It’s Day 2 of the data security discussion, presented as part of the FTC Hearings on Competition and Consumer Protection in the 21st Century – and you can watch the webcast live.
Blog Posts Tagged with Tech
Take out your scheduler now and block out Thursday, June 27, 2019. That’s the date of the FTC’s fourth annual PrivacyCon and you’ll want to be in on the action.
The Cubs are in Los Angeles and the White Sox have the day off, but there’s still a lot happening in Chicago today. The FTC’s workshop Decrypting Cryptocurrency Scams is set to start at 1:00 PM Central Time at DePaul University. Speakers will explore how scammers are exploiting the interest in cryptocurrencies and what can be done to protect and empower consumers. Can’t make it to the Loop Campus this afternoon?
You can say this about scammers: They tend toward the trendy. As new products and services enter the marketplace, it’s not long before fraudsters find a way to exploit consumer interest in the innovation to make a quick buck. Cryptocurrencies are no exception, which is why the FTC is hosting a workshop in Chicago on June 25, 2018, Decrypting Cryptocurrency Scams.
In its August 2017 proposed consent agreement with Uber, the FTC alleged, among other things, that the company’s unreasonable security practices resulted in a May 2014 data breach. But there’s more to the story now. According to the FTC, Uber experienced another breach in the fall of 2016 – right in the middle of the FTC’s nonpublic investigation – but didn’t disclose it to the FTC until November 2017.
Every business wants to forge an ongoing relationship with their customers. That principle takes on special significance for mobile device manufacturers when they need to issue security patches for the operating system software on their phones and tablets. Once devices are in consumers’ hands, are they getting the patches they need to protect against critical vulnerabilities? Are companies deploying those patches in a timely fashion and for a reasonable length of time?
If you’ve been following the FTC’s lawsuit against AT&T alleging deceptive and unfair data throttling, there’s important news. A unanimous en banc decision of the United States Court of Appeals for the Ninth Circuit ruled in the FTC’s favor on a key issue involving the agency’s jurisdiction.
Right now DC is the place to be for people interested in the latest on consumer privacy and data security. The FTC’s third PrivacyCon begins at 9:15 ET on Wednesday, February 28, 2018, with opening remarks from Acting Chairman Ohlhausen. Like the first two PrivacyCons, this year’s event features many of the biggest names in the research world discussing their findings.
Advances in payment methods could end those open-wallet debates about who owes what for the pizza. But as innovative technologies change how people pay for things, established consumer protection principles apply. An FTC complaint against peer-to-peer payment service Venmo – now operated by PayPal – alleges that the company failed to disclose material information about the availability of consumers’ funds.
As a business person, you know that accessing the public Wi-Fi network in an airport lounge, coffee shop, or other location can be risky. Public networks aren’t very secure – or, well, private – and it could be easy for others to intercept your confidential business or personal data. But there are times when every executive has to be out and about. So what can you do to keep your mobile data private and secure? Some people use Virtual Private Network (VPN) apps to shield traffic from their mobile devices from prying eyes on public networks.
Engage, connect, protect was the theme of a series of Small Business Security Roundtables the FTC sponsored last summer. We listened to businesses talk about the challenges they face in securing sensitive information and fending off cyber threats. We also heard that they want concrete advice from the FTC. For example, how can a small company – especially one that may not have the in-house expertise to host its own website – get down to business while also addressing these concerns?
Blind Faith, Crosby Stills Nash & Young, Humble Pie, the Traveling Wilburys. Every musical genre has its supergroup, individual talents from other groups who come together to create something even more impressive. In the consumer privacy and data security world, we think the agenda for the FTC’s PrivacyCon 2018 reads like the line-up of one of those legendary supergroups. (Minus Eric Clapton – sorry.)
So you’ve received a Civil Investigative Demand (CID) from the Federal Trade Commission related to a consumer protection matter. Now what? We appreciate that it can be daunting for any company – especially a small business – and we want to be as transparent as possible about the process.
For college students building their resumes, that camp counselor gig is nice – but what about participating in a session at an international conference of privacy and data security experts?
The Wizard of Oz was right: “Pay no attention to the man behind the curtain.” That’s because according to an FTC settlement, computer company Lenovo should have been paying attention to the “man in the middle.” In this case, the “man in the middle” was preloaded ad-injecting software that put consumers’ personal information at risk from harmful man-in-the-middle attacks.
Internet of Things entrepreneurs are developing products to help keep households running smoothly. But like anyone else you invite into your home, it’s important that IoT devices – appliances, fitness monitors, home security systems, etc. – behave like good houseguests. Out-of-date software can pose a particular problem. One IoT device without software updates can present its own security risks, of course, but it also can introduce vulnerabilities elsewhere on the home network.
With schedules changing as frequently as they do, we can’t be sure what’s on tap for tomorrow. But we already know where we’ll be on Wednesday, February 28, 2018. We’ll be at the FTC’s third PrivacyCon – a gathering of researchers, academics, industry members, consumer advocates, and government representatives talking about the privacy and security implications of emerging technologies.
Here’s the story of a database of sensitive consumer information – names, addresses, phone numbers, email, and payment information – posted on a site frequented by (among others) hackers. It took just minutes before identity thieves tried to make unauthorized use of the information. But this tale of stolen credentials is full of surprises, including who posted the data.