By: Jessica Rich, Director, Bureau of Consumer Protection | Jan 28, 2016 2:54PM
At the Federal Trade Commission, we’ve been very public about how we feel about privacy: we want consumers to enjoy the benefits of innovation in the marketplace, confident that their personal information – online and offline – is being handled responsibly.
Today is Data Privacy Day and, marking the occasion, we’re releasing our 2015 Privacy and Data Security Update, highlighting the initiatives we undertook last year to meet that goal, including law enforcement, reports, public workshops, educational efforts, and international cooperation.
Our initiatives last year included launching IdentityTheft.gov, a new resource to help people report and recover from identity theft. Just this week, we enhanced the website. Identity theft victims now can get free, interactive personal recovery plans, step-by-step guidance, and pre-filled letters and forms to speed their recovery.
You can spread the news about IdentityTheft.gov to your employees, customers, and communities. Identity theft can be financially and emotionally overwhelming for its victims. It makes good business sense to help victims get into the fast lane on the road to recovery.
Identity theft is just one of the challenges we see in the privacy and data security arena, where new and emerging technologies have created an environment in which data is collected from consumers wherever they go, often invisibly and without their knowledge.
In 2015, we brought or resolved enforcement actions against:
- companies that we charged failed to secure consumers’ personal information, including Oracle; Wyndham; and Lifelock;
- businesses that we alleged misused consumers’ information, such as Sequoia One and CWB Services, LLC, or tricked seniors and others into disclosing their financial information, like Pairsys, Inc. and Click4Support, LLC; and
- organizations that we alleged violated children’s privacy, including Retro Dreamer and LAI Systems.
We also hosted workshops and issued reports on cutting-edge issues such as the Internet of Things, cross-device tracking, and online lead generation. Earlier this month we hosted PrivacyCon, a first-of-its kind FTC event examining pioneering research and trends in protecting consumer privacy and security.
To guide businesses that want to avoid data security pitfalls, we’ve offered an answer: Start with Security. It’s our latest business outreach campaign and includes a guide for businesses that summarizes the lessons learned from the FTC’s 50+ data security settlements, as well as videos and conferences that bring business owners and developers together with industry experts to discuss data security.
Each of our projects in the privacy and data security arena has been informed by a central message: even in the face of rapidly changing business models and technologies, companies still need to follow fundamental privacy principles, including:
- Don’t collect or retain more data than you reasonably need;
- Tell consumers how you plan to use and share their data;
- Give consumers choices about their privacy; and
- Protect data from unauthorized access.
We’re committed to working with businesses to protect consumers’ privacy in this increasingly digital era. Please take some time to review the Start with Security messages and IdentityTheft.gov, and see how they might fit into your company’s plans for 2016. And if you want more details about the FTC’s activities, check out the 2015 Privacy and Data Security Update.
Add new comment
Privacy Act Statement
It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.
Comments
Ahsanrauf replied on Permalink
It's really good work
senseless replied on Permalink
Without reading the suggested reports, I have a concern that seems obvious it would be on everyone's mind. If we adopt "start with security" guidelines in our effort to collect only the data needed, and the data collected is later breached and exploited, can we hold collection companies accountable for failing to protect sensitive information. Are there guidelines or schedules regarding upgrades to reinforce sensitive info on company servers. And finally, with technology moving as fast as it does, can anyone really ever feel "protected" completely.
Mike Kivo replied on Permalink
You need to investigate Allen & Withrow Attorneys at law because they represent PORTFOLIO RECOVERY ASSOCIATES, LLC. And they sue one person after another. They are JunkDebtCollectors. And the circuit court in North Little Rock, Arkansas is bogged down with this attorneys office filing so many complaints. They have been harassing me in court since 2014 ! They are asking me to sign paper work giving them my social security number, all bank accounts,band deposits,canceled checks and on and on. I am 70 years odl. And am disabled. My wife is disabled and suffers severe panic attacks. I HAVE NEVER TAKEN OUT A CREDIT CARD FROM A BANK EVER!! They are the Plaintiff and it is their job to prove their case. Instead they are trying to make me the Plaintiff prove their case for them. This is just not right! The burden of proof lays on the PLAINTIFF! They are Allen & Withro Attorneys at law 12410 Cantrell Suite 100, Little Rock , Arkansas Phone number (501) 227- 2000. FAX # ( 501 ) 707-1214. PLEASE INVESTIGATE THIS COMPANY. They are a third party JUNKDEBTCOLLECTOR. AND PORTFOLIO RECOVERY ASSOCIATES LLC After banks have written on things and been paid by their insurance Co. Allen and Withro are buying these debts for penny's on the dollar. And collecting on most of them because most people do not even fight them
John Adam replied on Permalink
Awesome Post Jessica,
Cyber Security & Data Protection is must. I am small business owner and I have faced that situation when I had lost my 70% customer data than I realized importance of data protection and online security than I have read too many articles and blogs on this issue. Now I am using a Business VPN for my business activity security and for online data protection. Its very cheap and secure.