Tag Archives: Federal Trade Commission (FTC)

FTC’s Ability to Regulate Data Security Potentially Limited in FTC v. LabMD

Written by and
A November 13, 2015 decision from the Federal Trade Commission’s Chief Administrative Law Judge, D. Michael Chappell, calls into question FTC enforcement in the data privacy space.  The case began when the FTC filed a complaint on August 28, 2013 after an employee of LabMD, a cancer detection laboratory, downloaded peer-to-peer (“P2P”) software that exposed patient information on the file sharing network (also known as “1718 File”). An online security firm named Tiversa found this file on a peer-to-peer file-sharing network in 2008 and used it to solicit work protecting LabMD’s data. The [...] Read more

Commission Underlines Commitment to Safe Harbor Discussions

Written by
In a keynote speech today before the 37th International conference of Privacy and Data Protection Commissioners in Amsterdam,  EU Justice Commissioner Vera Jourová reiterated the commitment of the European Commission to completing discussions with the United States on a replacement framework for the U.S.-EU Safe Habor. Commissioner Jourová noted that, in the wake of the European Court of Justice’s October 6, 2015 judgment in the Schrems case (C-362-14), the Commission had stepped up discussions with the United States at the political level as well as the technical level.  There is now [...] Read more

Third Circuit Affirms FTC’s Authority to Regulate Data Security

Written by
On August 24, 2015, the Third Circuit affirmed U.S. District Court Judge Esther Salas’ April 2014 ruling in FTC v. Wyndham Worldwide Corp., et al. (“Wyndham”) that the FTC has the authority to regulate private companies’ cybersecurity practices under Section 5 of the FTC Act. (Prior blog posts on this case can be found here and here).  In this highly anticipated precedential opinion, the Court decided that Wyndham’s cybersecurity practices as alleged by the FTC fit the definition of “unfair” when compared with its stated security policies.  In doing so, the Court rejected Wyndham’s [...] Read more

FTC Releases New Data Security Guidance for Businesses, Announces Conference Series

Written by
The Federal Trade Commission has released new guidance, called “Start with Security,” intended to assist businesses to improve their data security practices based on lessons learned from its 53 data security cases to date.  Issued on June 30, 2015, the guidance “distill[s] the facts of those cases down to their essence” in ten “lessons to learn that touch on vulnerabilities that could affect your company.” The ten lessons are as follows: Start with security.  The FTC advises businesses to factor security into its business processes from the beginning.  It also reminds businesses [...] Read more

RadioShack Agrees to Significant Limitations in Sale of Customer Data Following Pressure from State Regulators and the FTC

Written by
In what may become viewed as the de facto standard for selling customer information in bankruptcies, a Delaware bankruptcy court approved, on May 20, 2015, a multi-party agreement that would substantially limit RadioShack’s ability to sell 117 million customer records. The agreement was entered into by RadioShack Corp., General Wireless Inc., and 17 state attorney generals as part of the former’s ongoing bankruptcy proceeding. Despite its original intention to sell all of its customer records, RadioShack entered into the agreement in response to filings made by 36 state attorney generals [...] Read more

FTC Looks “More Favorably” Upon Companies That Report Data Breaches to Law Enforcement

Written by
The Federal Trade Commission recently announced that it views companies that report data breaches to appropriate law enforcers “more favorably” than those companies that are less cooperative.  Mark Eichorn, Assistant Director in the Bureau of Consumer Protection’s Division of Privacy and Identity Protection, included the announcement in a May 20, 2015 blog post, describing a typical FTC data breach investigation to help companies know what to expect if they are investigated. When investigating a breach, the FTC gathers facts on the circumstances surrounding the incident, the protections [...] Read more

FTC Proposes Settlement with Two Companies Over False Safe-Harbor Claims

Written by
On April 7, 2015, two U.S. companies agreed to settle Federal Trade Commission (“FTC”) allegations that they falsely claimed to be in compliance with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework. In the concurrently filed complaints against TES Franchising, LLC (“TES”), a franchisee coaching business, and American International Mailing, a mail delivery company, the FTC accused the companies of violating Section 5 of the FTC Act by indicating on their websites that they were currently certified under the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe [...] Read more

FTC Settles with TRUSTe Inc. Over Deception Claims

Written by
The Federal Trade Commission (FTC) and TRUSTe Inc. entered into a settlement agreement Monday over the FTC’s allegations that the internet privacy certifier deceived consumers about its privacy seal recertification program and allowed its customers to falsely advertise it as a nonprofit entity. Under the settlement, TRUSTe will pay a $200,000 fine and stop making certain claims.TRUSTe provides seals to businesses that meet requirements for consumer privacy programs that it administers. TRUSTe seals represent to consumers that businesses’ privacy practices are in compliance with specific privacy [...] Read more

Defendants to Pay FTC $9.3 Million to Settle Suit Over Alleged Text Messaging Scam

Written by
Three groups of defendants have agreed to pay the Federal Trade Commission (FTC) $9.3 million to settle claims that they operated a scam to send unsolicited and deceptive text messages to millions of consumers. The settlement is the result of a major campaign by the FTC targeting senders of unsolicited commercial messages using the promise of free gifts or products to get consumers to reveal “personal information for sale to marketers, their mobile numbers to cram unwanted charges on their bill, and to drive them to paid subscriptions for which the senders receive affiliate referral fees.” [...] Read more

FTC Announces Final Agenda for September Big Data Workshop

Written by
The Federal Trade Commission has released a final program for its September workshop, “Big Data: A Tool for Inclusion or Exclusion?” During the workshop, speakers with a wide range of experience and expertise in the privacy field will present on the various issues and opportunities that arise from the relationship between big data and consumers. The workshop will begin at 9 a.m. and run throughout the day on September 15, 2014 at the Constitution Center, located at 400 7th St SW, Washington, DC 20024. The agenda is as follows: 9:00 a.m. ET: Opening remarks 9:15 a.m. ET: Presentation: [...] Read more