Blog Posts Tagged with Privacy and Security

Pages

Is everything COPPA-setic on your site?

For some businesses, virtual worlds aren’t on their radar screen.  They have their hands full with this one, thanks.  But for more and more people — including kids — online virtual worlds have become a central place for gaming and other activities.  As the FTC’s recent $3 million settlement with Playdom and Howard Marks demonstrates, companies with an online presence need to take care to comply with the Children’s Online Privacy Protection Act and the

Nitro in the trunk?

The French movie classic “The Wages of Fear” — remade in 1977 as “The Sorcerer” by American director William Friedkin — was a taut thriller about a team of toughs transporting a payload of volatile nitroglycerine to a remote location in South America.  They meet with hazards along the way:  a rope bridge hanging by a thread over a flood-swollen river, a boulder blocking a twisted mountain path, and a stretch of road so pot-holed it’s called “The Washboard.”

Taken aback by a hack attack?

Busy business executives and the attorneys who represent them need to unwind now and then.  If PlayStation is your diversion-of-choice — or the choice of family members — you’ve probably heard the news that Sony’s PlayStation Network and Qriocity service were hacked and that user data may have been compromised.  It’s not clear right now what info was stolen, but the services held user IDs and passwords, email addresses, birth dates, street addresses, credit card numbers, expiration dates, and payment histories.  Are you taking steps to reduce the risk of ID theft as a result of the hack?  H

The FTC's settlement with Google: Part 4

Business practices at odds with promises in the company’s privacy policy. The failure to disclose adequately that the contacts with whom users emailed and chatted the most would become public by default. Confusing and hard-to-find controls to limit the sharing of personal info. False claims about adherence to the U.S.-EU Safe Harbor privacy framework.

Those were the allegations in the FTC’s complaint against Google. What changes will the agency’s proposed settlement bring about at the company?

The FTC’s settlement with Google: Part 2

According to the FTC’s recent settlement with Google, when people declined to sign up for Google Buzz, the company’s new social network, Google nonetheless enrolled them in certain features without their consent.

But what about people who clicked the link that said “Sweet! Check out Buzz”?  The FTC’s complaint alleged that they, too, weren’t adequately informed that certain information that had been private — including the people they chatted with or emailed most often — would be shared publicly by default.

Hacked Off by an Email Data Breach?

According to news reports, hackers recently accessed the database of Epsilon, a large marketing company that sends emails on behalf of banks, stores and other businesses.  Was your company an Epsilon client?  If so, the stolen information could make it easier for crooks to send emails that appear to be from your brand.

Here are a few things you can do to help your customers avoid a phishing attack that abuses your brand.

Welcome to Consumer University

As your customers' buying habits make clear, today’s consumer marketplace knows no borders.  That’s why the FTC and officials from nine Latin American countries are meeting in Washington, D.C., this week to consider the challenges of global consumer protection.

NCP Double-YOU

Break out the bubbly and raise a toast:  It's National Consumer Protection Week.  NCPW is an annual campaign sponsored by the FTC and nearly 30 other federal agencies, consumer groups, and advocacy organizations, in conjunction with state, county, and local government offices that are sponsoring events nationwide.  The goal?  To encourage consumers to take full advantage of their rights and make better-informed decisions.

Data Resellers Liable for Downstream Security Failures

Of course, no legitimate business would put out a welcome mat for crooks.  But as the FTC’s data security cases make clear, that’s the effect when companies fail to take reasonable steps to secure sensitive information in their possession — or data they allow others to access.  Three recent settlements with companies that resell credit reports illustrate that point.

Keeping it cool at WiFi hotspots

Whether you’re waiting to board an airplane or grabbing a quick cuppa at a neighborhood café, public wireless networks are a great way for busy professionals to keep connected.

Convenient?  Yes.  Secure?  Mmm, not so much.

Unfortunately, most hotspots don’t encrypt what goes over the internet.  So if you send email, manage your calendar, use social networks, or transmit financial data while using a public network, you make it easier for hackers to lift confidential info like user names, passwords, and account numbers.

New compliance resource for health care providers and health plans

If you work in the health care or HR field or have clients who do, you’ve probably run across it. A patient complains about a bill for medical services they didn’t receive. An employee who rarely goes to the doctor gets told they’ve reached the limit on their health benefits. Someone gets denied coverage because their medical records show a condition they don’t have.

Four Steps to Protecting Your Business from Con Artists

You've just opened an invoice for office supplies you didn't order or for a listing in a business directory. It’s the same invoice you got last week – but this one is stamped "Past Due." Perhaps one of your colleagues says there's someone hounding her on the phone, demanding payment for Internet services your business didn’t request. You refuse to pay, and the next thing you know, they're threatening to take you to court, or turn the bill over to a collection agency and ruin your credit.

Data Security: Copi-er That!

If your company keeps sensitive data like Social Security numbers, credit reports, account numbers, health records, or business secrets, you’ve probably instituted safeguards to protect that information, whether it’s stored in computers or on paper. That’s great.  But it’s time to take those safeguards a step further.

FTC’s EchoMetrix settlement: EULA-ppreciate this guidance on privacy disclosures

Parents are understandably concerned about keeping their kids safe online.  That’s why many moms and dads paid $3.99 a month for Sentry Parental Controls, software sold by EchoMetrix, Inc.  Once Sentry is installed on a computer, buyers can log into their online account to monitor activity on that computer, including web history, online chats, and password-protected IMs.

So far, so good.  But that wasn’t the only product marketed by EchoMetrix.

Pages