Business Blog

Maybe it’s the influence of that best-selling book on home organization or perhaps the silos of stuff in our makeshift home offices are becoming more noticeable. Either way, people are in a decluttering mood – and we are, too. Our recent project: updating and streamlining Complying with COPPA: Frequently Asked Questions, known as the COPPA FAQs. But not to worry. The revisions don’t raise new policy issues and our COPPA Rule review continues.

Information Security and Financial Institutions: An FTC Workshop to Examine the Safeguards Rule – a virtual event to consider the future of the Rule – is on now. Watch from the LIVE WEBCAST link on the event page. In addition, FTC staff is tweeting from @FTC using the hashtag #SafeguardsFTC.
 
 

Financial institutions collect personal information from customers every day, from names and addresses to bank account and Social Security numbers. The Gramm-Leach-Bliley Act’s Safeguards Rule requires those institutions to develop, implement, and maintain a comprehensive information security program. As part of its regulatory review process, the FTC has proposed changes to the Rule.

The FTC’s administrative litigation against NTT Global Data Centers Americas, Inc., just ended with a proposed settlement – and an important compliance message for companies that claim participation in the EU-U.S. Privacy Shield framework.

In the face of COVID-19, many small businesses are looking for help from the CARES Act’s Paycheck Protection Program. They may apply for PPP loans through Small Business Administration-authorized lenders and others the SBA has determined to be eligible. But there are concerns that some companies have falsely claimed an affiliation with the SBA or approved PPP lenders, or have represented untruthfully that people can get PPP or other SBA loans by applying on their sites.

FTC rules can have a substantial impact on businesses and on the everyday lives of consumers. As part of its ongoing review of existing rules, the FTC periodically seeks your input on whether a particular one still performs its desired function or if it’s been overtaken by changes in technology or the marketplace. Next in the review queue is a rule that’s been around for almost 50 years and the FTC is asking if it should be repealed.

During this pandemic, preserving public health has, rightly, been our nation’s top concern. But a lively debate has arisen during this time about whether that top priority necessarily means that other values – such as privacy – need to give way. If tracking people’s location will facilitate contact tracing and enforcement of shelter-in-place mandates, do we give governments and commercial partners carte blanche to track our whereabouts? Will enforcing longstanding privacy requirements impede the flow of life-saving public health information?

The beige envelope says IMPORTANT COVID-19 ECONOMIC STIMULUS DOCUMENT ENCLOSED. Inside – next to what appears to be the Great Seal of the United States – is the phrase COVID-19 STIMULUS (INDIVIDUAL) and a 16-digit serial number. The mailer also includes a check purporting to be from the “Stimulus Relief Program.” Is it official information affiliated with a COVID-19 economic stimulus program? We won’t leave you in suspense. It’s a car ad.

For businesses, cloud services are kind of like clouds. At their best, they can be soothing and expansive. But for companies that fail to appreciate the security implications, their ethereal presence may hide dangerous storms within. As cloud computing has become business as usual for many businesses, frequent news reports about data breaches and other missteps should make companies think carefully about how they secure their data.