DBR ON DATA

Security, Privacy and Information Governance

Tag: Data Security

FTC Opens Comment Period in Preparation for Competition and Consumer Protection in the 21st Century Hearings

Share

The Federal Trade Commission has opened up public comments for their upcoming Hearings on Competition and Consumer Protection in the 21st Century.

The hearings will take place during the fall and winter 2018 and will examine “whether broad-based changes in the economy, evolving business practices, new technologies, or international developments might require adjustments to competition and consumer protection enforcement law, enforcement priorities, and policy,” according to the FTC website. FTC Chairman Joe Simons said in a statement that the hearings are modeled after former Chairman Bob Pitofsky’s 1995 Global Competition and Innovation Hearings, which at the time “re-energized one of the FTC’s most valuable functions – to gather leaders in business, economics, law, and related disciplines to discuss tough, emerging problems and prepare public reports on the facts, issues, governing law, and the need, as appropriate, for change.”

Continue reading

FTC Staff Provides Recommendations to Consumer Product Safety Commission on IoT Safety

Share

In March 2018, the Consumer Product Safety Commission (CPSC) issued a Notice of Public Hearing and Request for Written comments on The Internet of Things on Consumer Product Hazards.  The CPSC expressed interest regarding existing safety standards on existing IoT devices, how to prevent hazards, and the role of government in the effort to promote IoT safety.

Continue reading

Eleventh Circuit Vacates FTC LabMD Order but Does Not Challenge FTC Authority

Share

The U.S. Circuit Court of Appeals for the 11th Circuit vacated the LabMD Federal Trade Commission order but did not challenge the Commission’s ability to use its unfairness authority to challenge inadequate data security practices in  a closely watched case that tested the commission’s enforcement powers.

Continue reading

Data Security Concerns Continue in 2018 – Survey Provides New Insight

Share

A vast majority of companies report feeling vulnerable to data breaches and security threats, according to a recent report published by a data security provider and information technology advisory company. It is predicted that companies are planning on spending more than ever before to protect themselves in 2018.

The report, published by Thales eSecurity and 451 Research, summarizes the surveyed responses of more than 1,200 senior security executives employed in the U.S., U.K., Germany, Japan, Sweden, the Netherlands, Korea, and India. Of these respondents, more than one-third had major influence on security-decision making, and nearly half had sole-decision making authority.

Continue reading

Mark your calendars! FTC Workshop on Information Injury set for December

Share

The Federal Trade Commission’s (FTC) Bureaus of Consumer Protection and Economics will host a workshop to examine consumer injury in the context of privacy and data security on Dec. 12, 2017.   Consumer injury is often difficult to quantify generally and especially challenging when there are allegations of a privacy or data security breach or other types of unauthorized access to personal information.  The FTC’s workshop will explore how to measure accurately such injuries; what frameworks might be used to assess different injuries as well as how consumers and businesses evaluate the benefits and costs associated with providing, collecting and using personal information.

Continue reading

“Do What You Say and Say What You Do” — The FTC’s Settlement with Uber

Share
  • Settlement reaffirms the importance for companies to deliver on to the privacy and security promises made to consumers
  • Settlement is yet another reminder of one of the most important components of good data security – controlling access to sensitive information.

The Federal Trade Commission (“FTC”) announced, subject final approval after a 30-day comment period, a consent order with Uber Technologies (“Uber”) settling allegations that Uber misrepresented the extent to which it monitored its employees’ access to personal information about users and drivers and that it took reasonable steps to secure such information.  The consent agreement does not contain monetary penalties, but does prohibit Uber from misrepresenting its privacy and security practices and requires that Uber establish a comprehensive privacy program that includes an independent third-party audit every two years for the next 20 years. The FTC’s complaint highlights practices that the FTC finds fail to provide reasonable security when utilizing the services of a third-party could storage service, Amazon Web Services (“AWS”).

Continue reading

© 2018 Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

Disclaimer/Privacy Policy