RSS Print Email

Federal Trade Commission (FTC)

FTC Settles with TRUSTe Inc. Over Deception Claims

The Federal Trade Commission (FTC) and TRUSTe Inc. entered into a settlement agreement Monday over the FTC’s allegations that the internet privacy certifier deceived consumers about its privacy seal recertification program and allowed its customers to falsely advertise it as a nonprofit entity. Under the settlement, TRUSTe will pay a $200,000 fine and stop making certain claims.

Read More

Defendants to Pay FTC $9.3 Million to Settle Suit Over Alleged Text Messaging Scam

Three groups of defendants have agreed to pay the Federal Trade Commission (FTC) $9.3 million to settle claims that they operated a scam to send unsolicited and deceptive text messages to millions of consumers. The settlement is the result of a major campaign by the FTC targeting senders of unsolicited commercial messages using the promise of free gifts or products to get consumers to reveal “personal information for sale to marketers, their mobile numbers to cram unwanted charges on their bill, and to drive them to paid subscriptions for which the senders receive affiliate referral fees.” The FTC filed at least eight different complaints around the country charging 29 defendants with sending approximately 180 million unsolicited text messages to consumers. This settlement resolves FTC v. Acquinity Interactive, LLC, et al., No. 1:13-cv-05380 filed on July 29, 2013 by the FTC in the Northern District of Illinois.

Read More

FTC Announces Final Agenda for September Big Data Workshop

September 10, 2014 | Posted by Barringer, Ty | Topic(s): Events, Federal Trade Commission (FTC), Big Data

The Federal Trade Commission has released a final program for its September workshop, “Big Data: A Tool for Inclusion or Exclusion?” During the workshop, speakers with a wide range of experience and expertise in the privacy field will present on the various issues and opportunities that arise from the relationship between big data and consumers.

Read More

FTC Issues Study on Mobile Shopping Apps Reviewing Pre-download Disclosures

On August 1, 2014, the Federal Trade Commission (“FTC”) issued a study called “What’s the Deal? An FTC Study on Mobile Shopping Apps,” with recommendations concerning pre-download disclosures. FTC staff surveyed and reviewed 121 mobile shopping apps that fell into three categories: price comparison apps, deal apps, and in-store purchase apps. FTC staff focused their analysis on (1) the in-store purchase apps’ pre-download disclosures concerning payment disputes, and (2) all of the surveyed apps’ pre-download disclosures concerning how the apps collect and handle consumer data.

Read More

Agenda Released for FTC’s September Big Data Workshop

August 12, 2014 | Posted by Matthias Barringer | Topic(s): Events, Federal Trade Commission (FTC), Big Data

The Federal Trade Commission recently released an initial program for the agency’s latest data privacy workshop, “Big Data: A Tool for Inclusion or Exclusion?” The workshop will consist of four panel discussions and is scheduled to take place at 8 a.m. on September 15, 2014 at the Constitution Center, located at 400 7th St SW, Washington, DC 20024.

Read More

FTC approves iKeepSafe COPPA Safe Harbor Oversight Program

The Federal Trade Commission today announced its approval of the Internet Keep Safe Coalition (“iKeepSafe”) Children’s Online Privacy Protection Act (“COPPA”) safe harbor oversight program. iKeepSafe’s program is the seventh COPPA safe harbor program approved by the FTC.

Read More

FTC Updates Guidelines for Obtaining Parental Consent Applicable to Website Operators and Developers of Children’s Apps

On July 16, 2014, the Federal Trade Commission (“FTC”) issued revised guidance regarding compliance with the Children's Online Privacy Protection Act (“COPPA”). COPPA and the rules promulgated thereunder regulate the collection, use, and disclosure of personal information from children under age 13 by operators of commercial websites and online services, including mobile apps. The recent changes to the FTC’s Complying with COPPA: Frequently Asked Questions document clarify parental consent requirements with respect to such websites and services.

Read More

ComScore Reaches $14 Million Settlement in Electronic Privacy Class Action

June 17, 2014 | Posted by Dominique Shelton & Kim Chemerinsky | Topic(s): Federal Trade Commission (FTC), Privacy, Class Action, Big Data

On May 30, 2014, comScore Inc. announced that it has reached a $14 million settlement in the largest class ever certified in an Internet privacy lawsuit, composed of users who claim that comScore installed analytics software on their computers and sold their personal data to media outlets without their knowledge or consent. ComScore, a publicly-traded company, faced upwards of $1 billion in liability under various federal statutes aimed at protecting consumer privacy. This made it one of the largest (if not the largest) privacy class action certified in the country.

