“Do What You Say and Say What You Do” — The FTC’s Settlement with Uber

Share
  • Settlement reaffirms the importance for companies to deliver on to the privacy and security promises made to consumers
  • Settlement is yet another reminder of one of the most important components of good data security – controlling access to sensitive information.

The Federal Trade Commission (“FTC”) announced, subject final approval after a 30-day comment period, a consent order with Uber Technologies (“Uber”) settling allegations that Uber misrepresented the extent to which it monitored its employees’ access to personal information about users and drivers and that it took reasonable steps to secure such information.  The consent agreement does not contain monetary penalties, but does prohibit Uber from misrepresenting its privacy and security practices and requires that Uber establish a comprehensive privacy program that includes an independent third-party audit every two years for the next 20 years. The FTC’s complaint highlights practices that the FTC finds fail to provide reasonable security when utilizing the services of a third-party could storage service, Amazon Web Services (“AWS”).

Continue reading ““Do What You Say and Say What You Do” — The FTC’s Settlement with Uber”

FTC Updates COPPA Guidance to Approve New Parental Consent Methods; Clarify Obligations for Sites not Primarily Targeting Children

Share

The Federal Trade Commission (FTC) has updated its guidance applicable to the Children’s Online Privacy Protection Act (COPPA) to reflect developments in the digital advertising ecosystem and a burgeoning Internet of Things marketplace. The Guidance revises its six-step compliance plan to keep current with developing technology.

The Guidance, which had existed in substantially the same form since 2015, contains three new updates relating to new methods for obtaining parental consent, new products covered by COPPA, and new business models.

Continue reading “FTC Updates COPPA Guidance to Approve New Parental Consent Methods; Clarify Obligations for Sites not Primarily Targeting Children”

And the Winner is….. FTC Announces Winner of IoT Home Device Security Contest

Share

Earlier this year the FTC launched the IoT Home Inspector Challenge competition to challenge innovators to create a tool that will help protect consumers from security vulnerabilities in the software of home IoT devices.  Submissions were received in May and reviewed by a panel of five judges, including security experts from a range of private companies, universities and the government.  The FTC announced the winners on July 26, 2017.
Continue reading “And the Winner is….. FTC Announces Winner of IoT Home Device Security Contest”