In just a few years, the FTC’s PrivacyCon has become an Information All-Star Game, complete with panels as high-flying or power-hitting as the Slam Dunk Contest or Home Run Derby. (OK. High-flying and power-hitting if you’re a researcher, academic, or advocate interested in data security and consumer privacy.) The FTC just announced the agenda for the fourth annual PrivacyCon on June 27, 2019. Consult your calendar and save the date.
Blog Posts Tagged with Privacy and Security
The domino principle. The ripple effect. The butterfly phenomenon. Apply the analogy of your choice to describe what happens when one software developer’s allegedly lax security practices result in the breach of confidential customer information maintained by multiple businesses that use the software.
Racing to finish your comment about proposed changes to the Safeguards Rule by the impending deadline? You can take a breather because the FTC has extended the deadline by 60 days.
It’s National Small Business Week, a time when we celebrate the businesses that make our communities thrive. For the FTC, it’s an opportunity to let business owners know that when it comes to protecting your business from cyber threats, you’re not alone. The federal government has resources to help you address common cyber threats and create a culture of cybersecurity at your company. The materials at FTC.gov/Cybersecurity were introduced last year in cooperation with DHS, NIST, and the SBA.
Kids love to play dress-up, but parents wouldn’t want them rummaging through the attic or climbing to the top shelf of the wardrobe without permission and proper supervision. The i-Dressup.com website offered users – including children – a virtual way to play dress-up and design clothes without those potential dangers.
Suppose a lunch companion says, “I think there’s something wrong with this tuna salad.” To determine if the problem is tuna not to their taste vs. tuna gone bad, would you scarf it down? Probably not. Now remove tuna salad from the example and substitute a web browser extension. (Stay with us here.) Let’s say you’ve been warned that an unknown extension could be used for fraud. Should you download it and let it marinate in your company’s network?
We do our best to keep the puffery in check. So when we say an event features a star-studded line-up of panelists, we think we can substantiate that claim. The FTC’s ongoing Hearings on Competition and Consumer Protection in the 21st Century have brought luminaries together to discuss the impact on the FTC’s mission of broad-based changes in the economy, evolving business practices, and tech developments.
The FTC focuses most of its time and attention on protecting consumers and promoting competition. Every so often, we stop and take stock. For example, check out our just-released Annual Highlights for a detailed round-up of some of the FTC’s 2018 consumer protection accomplishments.
If you sell genetic testing kits to consumers, you’re probably familiar with the Genetic Information Nondiscrimination Act (GINA), which prohibits discrimination on the basis of genetic information under some circumstances. You’re also familiar with the Health Insurance Portability and Accountability Act (HIPAA), which protects health information collected by certain types of entities. Then there are laws enforced by the FDA and the Centers for Disease Control and Prevention that pertain to genetic testing kits.
Looking to take a deep dive into the breadth and depth of the FTC’s approach to consumer privacy and data security in the past year? The FTC’s website, including the Business Center, has what you need. But what if you or your clients prefer an at-your-fingertips digest of developments in 2018? We’re got that covered, too.
The FTC’s ability to obtain information through subpoenas and civil investigative demands (CIDs) is critical to the task of investigating potential law violations. The FTC uses this authority deliberately and responsibly, avoiding unnecessary burdens on businesses and individuals and consistent with our obligations to enforce the law.
When it came to designing the FTC’s Cybersecurity for Small Business campaign, you called the shots. We hosted round tables across the country and listened to what business owners had to say. You told us you wanted: 1) No-nonsense advice that’s easy to implement; and 2) Consistent guidance from the different federal agencies that deal with cyber threats and data security.
Every year, millions of consumers tell us – and our partners – about the frauds they spotted. In 2018, we heard from 3 million people and learned a lot from the reports entered into our Consumer Sentinel database. Here are some notable facts from the Consumer Sentinel Network’s 2018 Data Book – including that a new category of scams has earned the unenviable right to chant "We’re #1."
We’ll confess to singing along to a Stevie Nicks song or doing an air guitar solo when no one’s looking. But some people take their lip syncing to the next level. More than 200 million people – 65 million of them in the U.S. – downloaded the Musical.ly app. It gave users a platform to create videos and synchronize them with popular songs. It also allowed users to interact directly with each other. That may sound like fun for aficionados, but it raises concerns for parents, especially given public reports that adults have used the Musical.ly app to contact children.
Punching a time clock in and out isn’t how small businesses run these days. Employees are on the road, others are working from home, vendors are accessing your data at off hours – and you’re generating ideas 24/7. How do you maintain high security standards when employees and others may need to connect to your network remotely from a variety of devices? When we met with small business owners across the country, that question came up a lot.
Your website is the online face of your business. Some companies have the in-house capability to manage their web presence. Others hire a web host to handle it for them. When launching a new business or upgrading their site, savvy business owners comparison shop for web hosting services. At the top of your shopping list should be the security features built into what you’re buying.
As a business person, you know about phishing, of course. At first glance, the email looks like it comes from a recognized company, complete with a familiar logo, slogan, and URL. But it’s really from a cyber crook trying to con consumers out of account numbers, passwords, or cash. In addition to the serious injury these scams inflict on consumers, there’s another victim of phishing: the reputable business whose good name was stolen by the scammer.
Steely Dan may be one of the best duos of the rock era. (Sorry, Donnie and Marie fans.) Their song “Hey Nineteen” reminds us to mention some FTC consumer protection developments that could be of interest to your company or clients in 2019. As “Any Major Dude Will Tell You,” when you’re “Reelin’ in the Years” – or at least recapping the past one – consider this non-exhaustive and in-no-particular-order case compilation.
Not many small businesses do business these days without the services of third-party vendors, some of whom have access to your company’s sensitive information. Even if you run a tight cybersecurity ship, what happens if your accountant loses a laptop or the payroll company that connects to your network experiences a security breach? Your business could be in jeopardy, of course, but that’s not all.
An employee gets a phone call, pop-up, or email warning about a problem with the office computer. In an effort to be helpful – or perhaps concerned they clicked on something that caused the glitch – the employee follows instructions to send money, turn over personal information, or provide access to your system. As a small business owner, you know it’s a tech support scam, but are you sure every member of your team has the savvy to spot it?