Archives: Enforcement

Subscribe to Enforcement RSS Feed

A Reasonable Security Blanket

Fear the data breach.  Companies large and small worry that a security lapse compromising personal information may hurt their customers or employees and expose the organization to costly liability and a damaged reputation.  But recent developments suggest that comfort may still be found in keeping privacy promises and keeping up with “reasonable security” best practices. … Continue Reading

NY AG Settles with TRUSTe Over its COPPA Safe-Harbor Program

Last week, the New York Attorney General’s Office announced that it had entered into a settlement with privacy compliance company TRUSTe, signaling the AG’s continuing interest in children’s privacy and potentially portending an uptick in state-level enforcement under the Children’s Online Privacy Protection Act (“COPPA”). TRUSTe operates an FTC-approved safe-harbor program for online services subject to … Continue Reading

The NAD’s First Native Ad Case Since Issuance of FTC Native Ad Guides

Just five months after the Federal Trade Commission (“FTC”) released its Native Ads Policy Statement, the National Advertising Division of the Better Business Bureau (“NAD”) has followed suit and issued a decision in its investigation of Joyous Inc.’s (“Joyous”) native advertising practices (NAD Case #5956, 05/19/16). In its routine monitoring, the NAD explored the formatting … Continue Reading

Businesses Take Heed: FTC’s Recent Report, Conference Signal Big Data’s the Big Deal in 2016

FTC Kicks Off New Year with New Report on Growing Use of Big Data Analytics Across All Industries Without so much as a week of 2016 having lapsed, the Federal Trade Commission (“FTC” or “Commission”) released a new report with recommendations to businesses on the growing use of big data. The report, “Big Data: A … Continue Reading

FTC Settles Advertising-Related COPPA Charges Against Two App Developers

This week, the FTC announced settlements with two developers of children’s apps that it claimed had failed to comply the Children’s Online Privacy Protection Act (“COPPA”). While any COPPA enforcement by the FTC is noteworthy, these cases are particularly interesting in that they are the FTC’s first COPPA enforcement actions that are based on allegations that a child-directed online service … Continue Reading

Caveat Venditor: FTC Amends Telemarketing Sales Rule to Enhance Anti-Fraud Protections and to Update and Clarify Several Key Provisions Relating to the National Do Not Call Registry

On November 18, 2015, the Federal Trade Commission (FTC) released a final rule setting forth a number of key amendments to its Telemarketing Sales Rule (TSR).  [FN1]  Specifically, in response to changes in the financial marketplace, the final rule prohibits the use of certain payment methods in telemarking.  In addition, and of likely much greater … Continue Reading

Retail-Tracking Service Provider Nomi Technologies Settles FTC Complaint Over False Statement in its Privacy Policy

Last week, the Federal Trade Commission announced a complaint against and proposed settlement with Nomi Technologies, Inc.* (“Nomi”), based on allegations that Nomi included a false representation in its Privacy Policy. Nomi is an analytics provider offering services to brick-and-mortar retail locations through its “Listen” service. To provide the service, Nomi utilizes beacons placed within … Continue Reading

FTC’s $11.9 Million Win Emphasizes Need to Follow Guidelines

The Federal Trade Commission (“FTC”) just won another important victory as part of its crackdown on deceptive health claims. LeadClick Media (“LeadClick”) and its parent company were held responsible for claims made by affiliate marketers and ordered to pay a total of $11.9 million in ill-gotten gains from a deceptive weight-loss product-marketing scheme.… Continue Reading

Numerous Warning Letters Serve as a Reminder that the FTC is Always Watching

The Federal Trade Commission (“FTC”) has been very active in its enforcement efforts in the past couple of months. In addition to other actions which we have blogged about, the FTC recently sent dozens of warning letters to advertisers in two separate efforts. In September, the FTC sent letters admonishing companies for their failure to … Continue Reading

FTC Brings First Actions Under the Restore Online Shoppers’ Confidence Act

Last month, the Federal Trade Commission brought a pair of actions under the Restore Online Shoppers’ Confidence Act (“ROSCA”) – the first of their kind. ROSCA Generally ROSCA (15 U.S.C. 8401 et seq.) was signed into law just before the end of 2010. In general, the law regulates two types of online transaction: sales using … Continue Reading

California AG’s Office Attorney Shares Views on Office’s Privacy and Security Enforcement Priorities; Recent California Privacy and Cybersecurity Laws

On Tuesday, a high ranking attorney in California’s Attorney General’s Office made clear that the office has maintained its laser focus on data privacy and security issues and has been paying close attention to the California legislature’s recent flurry of privacy and security related legislation.  In a wide-ranging TRUSTe webinar, Joanne McNabb, the California AG’s … Continue Reading

The Internet of Things: FDA Releases Guidance on Securing Wireless Medical Devices — What Medical Device Manufacturers Should Know

FDA, responding to pressure to provide direction on wireless medical device security, has released guidance concerning the use of RF wireless technology in medical devices.  The Guidance contains FDA’s recommendations to wireless medical device manufacturers for securing these devices and complying with governing FDA regulations. Key takeaway:  FDA is now paying close attention to medical … Continue Reading

