This insight was initially published in 2022 and updated in August 2024. The Federal Trade Commission (FTC) has continued to ramp up its investigation and enforcement efforts to address unfair or deceptive acts or practices...more
The Federal Trade Commission (FTC) has released a notice of proposed rulemaking meant to prohibit unfair or deceptive fees, often referred to as junk fees. The proposed rule would prohibit...more
On December 19, 2022, the FTC announced two record-breaking settlements with Epic Games, Inc.—a video game developer, best known for the game Fortnite—for a combined total of $520 million: The key takeaways from these...more
The Federal Trade Commission (FTC) has continued to ramp up its investigation and enforcement efforts in 2022 to address unfair or deceptive acts or practices in the privacy, cybersecurity and consumer protection space. With...more
The Federal Trade Commission ("FTC") recently announced its intent to "vigorously" enforce its 2009 Health Breach Notification Rule (the "Rule") via a policy statement that sheds light on the Rule's scope. The policy...more
9/24/2021
/ Application Programming Interface (APIs) ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Federal Trade Commission (FTC) ,
FTC Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Mobile Apps ,
Mobile Health Apps ,
Personally Identifiable Information ,
Popular
In an increasing trend, the Federal Trade Commission (FTC) joined other federal regulators seeking to hold individuals – not just companies – liable in enforcement proceedings. The most recent target was San Francisco-based...more
5/30/2019
/ Antitrust Provisions ,
Automatic Enrollment ,
E-Commerce ,
Enforcement Actions ,
Failure To Disclose ,
Federal Trade Commission (FTC) ,
Free Trials ,
Misrepresentation ,
Online Endorsements ,
Online Reviews ,
ROSCA ,
Subscription Services ,
Terms of Service ,
Unfair or Deceptive Trade Practices
Shortly after the new year, the Federal Trade Commission filed suit in the Northern District of California against D-Link Corporation, a Taiwan-based maker of wireless routers, Internet Protocol (IP) cameras, and software...more
2/6/2017
/ Corporate Counsel ,
Data Security ,
Federal Trade Commission (FTC) ,
Hackers ,
Popular ,
Security Standards ,
Software ,
Taiwan ,
Technology ,
Technology Sector ,
Vulnerability Assessments ,
Young Lawyers
Last week, the FTC published a blog post titled The NIST Cybersecurity Framework and the FTC, in which the agency issued a nuanced answer to an oft-asked question: “If I comply with the NIST Cybersecurity Framework, am I...more
Last week, fashion retailer Lord & Taylor reached a settlement with the FTC over its allegedly deceptive advertising campaign, the first such action since the FTC released its Enforcement Policy Statement on Deceptively...more
The European Commission has announced that it has reached a deal to replace the EU-US Safe Harbor framework that was declared invalid last year by the Court of Justice of the European Union (“ECJ”). Heralded as the EU-US...more
On January 5, 2015, the Federal Trade Commission (FTC) entered into a consent order with dental software manufacturer Henry Schein Practice Solutions, Inc. ("Schein") in connection with allegations that Schein had made...more
Personal data is a valuable corporate asset. At times, the personal information collected from customers (such as email address, mailing address, phone number, etc.) can be a company’s most valuable asset. Unfortunately,...more
10/20/2015
/ Bankruptcy Code ,
Chapter 11 ,
Commercial Bankruptcy ,
Customer Lists ,
Cyber Attacks ,
Cyber Crimes ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Digital Assets ,
Disney ,
Enforcement Actions ,
Facebook ,
Federal Trade Commission (FTC) ,
Google ,
Hackers ,
MySpace ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Policy ,
RadioShack ,
Sale of Assets ,
Snapchat ,
WhatsApp
The European Court of Justice’s (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
10/20/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Compliance ,
Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
The European Court of Justice's (CJEU) recent decision striking down the EU-US Safe Harbor framework has created significant marketplace uncertainty and left companies scrambling for alternative cross-Atlantic data transfer...more
10/19/2015
/ Article 29 Working Group ,
Binding Corporate Rules ,
Cybersecurity ,
Data Protection Authority ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
Federal Trade Commission (FTC) ,
International Data Transfers ,
Ireland ,
National Security ,
National Security Agency (NSA) ,
Personal Data ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework
Earlier this month, privacy and security professionals from around the globe gathered for “Privacy. Security. Risk. 2015”—the second joint conference between the International Association of Privacy Professionals and the...more
10/15/2015
/ Big Data ,
Cloud Computing ,
Compliance ,
Covered Entities ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Department of Health and Human Services (HHS) ,
Dropbox ,
Edward Snowden ,
Enforcement Actions ,
Ethics ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
FCC ,
Federal Trade Commission (FTC) ,
Google ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
International Data Transfers ,
Internet of Things ,
Ireland ,
Microsoft ,
National Security ,
National Security Agency (NSA) ,
OCR ,
Personal Data ,
Popular ,
Privacy Laws ,
Right to Privacy ,
Safe Harbors ,
Schrems I & Schrems II ,
Security Risk Assessments ,
US-EU Safe Harbor Framework
In Part I, we discussed the Third Circuit's finding that the "unfair" prong of the FTC Act does not require the agency to provide specific cybersecurity standards with "ascertainable certainty" to which companies must...more
On Monday, the Third Circuit issued a highly anticipated opinion affirming the Federal Trade Commission's authority to regulate "unfair" cybersecurity practices under Section 5 of the FTC Act. In allowing the data breach...more
8/27/2015
/ Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Debit Cards ,
Enforcement Actions ,
Federal Trade Commission (FTC) ,
Fraudulent Charges ,
FTC v Wyndham ,
Hackers ,
Section 5 ,
Wyndham
The provider of the immensely popular “Brightest Flashlight Free” mobile app for Android reached a settlement with the Federal Trade Commission (FTC) over charges that it collected sensitive personal information, including...more
In March, the Federal Trade Commission issued updated advertising guidelines to take into account the challenges created by the rapid growth of mobile and online advertising platforms, particularly small screen size and other...more
The Federal Trade Commission has emphasized in the past that general privacy protections in the website space apply equally to mobile services, but a new FTC Staff Report released on Friday hones in on some privacy...more
2/11/2013
/ Address Book ,
App Developers ,
COPPA ,
Data Collection ,
Data Protection ,
Federal Trade Commission (FTC) ,
Mobile Apps ,
Notice Requirements ,
Parental Consent ,
Path Inc. ,
Personally Identifiable Information ,
Privacy Policy ,
Settlement ,
Social Networks ,
Transparency