In the latest blog post in the FTC's "Stick with Security" series, the FTC discusses how companies should ensure that the service providers they engage with implement reasonable security measures.… Continue Reading
In last week's FTC "Stick with Security" series, the FTC provided details on the importance of building security into product development from the start.… Continue Reading
On September 8, 2017, the FTC announced that it had settled charges against three companies for misleading consumers about their participation in the Privacy Shield framework. This marks the first enforcement action brought by the FTC pursuant to the Privacy Shield.… Continue Reading
On September 5, 2017, the FTC announced that Lenovo, Inc. agreed to settle charges that its preloaded software on some laptop computers compromised online security protections in order to deliver advertisements to consumers. … Continue Reading
On September 1, 2017, the FTC published the seventh blog post in its “Stick with Security” series. This week’s post, entitled Stick with Security: Secure remote access to your network, outlines important security measures businesses should take to ensure that outside entryways to their systems are sensibly defended.… Continue Reading
On August 25, 2017, the FTC published the sixth blog post in its “Stick with Security” series. This week’s post, entitled Stick with Security: Segment your network and monitor who’s trying to get in and out, illustrates the benefits of segmenting networks and monitoring the size and frequency of data transfers.… Continue Reading
On August 15, 2017, the FTC announced that it had reached a settlement with Uber, Inc., over allegations that the ride-sharing company had made deceptive data privacy and security representations to its consumers. Under the terms of the settlement, Uber has agreed to implement a comprehensive privacy program and to undergo regular, independent privacy audits for the next 20 years.… Continue Reading
On August 18, 2017, the FTC published the fifth blog post in its "Stick with Security" series, which outlines steps businesses can take to secure sensitive data, including when it is in transit. … Continue Reading
On August 11, 2017, the Federal Trade Commission published the fourth blog post in its "Stick with Security" series, which examines five effective security measures companies can take to safeguard their computer networks.… Continue Reading
On August 4, 2017, the FTC published the third blog post in its Stick with Security series. This week’s post, entitled "Stick with security: Control access to data sensibly," details key security measures businesses can take to limit unauthorized access to data in their possession.… Continue Reading
On July 31, 2017, the Federal Trade Commission announced that it has approved modifications to TRUSTe’s safe harbor program under the Children’s Online Privacy Protection Rule.… Continue Reading
On July 28, 2017, the FTC published the second blog post in its "Stick with Security" series. This week’s post, entitled "Start with security – and stick with it," looks at key security principles that apply to all businesses regardless of their size or the types of data they handle. The guidance offers five steps companies can take to ensure the security of the data they hold.… Continue Reading
On July 21, 2017, the FTC announced its publication of "Stick with Security," a series of blog posts on reasonable steps that companies should take to protect and secure consumer data. The posts will build on the FTC’s Start with Security Guide for Businesses, and will be based on the FTC’s 60 plus law enforcement actions, closed investigations and questions from businesses. Every Friday for the next few months, the FTC will publish on its Business Blog a new post focusing on each of the 10 "Start with Security" principles.… Continue Reading
On July 5, 2017, the FTC announced that Blue Global Media, LLC agreed to settle charges that it misled consumers into filling out loan applications and then sold those applications, including sensitive personal information contained therein, to other entities without verifying how consumers’ information would be used or whether it would remain secure.… Continue Reading
On June 21, 2017, the Federal Trade Commission updated its guidance for complying with the Children’s Online Privacy Protection Act. The FTC enforces the COPPA Rule, which sets requirements regarding children’s privacy and safety online.… Continue Reading
On June 5, 2017, an Illinois federal court ordered satellite television provider Dish Network to pay a record 280 million dollars in civil penalties for violations of the FTC’s Telemarketing Sales Rule, the Telephone Consumer Protection Act and state law.… Continue Reading
On May 12, 2017, a massive ransomware attack, known as “WannaCry,” began affecting tens of thousands of computer systems in over 100 countries. These types of incidents can have significant legal implications for affected entities and industries for whom data access and continuity is critical. As affected entities work to understand and respond to the threat of ransomware, we address some of the key legal considerations.… Continue Reading
Privacy and data security issues have become the subject of critical focus in corporate mergers, acquisitions, divestitures and related transactions. Because of this heightened concern, it is imperative that companies conduct thorough due diligence about privacy and data security issues before entering into a transaction.… Continue Reading
On April 19, 2017, the FTC announced that it is seeking public comment on proposed changes to TRUSTe, Inc.’s safe harbor program under the Children’s Online Privacy Protection Rule.… Continue Reading
On April 3, 2017, President Trump signed a bill which nullifies the Broadband Consumer Privacy Rules promulgated by the FCC in October 2016 . … Continue Reading
On March 17, 2017, the Federal Trade Commission announced that Upromise, Inc., agreed to pay 500,000 dollars to settle allegations that it violated the terms of a 2012 consent order that required Upromise to provide notice to consumers regarding its data collection and use practices, and obtain third-party audits.… Continue Reading
On March 3, 2017, the FTC announced the results of a study about online businesses’ use of proper email authentication technology to prevent phishing attacks. … Continue Reading
Hunton & Williams LLP, in coordination with the U.S. Chamber of Commerce, recently issued a report that provides a series of recommendations to enhance the effectiveness of data privacy regulators. … Continue Reading
On March 1, 2017, the Federal Communications Commission, under the new leadership of Chairman Ajit Pai, voted 2-1 to issue a temporary stay of the data security obligations of the FCC’s Broadband Consumer Privacy Rules, which were to go into effect March 2, 2017. The temporary stay will remain in place until the FCC is able to act on pending petitions for reconsideration. … Continue Reading
