On September 5, 2017, the Federal Trade Commission (FTC) announced that it and 32 state attorneys general had settled charges with Lenovo regarding the company’s practice of pre-loading software on its laptops that compromised consumers’ cybersecurity and privacy. As part of the settlement, Lenovo agreed to pay $3.5 million in penalties to the states, and per an … Continue Reading
On August 15, 2017, the Federal Trade Commission (FTC) announced that it had reached an agreement with Uber Technologies to settle allegations that the ride-sharing company had deceived consumers by failing to live up to its privacy and data security promises.1 Specifically, the FTC levied two deception counts against Uber: (1) that the company had … Continue Reading
The W-2 phishing scams are back. Fraudsters have learned that W-2 phishing scams can be highly effective when targeting businesses while they are handling and sending employee income-tax-related documents early in a new year. Once fraudsters obtain the information on W-2 tax forms about employees from businesses, they quickly attempt to commit tax identity theft … Continue Reading
Those with experience working with the U.S. Federal Trade Commission (FTC) exchange any number of acronyms freely: CPB (Bureau of Consumer), DPIP (Division of Privacy and Identity Protection, part of the CPB), and, perhaps the most cryptic, CID, writes Sam Pfeifle in a new post on The Privacy Advisor from the IAPP. CID stands for “civil … Continue Reading
As expected, the Federal Communications Commission (FCC) has handed down sweeping new privacy and security rules for Internet service providers (ISPs). On Thursday, October 27, 2016, a sharply divided commission voted to enact these new rules, which impose strict new requirements for ISPs’ collection, use, sharing, and protection of their customers’ information, including information ISPs … Continue Reading
On June 22, 2016, the Federal Trade Commission (FTC) announced that it has settled charges that InMobi, a Singapore-based mobile advertising company, deceptively tracked the locations of hundreds of millions of consumers, including children, to deliver geo-targeted advertising, and violated both the FTC Act and the Children’s Online Privacy Protection Act (COPPA). This is the … Continue Reading
The Consumer Financial Protection Bureau (CFPB) recently brought its first data security enforcement action, adding itself to the growing list of federal regulators tackling data security issues. The CFPB’s enforcement action was against Dwolla Inc., a Des Moines, Iowa-based online payment platform. The CFPB alleged that Dwolla misrepresented its data security practices, and as a … Continue Reading
On February 23, 2016, the Federal Trade Commission (FTC) announced a settlement with computer hardware maker ASUSTeK Computer, Inc. (ASUS). The ASUS settlement highlights the FTC’s position regarding security in the connected device market: connected device manufacturers are responsible for security shortcomings in their devices and are expected to promptly update or patch any identified … Continue Reading
On September 17, 2015, California Attorney General Kamala Harris announced a $33 million settlement with Comcast Corp. to resolve an investigation into Comcast’s publishing of phone numbers that consumers had paid the company not to publish.1 Notably, the settlement is the largest privacy settlement on record to date, surpassing the recent $25 million settlement the … Continue Reading
