The National Institute of Standards and Technology (NIST) has launched a collaborative effort to develop a voluntary framework that will help organizations manage privacy risks and protect consumer privacy when developing and using innovative technologies. According to NIST, a robust cybersecurity program can help manage risks, but organizations need customizable tools for addressing the challenges posed by an increasingly connected environment. The intent is to “bridge the gaps between privacy professionals and senior executives so…

The Federal Trade Commission (FTC) approved modifications to the video game industry’s Children’s Online Privacy Protection Act (COPPA) program. Earlier this year, the Entertainment Software Ratings Board (ESRB) proposed several substantive changes intended to take account of recent FTC COPPA rules and guidance. To receive FTC approval, COPPA safe harbor programs must “implement substantially similar requirements that provide the same or greater protections for children as those contained in the Rule; (2) an effective…

If a company claims to be certified under the EU-U.S. Privacy Shield framework when it hasn’t even completed the paperwork, the Federal Trade Commission (FTC) isn’t likely to let it slide. ReadyTech, a California-based online training services company, made such a claim on its website, in violation of the FTC Act’s prohibition against deceptive acts or practices, according to the FTC’s complaint against the company. The Privacy Shield is one of the approved mechanisms through…

With the ever-changing complexity of state data breach notification laws, companies facing a data breach need resources that will help them understand the issues. This summary provides an overview of the similarities and differences in data breach laws adopted in the 50 United States and the District of Columbia and includes laws enacted since our last update. Alabama and South Dakota became the last states to adopt breach notification laws, which took effect on May…

The U.S. Consumer Product Safety Commission (CPSC) announced potential changes to its 2002 Age Determination Guidelines Relating Children’s Ages to Toy Characteristics and Play Behavior (2002 Guidelines). The new draft guidance, titled Guidelines for Determining Age Appropriateness of Toys (Draft 2018 Guidelines), “addresses toys that have come onto the market since the last update and provides changes to the recommended age group for certain classic toys.” The plan to issue a Federal Register notice was…

The U.S. Consumer Product Safety Commission’s (CPSC) first lawsuit of 2018 is against the maker of popular lines of jogging strollers, Britax Child Safety, Inc. The complaint, to be heard in administrative proceedings, concern’s Britax’s B.O.B. jogging strollers. The company and its 2011 merger partner, B.O.B. Trailers, Inc., have been importing and distributing the strollers since 1997. At issue are about 493,000 jogging strollers imported and distributed between December 2011 and September 2015. They include…