New York Attorney General Cracks Down on Falsified Online Reviews

Last week, New York’s Attorney General’s Office announced that it had entered into settlements with nineteen companies, totaling more than $350,000 in fines, based on those companies’ involvement in producing fake online reviews for businesses around the state.  Though the conduct at issue in this case appears particularly egregious, the settlements serve as an important … Continue Reading

10 Years After SB 1386, California Attorney General Issues First Ever Report and Recommendations on Data Breaches

As most know, California was the first state in the country, only 10 years ago, to pass the first ever state data security breach notification law, SB 1386, codified at California Civil Code sections 1798.29 and 1798.82.  Last year, SB 24 amended the law, effective January 1, 2012, to require organizations issuing a security breach … Continue Reading

California Attorney General Sues Delta Air Lines for Failing to Have a Mobile App Privacy Policy

Keeping good on her threat from October, the California Attorney General has brought her first lawsuit over a company’s failure to include a privacy policy in its mobile app.  The suit, against Delta Air Lines, alleges a violation of the California Online Privacy Protection Act (“CalOPPA”), which requires operators of online services to make a … Continue Reading

NLRB Issues Report on Employer Social Media Policies

The National Labor Relations Board (“NLRB”) recently issued another report analyzing provisions of six different employer social media polices.  As we have previously discussed, these periodic NLRB reports provide guidance for how to draft and apply policy provisions that attempt to restrict or guide employees’ use of social media.  Specifically, in the latest report, among … Continue Reading

EPIC Alleges Epic FTC Fail In Google Saga; We Review the Complaint

On February 8, 2012, the Electronic Privacy Information Center (EPIC) asked the Federal District Court for the District of Columbia to compel the Federal Trade Commission (FTC) to enforce the terms of the agency's Google Buzz privacy settlement with Google. EPIC seeks to compel the FTC to stop Google's planned consolidation of user data from across the company's services into a single profile for each user under a single privacy policy. EPIC has alleged that the proposed changes and the way Google seeks to implement the changes violate the Google Buzz consent order. The District Court will hear the case before March 1, 2012. In this post, we discuss the highlights of EPIC's complaint, Google's response and lessons learned. … Continue Reading

NLRB Issues Second Report Reviewing Social Media Enforcement Actions

On January 25, 2012 the National Labor Relations Board (“NLRB”) Office of the General Counsel released a report summarizing fourteen cases that were before the NLRB concerning the “protected and/or concerted nature of employees’ social media postings and the lawfulness of employers’ social media policies and rules” (“Report”). The Report followed up on an earlier report … Continue Reading

FTC Takes on Super Cookies

On November 8, 2011, the Federal Trade Commission announced that an online advertiser, ScanScout, agreed to settle FTC charges that it deceptively used “Flash” cookies (also known as super cookies) to track consumers online. As explained by Wired, unlike traditional browser cookies, Flash cookies are not controlled by privacy controls in a Web browser. That … Continue Reading

NLRB Holds “Facebook” Firing Justified on Alternative Grounds, but Finds Policy Unlawful

As we have discussed on our blog, the National Labor Relations Board (NLRB) has continued a campaign of enforcement actions against employers who, according to the NLRB, have unlawfully terminated employees for discussing working conditions on social media. As we reported, in the first of such "Facebook" enforcement actions to come before an NLRB administrative judge, the employer was ordered to reinstate five employees and to pay back their wages. On September 28, 2011, in the second "Facebook" case to reach an NLRB administrative judge, an employer was found to have been justified in terminating an employee car salesman for Facebook postings that mocked the employer and did not concern working conditions … Continue Reading

Israeli Court Rejects a Forum Selection Clause in Clickwrap Agreement

Omer Tene, Managing Director, Tene & Associates is reporting on the court's decision: In a highly important decision, the Tel Aviv District Court annulled a forum selection clause in a clickwrap contract, holding the user was not sufficiently aware of the choice of foreign forum or of the fact he was contracting with a foreign company; and had not clearly consented to such choice. … Continue Reading

Nonprofit Must Rehire Employees Axed for Facebook Complaints

In the first decision of its kind, a National Labor Relations Board (“NLRB” or the “Board”) Administrative Law Judge recently ruled on September 2, 2011 that a nonprofit organization unlawfully discharged employees for complaining about their jobs on Facebook. As we have previously discussed on our blog, the NLRB has been very aggressive in enforcing employees’ … Continue Reading

Russia Data Protection Enforcement Update – Administrative Charges Follow Breach

It is being reported that Moscow prosecutors conducted an investigation into whether several websites that were involved in data breaches earlier this year violated the country's data protection law. As a result of the breaches, names, contact information and order histories of Internet magazine subscribers (including adult-themed publications) became available on Internet search engines, including Russian-language Yandex. Without naming the websites, the report states that the prosecutors have filed administrative charges against two Internet magazines as a result of the investigation. … Continue Reading

NLRB Report Reviews Social Media Enforcement Actions

On August 18, 2011, the Associate General Counsel of the National Labor Relations Board ("NLRB" or the "Board") issued a report analyzing the Board's recent social media enforcement actions. The report seeks to provide guidance to employers that want to ensure that their social media policies appropriately balance employee rights and company interests. … Continue Reading
LexBlog