As adage-writers go, whoever penned, “Sticks and stones will break my bones, but words will never hurt me,” should have looked for another line of work. And, the writer should have hoped that prospective employers wouldn’t spot a promotion for MyLife.com, saying they could see the writer’s criminal and sexual offender records by subscribing to MyLife’s background reports.
Blog Posts Tagged with COPPA safe harbor + Privacy and Security + Children's Privacy
Maybe it’s the influence of that best-selling book on home organization or perhaps the silos of stuff in our makeshift home offices are becoming more noticeable. Either way, people are in a decluttering mood – and we are, too. Our recent project: updating and streamlining Complying with COPPA: Frequently Asked Questions, known as the COPPA FAQs. But not to worry. The revisions don’t raise new policy issues and our COPPA Rule review continues.
“Curtain up. Light the lights.” The FTC’s fifth PrivacyCon begins tomorrow, July 21, 2020, at 9:00 AM Eastern Time. Set a reminder now to join in from wherever you are. The virtual event will bring together global experts to share their latest research on consumer privacy and security, including topics like health apps, bias in AI algorithms, the Internet of Things, international privacy, and so much more.
Information Security and Financial Institutions: An FTC Workshop to Examine the Safeguards Rule – a virtual event to consider the future of the Rule – is on now. Watch from the LIVE WEBCAST link on the event page. In addition, FTC staff is tweeting from @FTC using the hashtag #SafeguardsFTC.
Financial institutions collect personal information from customers every day, from names and addresses to bank account and Social Security numbers. The Gramm-Leach-Bliley Act’s Safeguards Rule requires those institutions to develop, implement, and maintain a comprehensive information security program. As part of its regulatory review process, the FTC has proposed changes to the Rule.
The FTC’s administrative litigation against NTT Global Data Centers Americas, Inc., just ended with a proposed settlement – and an important compliance message for companies that claim participation in the EU-U.S. Privacy Shield framework.
During this pandemic, preserving public health has, rightly, been our nation’s top concern. But a lively debate has arisen during this time about whether that top priority necessarily means that other values – such as privacy – need to give way. If tracking people’s location will facilitate contact tracing and enforcement of shelter-in-place mandates, do we give governments and commercial partners carte blanche to track our whereabouts? Will enforcing longstanding privacy requirements impede the flow of life-saving public health information?
For businesses, cloud services are kind of like clouds. At their best, they can be soothing and expansive. But for companies that fail to appreciate the security implications, their ethereal presence may hide dangerous storms within. As cloud computing has become business as usual for many businesses, frequent news reports about data breaches and other missteps should make companies think carefully about how they secure their data.
An FTC complaint against Kohl’s Department Stores alleges the retailer violated the Fair Credit Reporting Act by refusing to provide victims of identity theft with complete records of questionable transactions – a right the FCRA guarantees to victimized consumers. The $220,000 settlement is a reminder to other companies to rethink their approach to that provision of the law.
A large-scale scam involving phony unemployment benefits claims has been making headlines. Criminals, possibly based overseas, are filing claims for benefits, using the names and personal information of people who have not lost their jobs. The investigation is ongoing, but this much is known: the fraud is affecting tens of thousands of people, slowing the delivery of benefits to people in real need, and costing states hundreds of millions of dollars.
Way back in Marketing 101, we learned that consumers factor a number of features into their purchase decisions: price, performance, product positioning, and personal preference, to name just a few. The FTC’s proposed settlement with game developer Miniclip serves as a reminder of another important alliterative consideration for many consumers: privacy.
Next on the FTC’s regulatory review calendar: the Health Breach Notification Rule. In place since 2009, the Rule requires vendors of personal health records and related entities that aren’t covered by HIPAA to notify individuals, the FTC, and, in some cases, the media when there has been a breach of unsecured personally identifiable health data.
As part of its regulatory review, the FTC announced earlier this year Information Security and Financial Institutions: An FTC Workshop to Examine the Safeguards Rule. If the Safeguards Rule is of interest to you or your clients, you’ll want to know about three new developments.
In these unprecedented times, the Commission is working on all fronts to stop pandemic-related scams or deception – and to warn consumers and businesses about them. But our work in other areas continues, too. Today, we’re taking a minute to take stock of some of the highlights from 2019.
Between social distancing and COVID-19 stay-at-home orders, companies are turning to video conferencing services to get down to business. While these services help you connect, they also pose new privacy and data security risks. Here are some tips to keep in mind before hosting or joining a video conference online:
“Social distancing,” “shelter-in-place,” “virtual happy hour”— these are some of the new expressions on everyone’s lips the past few weeks. For many, add “remote learning” to the list. Because of school closures, millions of students are now using online, education technology (or “ed tech”) services to engage in remote learning from home. And while this fills a vital need, it’s important to keep in mind that many of these ed tech services collect and use student’s personal information.
Headlines tout rapid improvements in artificial intelligence technology. The use of AI technology – machines and algorithms – to make predictions, recommendations, or decisions has enormous potential to improve welfare and productivity. But it also presents risks, such as the potential for unfair or discriminatory outcomes or the perpetuation of existing socioeconomic disparities. Health AI offers a prime example of this tension.
If your business makes “smart” devices, you’ll want to read about Tapplock’s settlement with the FTC. It’s one more example of why businesses in the Internet of Things (IoT) space need to think about privacy and security when designing connected products.