April 2018

Where in the world? Warning letters address geolocation and COPPA coverage

Remember that public service announcement: “It’s 8:00. Do you know where your children are?” Technology has given parents tools for answering that question. But under the Children’s Online Privacy Protection Rule, online services touted as ways to keep kids connected need to comply with key parental notice and consent provisions of COPPA – especially when they’re collecting children’s geolocation. That’s the message of two warning letters just sent by FTC staff.

The FTC announces new cybersecurity education for small business

Last year, we heard from small business owners about their cybersecurity challenges at a series of roundtable discussions the FTC hosted with some of its partners. What we learned is that small business owners need and want information on how to keep their computer systems and business data safe. So we’re planning to provide that to them. Later this year, the FTC will launch a small business education campaign on cybersecurity, in partnership with other federal agencies.

FTC addresses Uber’s undisclosed data breach in new proposed order

In its August 2017 proposed consent agreement with Uber, the FTC alleged, among other things, that the company’s unreasonable security practices resulted in a May 2014 data breach. But there’s more to the story now. According to the FTC, Uber experienced another breach in the fall of 2016 – right in the middle of the FTC’s nonpublic investigation – but didn’t disclose it to the FTC until November 2017.