FTC

Subscribe to FTC via RSS

The U.S. District Court for the Northern District of California recently issued a mixed ruling on D-Link Systems’ motion to dismiss in FTC v. D-Link Sys., Inc.1 D-Link sells routers and Internet protocol (IP) cameras that it markets as having good data security, including “the latest wireless security features to help prevent unauthorized access” and “the best possible encryption.”2 The Federal Trade Commission (FTC) filed a complaint against D-Link, alleging that the company’s products were in fact subject to “widely known and reasonably foreseeable risks of unauthorized access,” and that, among other things, D-Link failed to deploy “free software, available since at least 2008, to secure users’ mobile app login credentials.”3 The complaint alleges five claims for deceptive marketing practices and one count for unfair practices under Section 5 of the FTC Act.
Continue Reading Northern District of California Drops FTC Unfairness Claim Against D-Link Systems

The Federal Trade Commission (FTC) has settled its first-ever complaint against social media influencers for deceptive endorsements.1 According to the FTC’s complaint, Trevor “TmarTn” Martin and Thomas “Syndicate” Cassell, two influencers who have wide followings in the online gaming community, promoted an online gambling service called CSGO Lotto on YouTube and Twitter without disclosing that they jointly owned the company.2 The complaint also charges that they paid other gaming influencers thousands of dollars to promote the service on social media platforms, while prohibiting them from saying anything that might impair its reputation.3
Continue Reading FTC Steps Up Scrutiny of Social Media Marketing

On September 5, 2017, the Federal Trade Commission (FTC) announced that it and 32 state attorneys general had settled charges with Lenovo regarding the company’s practice of pre-loading software on its laptops that compromised consumers’
Continue Reading Lenovo Settles FTC Charges Regarding Pre-Installed Software That Compromised Consumers’ Cybersecurity and Privacy

On August 15, 2017, the Federal Trade Commission (FTC) announced that it had reached an agreement with Uber Technologies to settle allegations that the ride-sharing company had deceived consumers by failing to live up to its privacy and data security promises.1 Specifically, the FTC levied two deception counts against Uber: (1) that the company had failed to consistently monitor and audit internal access to consumers’ personal information, despite public promises to do so; and (2) that the company had failed to provide reasonable security for consumers’ personal information stored in its databases, despite its security promises. Under the resulting proposed consent order, Uber will be prohibited from misrepresenting how it monitors or audits internal access to consumers’ personal information and how it protects and secures that data. Uber will also be required to implement a comprehensive privacy program that will be subject to independent biennial audits for the next 20 years, and will need to comply with the standard set of consent order recordkeeping and compliance reporting and monitoring requirements.
Continue Reading Key New Takeaways from Uber’s Privacy and Data Security Settlement with the FTC

On July 3, 2017, the Federal Trade Commission (FTC) announced that it had settled charges that defendants Blue Global, an operator of dozens of consumer loan lead generation websites, and its founder and CEO, Christopher Kay, violated the FTC Act. The FTC alleges that the defendants had, among other practices, misled consumers about Blue Global’s data security practices and shared information characterized by the FTC as consumers’ “sensitive personal information” with a variety of potential bidders after promising to disclose such information only to “trusted lending partners” meeting specified criteria. As part of the settlement, the defendants are subject to a judgment for more than $104 million,1 must maintain stringent oversight of third-party recipients of consumers’ sensitive personal information, and are enjoined from disclosing a consumer’s sensitive personal information other than when specified conditions, including having obtained that consumer’s express, informed consent, are met.
Continue Reading FTC Cracks Down on Lead Generation Company’s Indiscriminate Sharing of Consumers’ Sensitive Data

As connected devices become ubiquitous, it comes as no surprise that interactive toys that connect to the internet are more popular than ever. At the same time, regulators have taken note of the privacy and security concerns raised by lawmakers and privacy advocates about the proliferation of smart toys that collect personal information from kids. Recent guidance issued by both the Federal Trade Commission (FTC) and the Federal Bureau of Investigation (FBI) suggests that the agencies may be taking a closer look at the rapidly expanding connected toy market, a small part of the largely unregulated “Internet of Things.”
Continue Reading Hello, Dolly: What You Need to Know About Connected Smart Toys and Privacy