Tell me don’t sell me.

In a new settlement order with the Federal Trade Commission, Unrollme was ordered to notify all its active users of the fact that it accesses or collects email purchase receipts for use in market research products that are sold to third parties and to delete the information of anyone that

“The decision to impose documentation requirements, rather than bright line rules, represents a significant departure from how the government traditionally aims to protect the public. It is akin to if federal regulators, instead of ordering automakers to install seatbelts, ordered them to document the pros and cons of installing seatbelts, and to decide for themselves

The $5 billion fine levied against Facebook by the Federal Trade Commission is certainly headline news, but it also contains detailed requirements for privacy and information security governance and accountability that all companies can learn from and implement.

Big Picture Takeaways:

  • Facebook faces many detailed requirements for internal and external governance and oversight with

The Federal Trade Commission is seeking comments on the Children’s Online Privacy Protection Act Rule.

In light of continued rapid changes in technology, the Federal Trade Commission is seeking comment on the effectiveness of the amendments the agency made to the Children’s Online Privacy Protection Act Rule (COPPA Rule) in 2013 and whether additional changes

The FTC has entered into a consent order with a sole proprietor for a failure to implement reasonable protections of personal information.

At issue were the following statements, which the FTC held to be deceptive/misleading:

  • “[We] utilize the latest security and encryption techniques to ensure the security of your account information.”
  • “We understand clearly that

The U.S. Federal Trade Commission (FTC) has entered into a settlement agreement with a company that claims on its website that it is EU U.S. Privacy Shield certified, when in fact, it had only started the process and stopped midway.

The FTC also sent warning letters to:

  • 13 companies that falsely claimed they participate in

The U.S. Congress is considering increased enforcement powers for the Federal Trade Commission (FTC), reports Bloomberg’s Sara Merken

“House and Senate lawmakers are weighing whether to give the FTC broad or targeted new rulemaking authority, and more resources, to enforce privacy and data security obligations. They also are discussing whether federal legislation should override state

The California Consumer Privacy Act “has galvanized the U.S. Congress to start thinking really hard about federal privacy legislation. We’ve encouraged them to do that,” said Federal Trade Commission Chairman Joe Simons.

Other key takeaways from Simons’ conversation with International Association of Privacy Professionals Chief Knowledge Officer Omer Tene:

  • Though not specifically commenting on any

“The Federal Trade Commission is aiming to bring more EU-U.S. Privacy Shield enforcement actions for significant violations of the cross-border data transfer program, the agency’s consumer protection chief said April 26.”

There are a group of cases the FTC is “looking at right now and they include” alleged substantive violations of the Privacy Shield program

FTC, the De Facto Privacy Regulator.

The Federal Trade “Commission has settled or litigated more than 60 law enforcement actions against businesses that allegedly failed to take reasonable precautions to protect consumers’ data,” said FTC Bureau of Consumer Protection Director Andrew Smith in testimony before a Senate Homeland Security and Government Affairs Subcommittee.

Cases included: