FTC

Subscribe to FTC via RSS

On February 16, 2022, the Federal Trade Commission (FTC) filed a proposed settlement order in federal court in its case against WW International, Inc (formerly known as Weight Watchers International, Inc.) and its subsidiary Kurbo, Inc. (Kurbo) to resolve allegations that the defendants violated the Children’s Online Privacy Protection Act and its implementing rules (COPPA).1 The FTC alleged that the defendants violated COPPA by failing to provide required notices and obtain verifiable parental consent prior to collecting, using, and disclosing personal information from children using their weight loss app. As part of the proposed settlement, the defendants are required to, among other things: 1) update their procedures to ensure that they obtain verifiable parental consent before collecting personal information from children, 2) destroy all of the personal information they obtained in violation of COPPA as well as any models or algorithms based on that information, and 3) pay a civil penalty of $1.5 million.
Continue Reading FTC Settles with Weight Watchers in First Children’s Privacy Case Requiring Deletion of Algorithms

So you’re a fintech startup, buying a fintech company, or expanding the technical capabilities of your financial business. Or you’re a tech company that is getting into the payments space. Where do you start when it comes to figuring out what consumer protection laws apply to you? You should be aware that, for the past several years, the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) have been actively enforcing consumer protection laws in the fintech space. For example, the FTC has recently brought cases involving an online lender that allegedly charged undisclosed fees, a mobile banking app that falsely promised high interest rates and 24/7 access to funds, promoters of cryptocurrency money-making schemes, and tech platforms offering in-app purchases. The CFPB most recently shuttered a VC-backed online lender for false advertising related to interest rates and loan amounts. Earlier last year, the CFPB had obtained refunds and a civil penalty against a fintech company for enabling merchants to obtain loans for consumers without their authorization.
Continue Reading Fintech and Financial Privacy: Regulatory Developments on the Use of Financial Data

The U.S. Supreme Court’s April 2021 decision in the AMG matter significantly limited the Federal Trade Commission’s (FTC’s) ability to seek monetary redress for consumers under the FTC Act, relief the FTC had successfully obtained for over four decades. Since the Supreme Court announced its decision, the FTC has been deploying new strategies to return money to consumers harmed by unfair or deceptive practices and to otherwise deter such conduct through civil penalties. Companies should pay close attention to these strategies, as they provide a roadmap for future investigations and enforcement. These strategies include the following:
Continue Reading FTC Consumer Protection Remedies After the U.S. Supreme Court’s AMG Decision

On October 27, 2021, the Federal Trade Commission (FTC) released a final rule that updates the Safeguards Rule of the Gramm-Leach-Bliley Act (Final Rule). This Final Rule comes after the FTC sought comment on proposed changes to the Safeguards Rule in 2019 and held a public workshop in 2020.
Continue Reading FTC Releases Updated Safeguards Rule for Financial Institutions

Justices Considered Whether Certain Court-Imposed Monetary Remedies Are Legal

On Wednesday, January 13, 2021, the U.S. Supreme Court heard arguments in the much-anticipated case of AMG v. FTC, which challenges the Federal Trade Commission’s (FTC’s) authority to obtain monetary relief in court under Section 13(b) of the FTC Act. The Court’s decision is likely to have a significant impact on the relief the FTC is able to obtain in federal court proceedings.
Continue Reading U.S. Supreme Court May End Key FTC Consumer Protection Enforcement Practice

On June 30, 2020 the Federal Trade Commission (FTC) announced that it reached a settlement in its litigation against NTT Global Data Centers (formerly RagingWire Data Centers) over allegations that the company misled customers about its adherence to the EU-U.S. Privacy Shield framework.1 As part of the settlement, the cloud service provider is required to hire a third-party assessor to annually verify its compliance with the Privacy Shield if it chooses to participate in the framework.2 As noted by three commissioners, this order is “more protective of the Privacy Shield Principles than the 14 orders [the] Commission … has approved in prior Privacy Shield Cases.”3
Continue Reading FTC Announces Unusually Stringent Consent Order in Privacy Shield Case Settlement