On April 8, 2022, the Food and Drug Administration issued Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions, a draft guidance document for industry and FDA staff. Industry stakeholders will have until July 7, 2022 to comment on the proposed guidance.
Continue Reading FDA Issues Draft Cybersecurity Guidance for Medical Devices

On February 26, 2018, the United States Court of Appeals for the Ninth Circuit ruled in an en banc decision that the “common carrier” exception in the Federal Trade Commission Act is “activity-based,” and therefore applies only to the extent a common carrier is engaging in common carrier services.
Continue Reading Ninth Circuit Decision Bolsters FTC Authority Over Internet Service Providers

On May 22, 2017, New York Attorney General Eric T. Schneiderman announced that the AG’s office has reached a settlement with Safetech Products LLC regarding the company’s sale of insecure Bluetooth-enabled wireless doors and padlocks. This “marks the first time an Attorneys General’s Office has taken legal action against a wireless security company for failing to protect their [customers’] personal and private information.”
Continue Reading New York AG Settles with Wireless Lock Maker Over Security Flaws

On May 25, 2015, the French Data Protection Authority released its long-awaited annual inspection program for 2015, announcing that a target of 550 inspections was set for 2015, including 350 on-site inspections, document reviews or hearings and 200 online inspections. This blog entry provides a summary of the program.
Continue Reading French Data Protection Authority Reveals 2015 Inspection Program

On March 28, 2014, the Federal Trade Commission announced proposed settlements with Fandango and Credit Karma stemming from allegations that the companies misrepresented the security measures they implemented to protect sensitive information transmitted using their mobile apps.
Continue Reading FTC Settles with Fandango and Credit Karma over Mobile App Security Failures

On March 12, 2013, Connecticut Attorney General George Jepsen announced that a coalition of 38 states had entered into a $7 million settlement with Google Inc. (“Google”) regarding its collection of unsecured Wi-Fi data via the company’s Street View vehicles between 2008 and 2010. The settlement is the culmination of a multi-year investigation by the states that we first reported on in 2010.
Continue Reading Google Enters into Multi-State Wi-Fi Settlement

On May 25, 2012, the FCC issued a public notice seeking comments to update its mobile privacy guidance. The FTC is also working on updating its guidance for mobile privacy and hosted a public workshop on May 30, 2012 addressing the need for new guidance on advertising and privacy disclosures online and in mobile environments.
Continue Reading FTC and FCC Revising Guidance on Mobile Privacy