Will the ICO's Equifax penalty impact US enforcement actions?

(Sep 21, 2018) The U.K. Information Commissioner's Office has fined Equifax 500,000 GBP for its 2017 data breach affecting 146 million consumers around the world, including 15 million British data subjects. The agency decided to levy the highest financial penalty it could under the Data Protection Act 1998. IAPP Associate Editor Ryan Chiavetta, CIPP/US, takes a look at the decision, asking the ICO what the penalties may have looked like if the investigation took place under the EU General Data Protection Regul... Read More

How the ICO's Equifax penalty could impact U.S. enforcement actions

(Sep 21, 2018) More than a year after it suffered a data breach affecting 146 million consumers around the world, Equifax has been served with its first financial penalty. The U.K. Information Commissioner’s Office fined Equifax 500,000 GBP for multiple violations of the Data Protection Act 1998 after it was discovered 15 million unique records belonging to British citizens were affected in the breach. The ICO investigation found Equifax violated five of the eight data protection principles within Schedule 1... Read More

FTC gives final approval to BLU settlement

(Sep 11, 2018) The U.S. Federal Trade Commission announced it has given final approval to the settlement with mobile phone manufacturer BLU Products Inc. and its Co-Owner and President Samuel Ohev-Zion. BLU and Ohev-Zion were accused of misleading consumers about the personal data it disclosed, as the manufacturer claimed third parties were only allowed to collect information required for requested services. The complaint alleges BLU had no proper security measures in place for the practice, allowing one third... Read More

FTC releases Do Not Call fees for FY 2019

(Aug 28, 2018) The U.S. Federal Trade Commission released the fiscal year 2019 fees for telemarketers obtaining phone numbers from the National Do Not Call Registry. Telemarketers will pay $63 for yearlong access to any phone numbers in the registry within a single area code, paying up to $17,406 for all codes around the U.S., up from $17,021 in FY 2018. Any telemarketer calling citizens in the U.S. needs to possess the numbers to ensure they do not call anyone who is registered, getting their first five area ... Read More

FTC hosting hearings on consumer protection in the 21st century

(Aug 27, 2018) The U.S. Federal Trade Commission will be hosting its first hearings on competition and consumer protection in the 21st century with a pair of full-day sessions at Georgetown University Law Center Sept. 13 and 14. The first hearings will cover topics such as the regulation of consumer data, the current competitive landscape and the state of consumer protection law and policy, the state of the U.S. economy, and an analysis of vertical mergers. The FTC will also be accepting comments on the issues... Read More

ANA asks FTC for 'rigorous analysis' of CaCPA

(Aug 23, 2018) The Association of National Advertisers is asking the U.S. Federal Trade Commission to conduct a “rigorous analysis” of the potential impact of the California Consumer Privacy Act of 2018, as well as the EU General Data Protection Regulation, MediaPost reports. Responding to an FTC call for input on various tech issues, the ANA said the California law “threatens the free flow of information and impacts U.S. consumers and businesses,” adding the definition of personal information within the bill ... Read More

EPIC alleges Google violated 2011 FTC settlement

(Aug 20, 2018) The Electronic Privacy Information Center has sent a letter to the U.S. Federal Trade Commission alleging Google violated the terms of its 2011 settlement for tracking location data without consent, The Associated Press reports. The advocacy group pushed the FTC to examine Google’s data practices, which ultimately led to the 2011 settlement in which the tech company agreed to no longer misrepresent the amount of control users have over their data. Meanwhile, Google is facing a class-action lawsu... Read More

FTC approves ESRB's alterations to COPPA safe harbor program

(Aug 15, 2018) The U.S. Federal Trade Commission has approved alterations to the Entertainment Software Rating Board’s safe harbor program to ensure it is complying with the Children’s Online Privacy Protection Act. The ESRB sought changes to its safe harbor guidelines, including a new definition for “personal information and data.” Consumer advocates and other individuals offered changes to the ESRB’s proposal, including requiring a limit to the amount of children’s data collected and rejecting the ESRB’s att... Read More

FTC amends system of records notices within Privacy Act

(Aug 1, 2018) The U.S. Federal Trade Commission announced it has amended the system of records notices under the Privacy Act of 1974. The amendments will give the FTC the ability to disclose records to other agencies following a data breach. The changes come after the Office of Management and Budget found model language produced by the Department of Justice in a 2007 update to the law was too narrow, as agencies need the authority to disclose information on a wider scale. “The final amendments more specifical... Read More

FTC's Phillips voices privacy law concerns

(Jul 30, 2018) U.S. Federal Trade Commissioner Noah Joshua Phillips voiced his concerns about privacy laws, such as the EU General Data Protection Regulation and the California Consumer Privacy Act of 2018, MediaPost reports. Phillips said during a speech at the Internet Governance Forum the major privacy laws will end up placing “protective moats” around larger tech companies while harming smaller startups, especially in areas such as gathering consent. “Consumers are more likely to trust the companies they k... Read More