

On June 24, 2022, the New York State Department of Financial Services announced it had entered into a $5 million settlement with Carnival Corp., the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation in connection with four cybersecurity events between 2019 and 2021, including two ransomware events.
Continue Reading NYDFS Imposes Fine of $5 Million on Carnival for Cybersecurity Breaches

On May 25, 2022, Twitter reached a proposed $150 million settlement with the Department of Justice and the Federal Trade Commission to resolve allegations that the company deceptively used nonpublic user contact information obtained for account security purposes to serve targeted ads to users.
Continue Reading Twitter to Pay $150 Million to Settle Allegations of Data Misuse

On March 15, 2022, the FTC announced a proposed settlement with custom merchandise platform CafePress in connection with the company’s alleged failure to implement reasonable security measures, and its alleged attempt to cover up a 2019 data breach.
Continue Reading FTC Announces Proposed Settlement with CafePress over Alleged Data Breach Cover Up

On February 14, 2022 the FTC announced that, at the agency’s request, federal courts in California ordered two Voice over Internet Protocol service providers to produce information as part of ongoing investigations by the FTC into telemarketing calls and robocalls made in violation of the Telemarketing Sales Rule.
Continue Reading Telecommunications Companies Forced to Turn Over Documents in Response to FTC CID

Earlier this month, the Federal Trade Commission reached a $1.5 million settlement with loan application company ITMedia Solutions LLC over alleged violations of the FTC Act and Fair Credit Reporting Act. The FTC alleged that ITMedia deceptively acquired and indiscriminately shared consumers’ sensitive personal information under the guise of connecting them with lenders.
Continue Reading FTC Settles with Loan Application Company Over Alleged Misuse of Sensitive Personal Information

On September 1, 2021, the FTC banned the operator of a stalkerware app company and its CEO from offering, promoting, selling or advertising any surveillance app, service or business, alleging that the app allowed purchasers to illegally surveil other individuals by monitoring their device activity without their knowledge.
Continue Reading FTC Bans Stalkerware App Company from the Surveillance Business and Orders Company to Delete Any Illegally Collected Information

On December 14, 2020, the Federal Trade Commission announced that it had issued orders to nine social media and video streaming companies, requesting information on how the companies collect, use and present personal information, their advertising and user engagement practices and how their practices affect children and teens.
Continue Reading FTC Issues Orders to Nine Social Media and Video Streaming Service Companies Regarding Privacy Practices