In its August 2017 proposed consent agreement with Uber, the FTC alleged, among other things, that the company’s unreasonable security practices resulted in a May 2014 data breach. But there’s more to the story now. According to the FTC, Uber experienced another breach in the fall of 2016 – right in the middle of the FTC’s nonpublic investigation – but didn’t disclose it to the FTC until November 2017.
Blog Posts Tagged with Tech
Every business wants to forge an ongoing relationship with their customers. That principle takes on special significance for mobile device manufacturers when they need to issue security patches for the operating system software on their phones and tablets. Once devices are in consumers’ hands, are they getting the patches they need to protect against critical vulnerabilities? Are companies deploying those patches in a timely fashion and for a reasonable length of time?
If you’ve been following the FTC’s lawsuit against AT&T alleging deceptive and unfair data throttling, there’s important news. A unanimous en banc decision of the United States Court of Appeals for the Ninth Circuit ruled in the FTC’s favor on a key issue involving the agency’s jurisdiction.
Right now DC is the place to be for people interested in the latest on consumer privacy and data security. The FTC’s third PrivacyCon begins at 9:15 ET on Wednesday, February 28, 2018, with opening remarks from Acting Chairman Ohlhausen. Like the first two PrivacyCons, this year’s event features many of the biggest names in the research world discussing their findings.
Advances in payment methods could end those open-wallet debates about who owes what for the pizza. But as innovative technologies change how people pay for things, established consumer protection principles apply. An FTC complaint against peer-to-peer payment service Venmo – now operated by PayPal – alleges that the company failed to disclose material information about the availability of consumers’ funds.
As a business person, you know that accessing the public Wi-Fi network in an airport lounge, coffee shop, or other location can be risky. Public networks aren’t very secure – or, well, private – and it could be easy for others to intercept your confidential business or personal data. But there are times when every executive has to be out and about. So what can you do to keep your mobile data private and secure? Some people use Virtual Private Network (VPN) apps to shield traffic from their mobile devices from prying eyes on public networks.
Engage, connect, protect was the theme of a series of Small Business Security Roundtables the FTC sponsored last summer. We listened to businesses talk about the challenges they face in securing sensitive information and fending off cyber threats. We also heard that they want concrete advice from the FTC. For example, how can a small company – especially one that may not have the in-house expertise to host its own website – get down to business while also addressing these concerns?
Blind Faith, Crosby Stills Nash & Young, Humble Pie, the Traveling Wilburys. Every musical genre has its supergroup, individual talents from other groups who come together to create something even more impressive. In the consumer privacy and data security world, we think the agenda for the FTC’s PrivacyCon 2018 reads like the line-up of one of those legendary supergroups. (Minus Eric Clapton – sorry.)
So you’ve received a Civil Investigative Demand (CID) from the Federal Trade Commission related to a consumer protection matter. Now what? We appreciate that it can be daunting for any company – especially a small business – and we want to be as transparent as possible about the process.
For college students building their resumes, that camp counselor gig is nice – but what about participating in a session at an international conference of privacy and data security experts?
The Wizard of Oz was right: “Pay no attention to the man behind the curtain.” That’s because according to an FTC settlement, computer company Lenovo should have been paying attention to the “man in the middle.” In this case, the “man in the middle” was preloaded ad-injecting software that put consumers’ personal information at risk from harmful man-in-the-middle attacks.
Internet of Things entrepreneurs are developing products to help keep households running smoothly. But like anyone else you invite into your home, it’s important that IoT devices – appliances, fitness monitors, home security systems, etc. – behave like good houseguests. Out-of-date software can pose a particular problem. One IoT device without software updates can present its own security risks, of course, but it also can introduce vulnerabilities elsewhere on the home network.
With schedules changing as frequently as they do, we can’t be sure what’s on tap for tomorrow. But we already know where we’ll be on Wednesday, February 28, 2018. We’ll be at the FTC’s third PrivacyCon – a gathering of researchers, academics, industry members, consumer advocates, and government representatives talking about the privacy and security implications of emerging technologies.
Here’s the story of a database of sensitive consumer information – names, addresses, phone numbers, email, and payment information – posted on a site frequented by (among others) hackers. It took just minutes before identity thieves tried to make unauthorized use of the information. But this tale of stolen credentials is full of surprises, including who posted the data.
It’s the thread that connects Alexandre Dumas’ The Man in the Iron Mask, the title character in The Talented Mr. Ripley, Don Draper’s back story in Mad Men – and an event scheduled for May 24, 2017, at the FTC.
It’s identity theft.
It’s wise to maintain a reasonable speed: 1) when you’re behind the wheel; or 2) when you’re preparing your public comments for the June 28, 2017, workshop on connected cars hosted by the FTC and the National Highway Traffic Safety Administration. That’s why we’re extending the deadline for your feedback to Monday, May 1st.
The scene is the west coast, the subject is emerging technology, and AI is in the title. But it’s not the 2001 Spielberg sci fi film.
Financial technology remains a hot topic for consumers, offering the possibilities of increased convenience and access to financial services at a lower cost. As part of its FinTech Forum series, the FTC continues to promote public discussion of the ways in which innovative FinTech services – many provided by non-banks and technology companies within the FTC’s jurisdiction – can benefit consumers and the potential issues for stakeholders to keep in mind.
Consumers have bought more than 11 million internet-connected Vizio televisions since 2010. But according to a complaint filed by the FTC and the New Jersey Attorney General, consumers didn’t know that while they were watching their TVs, Vizio was watching them. The lawsuit challenges the company’s tracking practices and offers insights into how established consumer protection principles apply to smart technology.