Tag Archives: FTC

EU-U.S. Privacy Shield Q&A

Last month, the European Union and U.S. officials announced final approval of the EU-U.S. Privacy Shield (Privacy Shield), replacing the Safe Harbor which was invalidated by the Court of Justice of the European Union in October 2015.  Like it predecessor, the Privacy Shield will allow organizations based in the United States to self-certify compliance with the Privacy … Continue Reading

The Privacy Shield Is Finally Here

Earlier today the European Union and U.S. officials announced the final approval of the EU-U.S. Privacy Shield data transfer agreement (“the Privacy Shield”).  Beginning August 1, 2016, organizations based in the U.S. will be able to self-certify their compliance with the Privacy Shield. The Privacy Shield is meant to replace the EU-U.S. Safe Harbour agreement … Continue Reading

FTC Issues Guidance for Background Screening Companies

Employers regularly turn to background screening companies in order to obtain information/reports about applicants and employees.  The Fair Credit Reporting Act (FCRA) applies to companies that sell or provide these background screening reports if such a report meets the FCRA’s definition of a “consumer report.”   A consumer report is a report which serves as a factor … Continue Reading

The Inexplicit Requirement and Definitive Necessity for Employers to Implement Privacy Policies

In the face of seemingly daily news reports of company data breaches and the mounting legislative concern and efforts on both the state and federal level to enact laws safeguarding personal information maintained by companies, employers should be questioning whether they should implement privacy policies to address the protection of personal information they maintain on … Continue Reading

Internet of Things Bill Introduced

Recognizing the growing number of connected and interconnected devices, a bipartisan group of Senators recently introduced a bill which would convene a working group of Federal stakeholders to provide recommendations to Congress on how to appropriately plan for and encourage the proliferation of the Internet of Things (IoT). The Developing Innovation and Growing the Internet of … Continue Reading

The Status of the EU-U.S. Privacy Shield

As we previously reported, the EU and U.S. reached agreement last week on the EU-U.S. Privacy Shield to replace the invalidated EU-U.S. Safe Harbor Program for transatlantic data transfers.  While the announcement of the Privacy Shield is a relief to the thousands of companies who relied on the Safe Harbor Program, details remain unclear. What … Continue Reading

Top 10 for 2016 – Happy Data Privacy Day

In honor of Data Privacy Day, we provide the following “Top 10 for 2016.”  While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2016. EU/U.S. Data Transfer (status of Safe Harbor).  On October 6, 2015, the Court of Justice of the European Union (CJEU) ruled … Continue Reading

FTC’s Big Data Report Has Suggestions for the Workplace

Earlier this month, the Federal Trade Commission (“FTC”) issued a report discussing “big data.” The report compiles the agency’s learning from recent seminars and research, including a public workshop held on September 15, 2014. Known best for its role as the federal government’s consumer protection watchdog, the FTC highlights in the report a number of … Continue Reading

The Data Security and Breach Notification Act of 2015

On March 25, 2015, the United States House of Representative, Energy and Commerce Subcommittee on Commerce, Manufacturing, and Trade approved draft legislation which would replace state data breach notification laws with a national standard.  This draft legislation comes on the heels of the President’s call for a national data breach notification law.  The proposed legislation is … Continue Reading

Checklists Not Enough When Developing a WISP, FTC Director Comments at IAPP Global Privacy Summit

This year’s IAPP Global Privacy Summit was very informative on a number of fronts, including the helpful insight provided by officials at the Federal Trade Commission (FTC) on a range of topics. A good summary of some of their comments can be found here, which includes concerns they expressed about the Consumer Privacy Bill of … Continue Reading

Top 15 for 2015 – Happy National Data Privacy Day

In honor of National Data Privacy Day, we provide the following “Top 15 for 2015.”  While the list is by no means exhaustive, it does provide some hot topics for businesses to consider in 2015. Inside Threats for Healthcare Providers and Business Associates.  While news reports of security risks often focus on hackings and breaches … Continue Reading

