In the rapidly expanding landscape of Internet-based data analytic services, companies across all industries with a significant online presence have faced or will face a data breach resulting from their collection and use of Big Data. As more consumer information is digitized and collected by companies for data analytics, the potential for cyberattacks also increases. … Continue Reading
In one of the first Internet of Things (IoT) class action settlements, the maker of a Bluetooth-enabled personal vibrator agreed to settle privacy class claims for $3.75 million. The We-Vibe product allows a user to connect the product to a smartphone. The user can then control the device from the phone via Bluetooth connection. The … Continue Reading
On March 17, 2017, the Federal Trade Commission (FTC) announced that it had reached a $500,000 settlement with Upromise, a membership reward service aimed at families saving for college. The FTC had alleged that Upromise violated a 2012 FTC consent order by failing to make required disclosures about its data collection and use practices and … Continue Reading
The Federal Trade Commission (FTC) has been turning its attention to consumer data collection and use that consumers may not expect, such as tracking of TV viewing by smart TVs, and use of cross-device technologies and techniques to try to associate users and households to multiple devices (e.g., TVs, mobile phones, tablets, computers, and other … Continue Reading
On February 6, 2017, the Federal Trade Commission announced that it had settled charges against VIZIO, Inc., a consumer electronics manufacturer of Internet-connected televisions. The FTC alleged that VIZIO unfairly tracked sensitive TV viewing data of millions of American consumers, and deceptively failed to disclose how the collected data was being used. This action was … Continue Reading
On January 6, the Federal Trade Commission (FTC) announced that it had filed a complaint against Taiwanese D-Link Corp. and its U.S. subsidiary, D-Link Systems Inc. (D-Link), alleging the company made deceptive claims about the security of its products and engaged in unfair practices that put U.S. consumers’ privacy at risk. The case is noteworthy for … Continue Reading
We recently released our 2016 Data Security Incident Response Report (“Report”), which provides lessons learned and metrics related to over 300 data security incidents handled by our team. As noted in the report, once an incident is made public the potential ramifications include a wide-ranging investigation by a regulatory agency, such as state attorneys general. … Continue Reading
On January 6, 2016 the Federal Trade Commission (“FTC”) issued the report Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues (“Report”), based on prior workshops and subsequent public comments on Big Data usage. The Report concentrates on data usage, not collection, and the application of current law to such usage, and not … Continue Reading
The Federal Trade Commission reminded publishers and advertisers recently that the Children’s Online Privacy Protection Act (COPPA) prohibits data collection, absent verified parental consent, for behavioral (interest-based) advertising on websites or mobile apps directed at children under 13. App publisher TapBlaze paid $60,000 and entered into a 20-year consent (available here) to settle charges. The revised … Continue Reading
Both the administrative law judge’s decision in LabMD and the Third Circuit’s recent decision in Wyndham, which we previously blogged about, put the FTC on notice that it cannot assume that in the wake of a security breach, allegedly inadequate data security will necessarily constitute an unfair practice under Section 5 of the FTC Act. Further, … Continue Reading
Co-authored by: Hannah Bloink Dynamic pricing is the practice of offering different prices to consumers based on various factors designed to maximize sales and profits, which may include the retailer’s perception of the willingness of a particular consumer to pay at a given price point, often in connection with other factors such as a given … Continue Reading
Over the past decade, we have witnessed the emergence of data-driven enterprises, with business models built on the acquisition, use and sale of data. Included in that group are some of the most highly valued companies in the world, such as Facebook and Google. We also have seen more traditional businesses become increasing data dependent, … Continue Reading
By Judy Selby and Benjamin Barnes on Posted in Big Data
We read every day about the myriad of purposes for which enterprises are embarking on Big Data projects. Securing C-suite buy in and funding may be a significant endeavor, as is implementing an analytic approach to yield results that will achieve the project’s overall goals. In the face of those challenges, the legal and regulatory … Continue Reading
2014 has been perhaps the biggest year Information Governance (“IG”) has seen. A relatively small and, if not unknown, at least undefined field only a few years ago has grown into an area of interest—and concern—to many organizations. The continued growth of data, the escalating threat of data breaches, the amazing ability to collect and … Continue Reading
Editor’s Note: We recently launched a graphic illustrating our Cyber Risk Mitigation Services. This week, our attorneys will be writing about specific examples of those services. The past few years have witnessed the unprecedented rise of Big Data. Fully 90 percent of today’s data was created over just the past two years. Businesses now double the … Continue Reading
By Pamela Jones Harbour, Erik Raven-Hansen, William W. Hellmuth and Jenna N. Felz on Posted in Big Data
As the advent of “big data” increasingly takes center stage in the data and privacy sphere, data brokers—companies that compile and resell or share consumers’ personal data—have come under increased scrutiny. On May 27, 2014, the Federal Trade Commission (“FTC”) issued a report titled “Data Brokers: A Call for Transparency and Accountability,” as part of … Continue Reading
By Pamela Jones Harbour, Erik Raven-Hansen and William W. Hellmuth on Posted in Big Data
In the latest round of reactions to the Edward Snowden leak, on May 1, 2014, the Obama Administration called for the United States to take a leading role in developing new standards for privacy protections in light of the ongoing “social, economic, and technological revolution.” In a report titled “Big Data: Seizing Opportunities, Preserving Values,” … Continue Reading
By: Judith A. Selby and James A. Sherer 2013 was the year that the term “Information Governance” or “IG” began to be widely used outside of technical circles. Despite that fact, the concept of IG is not well understood. Gartner, a premier information advisory company, defines IG as the specification of decision rights and an accountability framework … Continue Reading
What are the roles of the various chief stakeholders when it comes to managing big data, security and privacy concerns, and how can they work across silos to achieve enteprise-wide goals? We begin the discussion of these important issues here. (LinkedIn sign-in required)… Continue Reading
On July 28, 2011, McAfee released a white paper (reg. req’d.) detailing its investigation of a targeted intrusion into more than 70 companies and government organizations over the past five years by an APT—an attack McAfee called Operation Shady RAT. By gaining access to a command and control server that was used in the attacks, … Continue Reading
In the wake of the recent breaches at Epsilon and Sony and the scrutiny Apple and Google are facing for their geolocation data tracking practices, there has been little media focus on the benefits of data collection and analysis. Indeed, most of the coverage has been trained on proposed legislation and new regulations that would … Continue Reading