CPSC’s E-Liquid Enforcement is Hurting Small Businesses
Latest Articles
What’s Next After Facebook’s Record $5 Billion Fine and Cambridge Analytica?
Facebook is facing some big changes after the Federal Trade Commission (FTC) settled with the social media giant over charges that it violated an earlier consent agreement. The company will pay a penalty of $5 billion, which is not only the biggest privacy fine in history, but also, according to FTC commissioner Noah Phillips, “almost 20 times greater than the largest privacy or data security penalty ever imposed worldwide.”
The order requires Facebook to make…
Equifax to Pay Largest-Ever Data Breach Settlement
The Equifax data breach was one of the most massive data breaches of all time, and it has resulted in the biggest settlement for a data breach to date. After two years of investigations at the state and federal levels, credit reporting agency Equifax has agreed to a $675 million – up to possibly $700 million – settlement that puts to rest complaints from the Federal Trade Commission (FTC) and Consumer Financial Protection Bureau (CFPB),…
Boaz Green Interviewed by Regulator Watch About the Consumer Product Safety Commission’s Recent Enforcement Actions Against E-Liquids
As previously reported on Keller and Heckman’s The Continuum of Risk blog, the Consumer Product Safety Commission (CPSC) recently announced that it considers flow restricted containers for nicotine-containing e-liquids to be required under the Child Nicotine Poisoning Prevention Act of 2015 (CNPPA). Boaz Green was interviewed by Regulator Watch regarding CPSC’s recent enforcement actions, industry’s response, and the options available to companies receiving Notices of Violation from CPSC.
To watch the full interview, click…
FTC and D-Link Settle Data Security Dispute
After protracted litigation, the Federal Trade Commission (FTC) entered into a proposed settlement with computer software manufacturer D-Link over charges that the company misrepresented the security of its wireless routers and Internet-connected cameras and failed to take reasonable software testing and remediation measures to protect the devices.
As we previously reported, part of the FTC’s 2017 complaint against D-Link was dismissed by the U.S. District Court for the Northern District of California on three…
UK ICO Proposes GDPR Fines for British Airways and Marriott Data Breaches
Earlier this week, the UK Information Commissioner’s Office (ICO) announced its intent to fine British Airways £183,390 million ($230 million) and its intent to fine Marriott International more than £99 million ($123 million) for violations of the General Data Protection Regulation (GDPR) arising out of data breaches. The ICO investigated the breaches as the lead supervisory authority under the GDPR “one stop shop” enforcement mechanism. Both companies have an opportunity to comment on the ICO’s…
Sheila Millar Authors Law360 Article “UK’s Proposed Age-Appropriate Data Code Would Be Onerous”
In a recent Law360 article, Sheila Millar discusses a proposal from the British Information Commissioners Office (ICO) that significantly restricts how information society services deemed likely to be accessed by children must handle the data they collect, use, and share. In “UK’s Proposed Age-Appropriate Data Code Would Be Onerous” (July 3), she delves into how the ICO proposal creates potentially onerous burdens on business and conflicts with existing law. To read the full article, click…
FTC Continues Enforcement of False Privacy Shield Claims
Nearly three years after the EU-U.S. Privacy Shield framework replaced the U.S.-EU Safe Harbor as a mechanism to transfer personal data from the European Union to the United States, the Federal Trade Commission (FTC) continues to monitor companies’ claims regarding participation. As we previously reported, the FTC has taken actions against several companies over the years for stating they were self-certified to the Privacy Shield framework when they either had never joined or when…
FTC Settles Lax Data Security Charges with Software Seller DealerBuilt
The Federal Trade Commission (FTC) entered into a proposed settlement with LightYear Dealer Technologies, LLC (aka DealerBuilt) on June 12, 2019, over allegations of lax consumer privacy protections. While no fines were levied, the order is remarkable for its detailed and extensive requirements governing the company’s future data privacy practices and the FTC’s role in overseeing implementation. The terms include specific instructions for mandatory third-party assessments of the company’s data privacy program using an assessor…
E-Vapor Industry Coalition Formally Opposes CPSC Novel Interpretation of CNPPA that Immediately Requires Flow-Restricted Packaging for E-Liquids
