Posts Tagged ‘FTC Act’

FTC Applies GLBA & FTC Act Sanctions To Mortgage Lender

Monday, November 10th, 2008

I anticipate that with the big $700 billion “rescue” plan the government is going to continue the increased compliance activities…

(more…)

15 Actions/Penalties Brought By FTC Under GLBA + FTC Act

Monday, July 7th, 2008

The FTC has long provided a great role model for other government oversight and enforcement agencies with regard to their activities in ensuring organizations follow data protection laws and also ensure organizations actually fulfill the promises they make within their published information security and privacy policies. It is too bad most of the other government agencies are not as diligent or nearly as effective in helping to ensure organizations sufficiently protect personally identifiable information (PII).
While doing some research today I compiled a list of the actions the FTC has taken, which I thought may be useful to some of you as well…

(more…)

Do Your Terms Of Use Try To Gut Your Privacy Policy Promises?

Sunday, May 18th, 2008

I see a growing trend in organizations trying to gut the promises made in their website privacy policies through sneaky wording they place in their rarely read “Terms of Use” statements.
Over the past few months I have heard from some CISOs and CPOs who are concerned at some of the wording that their legal counsels are suggesting they put on their web sites. And rightly so. Why? Because the considered “Terms of Use” statements seem to be, 1) trying to eliminate all liability to the organization for anything bad that happens to the personally identifiable information (PII) submitted to or accessed from the site; 2) basically nullifying the posted privacy policy; and 3) trying to require the website user to agree to these terms just by using the site…no active acknowledgment or agreement necessary.
Here is a composite from around half of a dozen of these worrisome passages from the considered drafted Terms of Use statements that I’ve seen…

(more…)

AccuSearch Fined ~$200,000 For Pretexting & Selling Phone Numbers

Tuesday, January 29th, 2008

Yesterday the U.S. Federal Trade Commission (FTC) announced AccuSearch, Inc., was guilty of violating federal law by selling consumer phone records to third parties without consumers’ knowledge or authorization.

(more…)

AccuSearch Fined ~$200,000 For Pretexting & Selling Phone Numbers

Tuesday, January 29th, 2008

Yesterday the U.S. Federal Trade Commission (FTC) announced AccuSearch, Inc., was guilty of violating federal law by selling consumer phone records to third parties without consumers’ knowledge or authorization.

(more…)

FTC Hands Down Another FTC Act Noncompliance Penalty For Bad Online Application Security

Friday, January 18th, 2008

Yesterday the U.S. Federal Trade Commission (FTC) handed down yet another penalty against an online retailer, Life is good, Inc., for not properly safeguarding their online ecommerce applications.
The FTC charged they were in violation of the FTC Act because they promised in their online privacy statement that they would safeguard their customer data, but yet a hacker “was able to use SQL injection attacks on Life is good’s Web site to access the credit card numbers, expiration dates, and security codes of thousands of consumers.”

(more…)

FTC Behavioral Advertising Privacy Principles: Give Them Your Feedback!

Thursday, December 27th, 2007

On December 10 the U.S. Federal Trade Commission (FTC) announced that the FTC commissioners voted unanimously to have principles to govern online behavioral advertising. At the same time they released their proposed principles to guide the development of self-regulation in this area.

(more…)

FTC Fines Mortgage Co. For Tossing PII Into Dumpster: FACTA/FCRA, GLBA, & FTC Act Violations

Wednesday, December 26th, 2007

On December 17 the U.S. Federal Trade Commission (FTC) fined and penalized American United Mortgage Company for throwing the personally identifiable information (PII) and financial information of its customers and consumers into an open, publicly-accessible dumpster.
Under the terms of the penalty, American United Mortgage Company must:

(more…)

“Awards” Given For E-Commerce Site Privacy Policies…The Best And The Worst

Friday, December 14th, 2007

I ran across some interesting e-commerce site “awards” recently published by CyberStreetSmart.org. They identified the recipients of their “screen door” (the award retailers DON’T want) and “steel door” (retailers want this) awards based upon the privacy protections the sites had in place for customer personally identifiable information (PII).

(more…)

FTC Settlement For Marketing Via Pop-up Ads: Lessons For All Marketers Regarding Consent & Consumer Complaints

Sunday, December 9th, 2007

I like to keep my eye on the FTC site; they are very active in catching businesses violating the U.S. FTC Act by practicing unfair and deceptive business practices, particularly via the Internet. They really demonstrate the need for privacy and information security professionals to stay on top of what their business units and marketing areas are doing with regard to contacting consumers, forcing ads upon them, and gathering information from them.

(more…)