Looking beyond the fines: Accountability in light of FTC consent orders

(Nov 20, 2019) Over the last few months, a hot topic of privacy enforcement action has undoubtedly been the $5 billion U.S. Federal Trade Commission settlement with Facebook over the company’s alleged violation of a prior 2012 FTC consent order. While the high price tag of noncompliance has been the source of much discussion in privacy circles, the FTC settlement also makes a very strong statement in terms of the possible standard against which all companies’ privacy management programs may be measured going f... Read More

Perspective: Accountability rooted in FTC consent orders

(Nov 20, 2019) Most of the attention paid to recent consent orders from the U.S. Federal Trade Commission falls on the number after the dollar sign in each settlement. However, there are layers to these decrees and common themes among them. One commonality examined in a recent discussion paper from Hunton Andrews Kurth's Centre for Information Policy Leadership is an order's requirements for a comprehensive accountable privacy management program. CIPL Vice President and Senior Policy Counselor Markus Heyder an... Read More

FTC settles with company for alleged falsification of Privacy Shield participation

(Nov 20, 2019) The U.S. Federal Trade Commission announced it has reached a settlement with Medable over allegations it falsely claimed participation in the EU-U.S. Privacy Shield agreement. In its complaint, the FTC alleged Medable claimed in its privacy policy it adhered to Privacy Shield; however, the pharmaceutical and biotechnology research company never completed the necessary steps with the Department of Commerce to participate in the agreement. As part of the settlement, Medable can no longer misrepres... Read More

What the FTC said about the NIST Privacy Framework draft

(Nov 14, 2019) The U.S. Federal Trade Commission recently voted unanimously in support of the submission of staff comments on the National Institute of Standards and Technology’s preliminary draft "Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management." In doing so, the FTC staff highlighted the importance of NIST’s work to create a new U.S. privacy framework designed to help management start a dialogue about how to better manage privacy risk across an organization. In this piece f... Read More

Lawmakers call upon FTC, DOJ for increased antitrust action against tech companies

(Nov 14, 2019) At a U.S. House Judiciary Subcommittee on Antitrust, Commercial and Administrative Law hearing, lawmakers called on the Federal Trade Commission and Department of Justice’s Antitrust Division to take increased action against tech companies, CNET reports. Lawmakers said tech companies have not been scrutinized for years, with Rep. Jerry Nadler, D-N.Y., adding it has been decades since either agency "brought a significant monopolization case in the tech sector." FTC Chairman Joseph Simons said his... Read More

FTC settles with tech company on alleged data security issues

(Nov 13, 2019) The U.S. Federal Trade Commission has announced a settlement with Utah-based InfoTrax Systems over claims of insufficient safeguards for consumer data. The FTC alleged the tech company did not deploy "reasonable, low-cost, and readily available" safeguards for its clients' personal information. The lacking security led to a 2016 breach that involved Social Security numbers, payment card information, bank account information, usernames and passwords of more than 1 million consumers. As part of th... Read More

Global regulators placing increased emphasis on children's privacy

(Nov 12, 2019) Popular discussions on children’s data protection are often framed as a zero-sum game between those who want children to be protected in the digital age and those who fear a chilling effect on content creation. In this piece for The Privacy Advisor, Heward Mills Founder Dyann Heward-Mills, CIPP/E, CIPP/US, CIPM, looks at how EU regulators, such as the U.K. Information Commissioner’s Office and Irish Data Protection Commission, have worked to safeguard children’s privacy, while the U.S. Federal T... Read More

FTC sues data storage service with false Privacy Shield claims

(Nov 8, 2019) The U.S. Federal Trade Commission has announced it has brought a lawsuit against Nevada-based data storage company RagingWire Data Centers for falsely claiming participation in the EU-U.S. Privacy Shield program. The charge alleges RagingWire continued to claim it participated in the Shield program after its certification expired. According to the FTC complaint, the company was warned twice by the U.S. Department of Commerce to remove claims from its website. The FTC also found RagingWire failed... Read More

Breaking down the FTC's COPPA rule enforcement in Retina-X case

(Nov 5, 2019) In a rare Children’s Online Privacy Protection Rule enforcement action, the U.S. Federal Trade Commission announced a settlement with “stalking app” developer Retina-X Studios, LLC and its owner, James Johns. The consent decree bars the respondents from selling subscriptions to their services unless they take affirmative steps to ensure the apps are used for legitimate purposes. This decree also marks the FTC’s first action against stalking apps. IAPP Legal Extern Mitchell Mantey breaks down the... Read More

FTC to host workshop on voice cloning tech

(Nov 5, 2019) The U.S. Federal Trade Commission announced it will explore voice cloning technologies in a workshop Jan. 28 in Washington. "You Don’t Say: An FTC Workshop on Voice Cloning Technologies" will dive into development and use of the technology, speech synthesis and ethical concerns the tech poses. Discussions will work to reveal both the benefits and potential pitfalls that come with voice cloning.Full Story... Read More