Blog Posts Tagged with Privacy and Security
When it comes to data security, what’s reasonable will depend on the size and nature of your business and the kind of data you deal with. But certain principles apply across the board: Don’t collect sensitive information you don’t need. Protect the information you maintain. And train your staff to carry out your policies.
Internet of Things entrepreneurs are developing products to help keep households running smoothly. But like anyone else you invite into your home, it’s important that IoT devices – appliances, fitness monitors, home security systems, etc. – behave like good houseguests. Out-of-date software can pose a particular problem. One IoT device without software updates can present its own security risks, of course, but it also can introduce vulnerabilities elsewhere on the home network.
Legend has it that King Arthur gathered his knights at a round table. Because the table had no head, it signaled that everyone seated at it was respected, and their contributions were welcome. At the FTC, we love the concept of a round table. It's a way to bring together stakeholders for a mutually beneficial discussion.
Our job at the Bureau of Consumer Protection is to protect consumers by enforcing the FTC Act’s prohibition on deceptive and unfair practices. It’s important that we carry out that mission effectively and efficiently.
Pork Chop Hill Road, Screaming Eagle Boulevard, Hell on Wheels Avenue, or my former home on Patton Drive. If those street names sound familiar, chances are you’re a servicemember, a veteran, or part of a military family. July is the Month of the Military Consumer and the FTC has resources to help keep members of the military fiscally fit and scam savvy – and a tip for businesses that do business with military consumers.
There’s been a lot of talk about “ping trees” and other activities associated with the lead generation industry. The FTC’s concern is that consumers don’t get ponged in the process. A proposed settlement gives a glimpse into how one lead generation company operated and offers insights for businesses about compliance considerations when the “product” in question is consumers’ personal data.
The FTC-NHTSA Connected Cars workshop is revving up – and you can watch from where you are. Experts are gathering in Washington right now to discuss the consumer privacy and security issues posed by automated and connected motor vehicles.
If you own or operate gas stations, chances are you know about skimmers – illegal card readers attached to payment terminals, like gas pumps, that grab data off a credit or debit card’s magnetic stripe without the customer’s knowledge. Criminals sell the stolen data or use it to buy things online. If your pumps are compromised, customers won’t know their information has been stolen until they get an account statement or overdraft notice.
Customers aren’t only victims here. Your business can suffer from the associated costs, including a damaged reputation and lost sales.
Is the Children’s Online Privacy Protection Rule a consideration at your company? We’ve updated our guidance for businesses about complying with COPPA to reflect developments in the marketplace – for example, the introduction of internet-connected toys and other devices for kids.
Ladies and gentlemen, start your engines. The FTC and the National Highway Traffic Safety Administration have announced the agenda for their joint workshop on the consumer privacy and security implications of connected cars. If this emerging tech issue is of interest to your clients, race to Washington (within the lawful speed limit, of course) to attend the event on Wednesday, June 28, 2017.
With schedules changing as frequently as they do, we can’t be sure what’s on tap for tomorrow. But we already know where we’ll be on Wednesday, February 28, 2018. We’ll be at the FTC’s third PrivacyCon – a gathering of researchers, academics, industry members, consumer advocates, and government representatives talking about the privacy and security implications of emerging technologies.
Here’s the story of a database of sensitive consumer information – names, addresses, phone numbers, email, and payment information – posted on a site frequented by (among others) hackers. It took just minutes before identity thieves tried to make unauthorized use of the information. But this tale of stolen credentials is full of surprises, including who posted the data.
It’s the thread that connects Alexandre Dumas’ The Man in the Iron Mask, the title character in The Talented Mr. Ripley, Don Draper’s back story in Mad Men – and an event scheduled for May 24, 2017, at the FTC.
It’s identity theft.
When scammers and hackers attack small businesses, it hurts not only the businesses’ reputations and bottom line, but also the integrity of the marketplace. Today, FTC Acting Chairman Maureen Ohlhausen announced a new FTC website, FTC.gov/SmallBusiness, to help business owners avoid scams, protect their computers and networks, and keep their customers’ and employees’ data safe.
If your company gets background information on prospective employees, it’s likely you’re covered by the Fair Credit Reporting Act. Before you get a background screening report, the law requires that you make certain disclosures and get a prospective employee’s authorization. Is it time for a FCRA compliance check?
It’s wise to maintain a reasonable speed: 1) when you’re behind the wheel; or 2) when you’re preparing your public comments for the June 28, 2017, workshop on connected cars hosted by the FTC and the National Highway Traffic Safety Administration. That’s why we’re extending the deadline for your feedback to Monday, May 1st.
You often hear the FTC described as America’s top cop on the privacy beat. We’re not the only agency working on privacy and data security issues, of course, but we have the broadest jurisdiction. And for more than 20 years, we have used it thoughtfully and forcefully to protect consumers even as new products and services emerge and evolve.