Consumer Protection Connection

Blog Authors

Latest from Consumer Protection Connection

What’s Next After Facebook’s Record $5 Billion Fine and Cambridge Analytica?

By Sheila Millar & Tracy Marshall on July 29, 2019

Facebook is facing some big changes after the Federal Trade Commission (FTC) settled with the social media giant over charges that it violated an earlier consent agreement. The company will pay a penalty of $5 billion, which is not only the biggest privacy fine in history, but also, according to FTC commissioner Noah Phillips, “almost 20 times greater than the largest privacy or data security penalty ever imposed worldwide.” The order requires Facebook to make…

Consumer Protection Connection

Equifax to Pay Largest-Ever Data Breach Settlement

By Sheila Millar & Tracy Marshall on July 25, 2019

The Equifax data breach was one of the most massive data breaches of all time, and it has resulted in the biggest settlement for a data breach to date. After two years of investigations at the state and federal levels, credit reporting agency Equifax has agreed to a $675 million – up to possibly $700 million – settlement that puts to rest complaints from the Federal Trade Commission (FTC) and Consumer Financial Protection Bureau (CFPB),…

Consumer Protection Connection

Boaz Green Interviewed by Regulator Watch About the Consumer Product Safety Commission’s Recent Enforcement Actions Against E-Liquids

By Sheila Millar on July 23, 2019

As previously reported on Keller and Heckman’s The Continuum of Risk blog, the Consumer Product Safety Commission (CPSC) recently announced that it considers flow restricted containers for nicotine-containing e-liquids to be required under the Child Nicotine Poisoning Prevention Act of 2015 (CNPPA). Boaz Green was interviewed by Regulator Watch regarding CPSC’s recent enforcement actions, industry’s response, and the options available to companies receiving Notices of Violation from CPSC. To watch the full interview, click…

Consumer Protection Connection

FTC and D-Link Settle Data Security Dispute

By Sheila Millar & Tracy Marshall on July 17, 2019

After protracted litigation, the Federal Trade Commission (FTC) entered into a proposed settlement with computer software manufacturer D-Link over charges that the company misrepresented the security of its wireless routers and Internet-connected cameras and failed to take reasonable software testing and remediation measures to protect the devices. As we previously reported, part of the FTC’s 2017 complaint against D-Link was dismissed by the U.S. District Court for the Northern District of California on three…

Consumer Protection Connection

UK ICO Proposes GDPR Fines for British Airways and Marriott Data Breaches

By Sheila Millar & Tracy Marshall on July 11, 2019

Earlier this week, the UK Information Commissioner’s Office (ICO) announced its intent to fine British Airways £183,390 million ($230 million) and its intent to fine Marriott International more than £99 million ($123 million) for violations of the General Data Protection Regulation (GDPR) arising out of data breaches. The ICO investigated the breaches as the lead supervisory authority under the GDPR “one stop shop” enforcement mechanism. Both companies have an opportunity to comment on the ICO’s…

Consumer Protection Connection

Sheila Millar Authors Law360 Article “UK’s Proposed Age-Appropriate Data Code Would Be Onerous”

By Sheila Millar on July 9, 2019

In a recent Law360 article, Sheila Millar discusses a proposal from the British Information Commissioners Office (ICO) that significantly restricts how information society services deemed likely to be accessed by children must handle the data they collect, use, and share. In “UK’s Proposed Age-Appropriate Data Code Would Be Onerous” (July 3), she delves into how the ICO proposal creates potentially onerous burdens on business and conflicts with existing law. To read the full article, click…

Consumer Protection Connection

FTC Continues Enforcement of False Privacy Shield Claims

By Sheila Millar & Tracy Marshall on June 20, 2019

Nearly three years after the EU-U.S. Privacy Shield framework replaced the U.S.-EU Safe Harbor as a mechanism to transfer personal data from the European Union to the United States, the Federal Trade Commission (FTC) continues to monitor companies’ claims regarding participation. As we previously reported, the FTC has taken actions against several companies over the years for stating they were self-certified to the Privacy Shield framework when they either had never joined or when…

Consumer Protection Connection

FTC Settles Lax Data Security Charges with Software Seller DealerBuilt

By Sheila Millar & Tracy Marshall on June 17, 2019

The Federal Trade Commission (FTC) entered into a proposed settlement with LightYear Dealer Technologies, LLC (aka DealerBuilt) on June 12, 2019, over allegations of lax consumer privacy protections. While no fines were levied, the order is remarkable for its detailed and extensive requirements governing the company’s future data privacy practices and the FTC’s role in overseeing implementation. The terms include specific instructions for mandatory third-party assessments of the company’s data privacy program using an assessor…

Consumer Protection Connection

E-Vapor Industry Coalition Formally Opposes CPSC Novel Interpretation of CNPPA that Immediately Requires Flow-Restricted Packaging for E-Liquids

By Azim Chowdhury, Sheila Millar & Boaz I. Green on June 13, 2019

As previously reported on Keller and Heckman’s “The Continuum of Risk” blog, earlier this year, the U.S. Consumer Product Safety Commission (CPSC) announced that it was now reading the Child Nicotine Poisoning Prevention Act (CNPPA) to require nicotine e-liquid bottles to meet the “restricted flow requirement” in 16 C.F.R. § 1700.15(d), in addition to having child-resistant closures. A wave of enforcement actions soon followed. CPSC issued Notices of Violations to numerous e-liquid companies alleging that…

Consumer Protection Connection

Will NAS Report Prompt CPSC to Reconsider OFR Stance?

By Sheila Millar & Boaz I. Green on June 4, 2019

In 2015, a group of NGOs filed a petition with the U.S. Consumer Product Safety Commission (CPSC), asking CPSC to ban additive, non-polymeric organohalogen flame retardants (OFRs) in four product categories: infant, toddler, or children’s products; upholstered furniture; mattresses; and plastic electronics’ casings. The petitioners argued that the entire chemical class is toxic and poses a risk to consumers and that the CPSC should ban them under the Federal Hazardous Substances Act (FHSA). However, a…

Consumer Protection Connection

Blog Authors

What’s Next After Facebook’s Record $5 Billion Fine and Cambridge Analytica?

Equifax to Pay Largest-Ever Data Breach Settlement

Boaz Green Interviewed by Regulator Watch About the Consumer Product Safety Commission’s Recent Enforcement Actions Against E-Liquids

FTC and D-Link Settle Data Security Dispute

UK ICO Proposes GDPR Fines for British Airways and Marriott Data Breaches

Sheila Millar Authors Law360 Article “UK’s Proposed Age-Appropriate Data Code Would Be Onerous”

FTC Continues Enforcement of False Privacy Shield Claims

FTC Settles Lax Data Security Charges with Software Seller DealerBuilt

E-Vapor Industry Coalition Formally Opposes CPSC Novel Interpretation of CNPPA that Immediately Requires Flow-Restricted Packaging for E-Liquids

Will NAS Report Prompt CPSC to Reconsider OFR Stance?

Company

Support

New to the Network