FTC Announces “Concrete Steps” for IoT Privacy and Security

As the vast array of internet-connected devices mushrooms, and technologies permit those devices to communicate with one another, calls for privacy and security can be heard. On the heels of a recent victory in the ongoing LabMD case, the Federal Trade Commission (FTC) announced yesterday “concrete steps” businesses can take to enhance the privacy and … Continue Reading

On the Heels of FTC, FCC Joins GPEN to Better Watch Data Abroad

Data is rarely still. It is captured, processed and moved around the world at speeds we wouldn’t have dreamed possible 20 years ago. Data often disrespects borders. By way of example, companies often mistakenly store personal data in the cloud to be accessed by multiple international locations, without considering the legal rights of the data … Continue Reading

Report Says Russian Hackers Stole 1.2 Billion Usernames and Passwords, But Don’t Let “Breach Fatigue” Take Hold

In what is believed to be the largest security breach to date, the Associated Press reported that Russian hackers have stolen 1.2 billion user names and passwords. According to the AP, Milwaukee security firm, Hold Security, learned of the breach, but has yet to provide details about the series of website hackings believed to have affected … Continue Reading

FTC Amends Guidance to Children’s Online Privacy Protection Act (COPPA) Rules, Clarifying “Verifiable Parental Consent” Requirements

In response to reported on-going confusion regarding how to satisfy the “verifiable parental consent” requirements in Children’s Online Privacy Protection Act (“COPPA”) 15 U.S.C. §6501 et. seq. (1998), and its implementing regulations, 12 CFR Part 312 (2000), the Federal Trade Commission (“FTC”) revised its guidance on enforcement of the same. According to the FTC, “The … Continue Reading

FTC Objects to Sale of Company Assets Based on Potential Breach of Privacy Policy

Recently, the Federal Trade Commission (“FTC”) filed a limited objection in bankruptcy court to the proposed sale of assets of ConnectEdu, Inc. (“ConnectEdu”) on the grounds that the company’s privacy policy protecting customer personal information had potentially not been complied with. Specifically, ConnectEdu, an education technology company that provided interactive tools to assist students, parents … Continue Reading

EEOC & FTC Issue Joint Background Check Guidance

The U.S. Equal Employment Opportunity Commission (EEOC) and the Federal Trade Commission (FTC) issued joint informal guidance concerning the legal pitfalls employers may face when consulting background checks into a worker’s criminal record, financial history, medical history or use of social media.  The FTC enforces the Fair Credit Reporting Act, the law that protects the … Continue Reading

FTC Announces Identity Theft Was Top Consumer Complaint During 2013, 14 Years Running

According to an FTC press release, identity theft tops the national ranking of consumer complaints for 2013, with American consumers losing a reported $1.6 billion to fraud last year. Here is how some of the numbers break down: Fourteen (14) percent of the more than two million complaints to the FTC (or 290,056) stemmed from identity theft. Thirty … Continue Reading

U.S. Attorney General Eric Holder Urges the Passage of a National Data Breach Notification Law

After years of identity theft holding the top spot for crimes reported to the Federal Trade Commission, and following recent reports of massive data breaches, U.S. Attorney General Eric Holder urged Congress today to enact a national law setting a uniform standard for notifying individuals regarding breaches involving their personal information, according to a report by … Continue Reading

Top 14 for 2014

In honor of National Data Privacy Day, we provide the following “Top 14 for 2014.”  While the list is by no means exhaustive, it does provide critical areas businesses will need to consider in 2014. Location Based Tracking.  As the utilization of GPS enable devices becomes more and more prevalent, employers are often faced with … Continue Reading

Recruiter Misuse of Social Media Can Increase Risk of Liability

Recruiters are increasingly turning to social media to screen and recruit candidates. Jobvite’s 2012 Social Recruiting Survey found that 92% of respondents plan to use social media for recruiting.  Often, recruiters are viewing and considering information that should not be utilized in the hiring process.  LinkedIn is replete with information that should not be considered when … Continue Reading
LexBlog