FTC Settlement with Zoom Concerning Alleged Data-Security Lapses

Share

On November 9, 2020, the United States Federal Trade Commission (FTC) announced that it had entered into a consent agreement, subject to final approval, with videoconferencing company Zoom Video Communications, Inc. (Zoom). The consent agreement settles allegations that Zoom engaged in a series of deceptive and unfair practices that undermined the security of its users. The Commission voted 3–2 to accept the settlement, with Commissioners Chopra and Slaughter voting no and issuing dissenting statements asserting that the FTC’s action did not go far enough.

While the FTC generally does not identify what triggers a law enforcement action, there have been many news articles and a number of class actions filed in connection with Zoom’s data-security practices over the past six months that likely led to this action.

Continue reading “FTC Settlement with Zoom Concerning Alleged Data-Security Lapses”

British Airways Faces Significantly Reduced £20M Fine for GDPR Breach

Share

At £20 million, the fine imposed on British Airways for its infringement of the General Data Protection Regulation is the biggest fine of its kind in the history of the U.K.’s Information Commissioner’s Office (ICO). Whilst markedly lower than the fine initially proposed, the process by which the revised figure was reached provides some interesting insights on the factors that regulators will take into account and is a clear sign that despite the current economic climate, the ICO is not afraid to enforce strict GDPR compliance.

For the full alert, visit the Faegre Drinker website.

New York’s New Data Breach Notification Law: What Businesses Should Know

Share

New York’s Stop Hacks and Improve Electronic Data Security Act, which went into effect on March 21, places a greater burden on regulated entities in responding to data breaches and expands the enforcement powers of the New York Attorney General’s office. In order to avoid penalties, businesses would be wise to ensure that they are in compliance with the new law.

For the full alert, visit the Faegre Drinker website.

Newly-Discovered Vulnerability Highlights the Security Concerns Surrounding Bluetooth Technology

Share

A recent report by researchers at the Helmholz Center for Information Security (CISPA), Singapore University of Technology and Design, and the University of Oxford has revealed that Bluetooth technology is vulnerable to a new type of hacking which allows for an attacker to carry out data theft on a Bluetooth-enabled device without the user’s knowledge or permission so long as the cyber-criminal is within Bluetooth range of the targeted device.

Continue reading “Newly-Discovered Vulnerability Highlights the Security Concerns Surrounding Bluetooth Technology”

An Update on Federal Policy Regarding Chief Data Officers and Data Governance: New OMB Memo

Share

The Office of Management and Budget (OMB) has issued a recent memorandum that moves the federal government forward in embracing the importance of the “governance” of data.

Continue reading “An Update on Federal Policy Regarding Chief Data Officers and Data Governance: New OMB Memo”

FTC Litigation with D-Link Ends with Comprehensive Settlement

Share

In 2017, the FTC filed a complaint against D-Link Systems, Inc. (D-Link) alleging that the Taiwan-based computer networking equipment manufacturer had taken inadequate security measures which left its wireless routers and Internet-connected cameras vulnerable to hackers. In early July, D-Link agreed to a settlement that includes a requirement that it implement a comprehensive software security program, and obtain biennial, independent third-party assessments of its software security program for 10 years.

Continue reading “FTC Litigation with D-Link Ends with Comprehensive Settlement”