On June 14, 2019, the Federal Trade Commission announced that it has taken action against a number of companies that allegedly misrepresented their compliance with the EU-U.S. and Swiss-U.S. Privacy Shield frameworks and other international privacy agreements. This blog entry provides an overview of these developments.
Continue Reading FTC Takes Action Against Companies Misrepresenting Compliance with the EU-U.S. Privacy Shield and Other International Privacy Agreements

On April 24, 2019, the Federal Trade Commission announced two data security cases involving online operators that were alleged to have failed to take reasonable steps to secure consumers’ data, which allowed hackers to breach both websites.
Continue Reading FTC Settles with Two Online Operators for Failing to Secure Customers’ Data

On June 27, 2018, Equifax entered into a consent order with 8 state banking regulators, including those in New York and California, arising from the company’s 2017 data breach that exposed the personal information of 143 million consumers.
Continue Reading Equifax Enters Into Consent Order with State Banking Regulators Regarding 2017 Data Breach

On May 24, 2018, the Federal Trade Commission granted final approval to a settlement with PayPal, Inc., to resolve charges that its peer-to-peer payment service, Venmo, misled consumers regarding certain restrictions on the use of its service, as well as the privacy of transactions.
Continue Reading FTC Approves Settlement with PayPal Regarding Alleged Venmo Privacy Misrepresentations

On April 30, 2018, the Federal Trade Commission announced that BLU Products, Inc. agreed to settle charges that the company allowed a third-party service provider to collect consumers’ personal information without their knowledge or consent, notwithstanding the company’s promises that it would keep the relevant information secure and private.
Continue Reading Mobile Phone Maker BLU Settles FTC Privacy and Data Security Claims

On February 27, 2018, the FTC announced an agreement with PayPal, Inc., to settle charges that its Venmo peer-to-peer payment service misled consumers regarding privacy and the extent to which consumers’ financial accounts were secured. This signals a renewed focus by the FTC on violations of the Gramm-Leach-Bliley Act’s Privacy and Safeguards Rules.
Continue Reading FTC Announces Settlement for Venmo’s Alleged Violations of the GLBA’s Privacy and Safeguards Rules

On March 17, 2017, the Federal Trade Commission announced that Upromise, Inc., agreed to pay 500,000 dollars to settle allegations that it violated the terms of a 2012 consent order that required Upromise to provide notice to consumers regarding its data collection and use practices, and obtain third-party audits.
Continue Reading FTC Announces Settlement Over Alleged Consent Order Violation

On July 29, 2016, the Federal Trade Commission announced that it had issued an opinion and final order reversing the administrative law judge’s decision by finding that LabMD failed to maintain reasonable security practices to protect consumers’ sensitive personal information in violation of Section 5 of the FTC Act.
Continue Reading FTC Reverses ALJ Decision, Finds LabMD Liable for Unfair Data Security Practices

On June 22, 2016, the Federal Trade Commission announced that it reached a settlement with a mobile advertising company, InMobi, to resolve charges that the company deceptively tracked hundreds of millions of consumers’ locations without their knowledge or consent. Among other requirements, the settlement orders the company to pay 950,000 dollars in civil penalties.
Continue Reading Ad Network to Pay Nearly 1 Million in Civil Penalties to Settle FTC Charges That It Geo-Tracked Consumers Without Permission