Read More

Eleventh Circuit Paves the Way for the FTC’s Administrative Action to Proceed; FTC denies LabMD’s Motion for Summary Decision

May 27, 2014 | Posted by | Topic(s): Federal Trade Commission (FTC), Enforcement, Data Security, Litigation

Two decisions from last week have provided clarity – at least regarding which tribunal will first decide whether LabMD violated Section 5 – in the ongoing battle between the FTC and LabMD. In the first decision, the Eleventh Circuit refused to stay, pending appellate review, the FTC’s administrative action against LabMD. This decision came on the heels of the district court refusing to enjoin the FTC’s administrative action due to a lack of jurisdiction to do so. In the second decision, the FTC refused to grant LabMD’s Motion for Summary Decision. The net result of these decisions is twofold. First, the trial of the FTC’s administrative proceeding against LabMD is now in progress. Second, no federal court will likely address the merits of LabMD’s arguments until after the FTC’s administrative action concludes.

Read More

DOJ Issues White Paper on Cybersecurity Information Sharing Under the SCA

On Friday, May 9 the Department of Justice (DOJ) released a white paper stating that under its interpretation of the Stored Communications Act (SCA), 18 U.S.C. § 2701 et seq., communications companies are permitted to disclose “non-content information to the government” as long as that information is in its “aggregate form.” The lynchpin of the DOJ’s analysis is whether the shared information identifies or provides information regarding particular subscribers or customers. Under that standard, data that “is aggregated but still provides information about a particular subscriber or customer” is prohibited from disclosure under the SCA. In releasing its white paper, the DOJ recognized that “information sharing is a critical component of bolstering public and private network owners’ and operators’ capacity to protect their networks against evolving and increasingly sophisticated cyber threats.” As such, “the private sector would benefit from a better understanding of whether the electronic communications statutes [DOJ enforces] prohibit them from voluntarily sharing useful cybersecurity information with the government.”

Read More

American Apparel Settles FTC Charge on Falsely Claiming Compliance with Safe Harbor Privacy Framework

On May 9, 2014, the Federal Trade Commission (the “FTC”) announced that American Apparel, Inc. (“American Apparel”) agreed to settle FTC charges that American Apparel falsely claimed it was compliant with the U.S.-European Union Safe Harbor (the “US-EU Safe Harbor Framework”).

The FTC’s complaint alleged that American Apparel, a clothing manufacturer and retailer with more than 200 stores worldwide, falsely represented that it was a “current” participant in the US-EU Safe Harbor Framework on its website when it was not a “current” participant from June 2013 until December 2013 as it had allowed its certification to lapse during that time.

Read More

Mobile Apps in the Spotlight during Upcoming GPEN International Privacy Sweep

On May 6, the Office of the Privacy Commissioner of Canada (the “Commissioner”) announced mobile apps as the Global Privacy Enforcement Network’s (“GPEN’s”) focus area during the upcoming International Privacy Sweep (the “Sweep”). The Sweep will be held from May 12 to 18, 2014, involving 27 privacy enforcement authorities from around the world. The news release describes that this year’s Sweep will aim at “shedding light on the collection and use of personal information on mobile apps.”

Read More

LabMD Wins Discovery Disputes Against FTC; FTC Compelled to Disclose Data Security Standards

May 7, 2014 | Posted by | Topic(s): Federal Trade Commission (FTC), Enforcement, Data Security, Litigation

In the latest chapter of the ongoing battle between the FTC and LabMD, Inc. (“LabMD”) about the FTC’s claim that LabMD violated the FTC Act’s Section 5 bar on “unfair” acts or practices because of its allegedly inadequate data security practices, an administrative law judge overseeing the FTC’s administrative action against LabMD recently issued two discovery orders. These discovery orders may, at least to some extent, force the FTC to outline its sometimes opaque standards for data security.

Read More

FTC Invites Public Comments on Mobile Security

On April 17, 2014, the Federal Trade Commission (“FTC”) issued a press release, announcing that the FTC is seeking public comments to explore mobile security issues. The press release refers to the mobile security forum held last year to examine the state of mobile security (the “Forum”). In the press release, the FTC invites comments from the public to expand on a number of complex issues discussed at the Forum with an eye towards a report.

Read More

District Court Denies Wyndham Motion to Dismiss and Supports FTC's Authority in Data Breach Cases

In Federal Trade Commission v. Wyndham Worldwide Corp., et al., No. 13-cv-01887-ES-JAD (D.N.J. Apr. 7, 2014), Judge Esther Salas of the U.S. District Court for the District of New Jersey denied Wyndham’s request for dismissal of the FTC’s lawsuit against the hotel resort chain as a result of getting hacked.* Wyndham had challenged the FTC’s power to assert an unfairness claim under Section 5 of the FTC Act. Although the Court’s ruling focused solely on the FTC’s authority to bring the lawsuit, and offered no opinion on the underlying merits of the allegations, the ruling could have broad ramifications on the FTC’s ability to pursue companies for unfair and deceptive trade practices when a data breach occurs.

Read More