Internet of Things entrepreneurs are developing products to help keep households running smoothly. But like anyone else you invite into your home, it’s important that IoT devices – appliances, fitness monitors, home security systems, etc. – behave like good houseguests. Out-of-date software can pose a particular problem. One IoT device without software updates can present its own security risks, of course, but it also can introduce vulnerabilities elsewhere on the home network.
Blog Posts Tagged with Data Security
Legend has it that King Arthur gathered his knights at a round table. Because the table had no head, it signaled that everyone seated at it was respected, and their contributions were welcome. At the FTC, we love the concept of a round table. It's a way to bring together stakeholders for a mutually beneficial discussion.
The FTC-NHTSA Connected Cars workshop is revving up – and you can watch from where you are. Experts are gathering in Washington right now to discuss the consumer privacy and security issues posed by automated and connected motor vehicles.
If you own or operate gas stations, chances are you know about skimmers – illegal card readers attached to payment terminals, like gas pumps, that grab data off a credit or debit card’s magnetic stripe without the customer’s knowledge. Criminals sell the stolen data or use it to buy things online. If your pumps are compromised, customers won’t know their information has been stolen until they get an account statement or overdraft notice.
Customers aren’t only victims here. Your business can suffer from the associated costs, including a damaged reputation and lost sales.
Ladies and gentlemen, start your engines. The FTC and the National Highway Traffic Safety Administration have announced the agenda for their joint workshop on the consumer privacy and security implications of connected cars. If this emerging tech issue is of interest to your clients, race to Washington (within the lawful speed limit, of course) to attend the event on Wednesday, June 28, 2017.
With schedules changing as frequently as they do, we can’t be sure what’s on tap for tomorrow. But we already know where we’ll be on Wednesday, February 28, 2018. We’ll be at the FTC’s third PrivacyCon – a gathering of researchers, academics, industry members, consumer advocates, and government representatives talking about the privacy and security implications of emerging technologies.
Here’s the story of a database of sensitive consumer information – names, addresses, phone numbers, email, and payment information – posted on a site frequented by (among others) hackers. It took just minutes before identity thieves tried to make unauthorized use of the information. But this tale of stolen credentials is full of surprises, including who posted the data.
It’s the thread that connects Alexandre Dumas’ The Man in the Iron Mask, the title character in The Talented Mr. Ripley, Don Draper’s back story in Mad Men – and an event scheduled for May 24, 2017, at the FTC.
It’s identity theft.
You’ve probably heard about the ransomware attack affecting organizations’ computer systems around the world. Here’s the best thing your company can do to avoid it: Update your operating system and other software. Now.
When scammers and hackers attack small businesses, it hurts not only the businesses’ reputations and bottom line, but also the integrity of the marketplace. Today, FTC Acting Chairman Maureen Ohlhausen announced a new FTC website, FTC.gov/SmallBusiness, to help business owners avoid scams, protect their computers and networks, and keep their customers’ and employees’ data safe.
It’s wise to maintain a reasonable speed: 1) when you’re behind the wheel; or 2) when you’re preparing your public comments for the June 28, 2017, workshop on connected cars hosted by the FTC and the National Highway Traffic Safety Administration. That’s why we’re extending the deadline for your feedback to Monday, May 1st.
Commercial cross-border data flows continue to grow in our internet-enabled economy. These data flows, often involving personal data, support innovative new business services and consumer products. At the same time, they raise questions of how to protect privacy across borders. Various mechanisms help both businesses and consumers with this challenge. One in which the FTC plays a key role is the EU-U.S. Privacy Shield.
In the 80s, the appropriately-named group The Cars asked the musical question, “Who’s gonna drive you home?” The FTC and the National Highway Traffic Safety Administration are hosting a workshop on June 28, 2017, to examine the consumer privacy and security implications of automated and connected motor vehicles. The questions won’t be of the musical variety, but we have a list of them and welcome your input.
Businesses often ask: “If I comply with the NIST Cybersecurity Framework, am I complying with what the FTC requires?” Maybe you read our blog explaining how the NIST Cybersecurity Framework relates to the FTC’s work on data security? Now, check out this related video featuring Andrea Arias, an attorney in the FTC’s Division of Privacy and Identity Protection.
Financial technology remains a hot topic for consumers, offering the possibilities of increased convenience and access to financial services at a lower cost. As part of its FinTech Forum series, the FTC continues to promote public discussion of the ways in which innovative FinTech services – many provided by non-banks and technology companies within the FTC’s jurisdiction – can benefit consumers and the potential issues for stakeholders to keep in mind.
Today kicks off National Consumer Protection Week, but what the FTC does to protect consumers is only part of the story. We also work hard to help small business get down to business. Here are just a few examples of what we’re doing to protect your business from deceptive practices.
When internet fraudsters mimic a legitimate business to trick consumers into giving out their personal information, it’s called phishing. It’s not just a problem for consumers, but for the companies the scammers are impersonating too. The FTC has long provided advice to consumers about steps they can take to avoid phishing scams. But what should you do if customers contact your company upset that they responded to a phishing email from a scammer impersonating your legitimate business?
Phishing emails can harm businesses whose identities are spoofed. Don’t want that to happen to your business? Read the new Staff Perspective from our Office of Technology, Businesses Can Help Stop Phishing and Protect their Brands Using Email Authentication.
To facilitate the transfer of data, many U.S. companies that do business internationally participate in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules (CBPR) system. It’s voluntary, of course, but if companies say they participate, that representation – like other objective claims – must be truthful. That’s the lesson of three proposed settlements just announced by the FTC.