The FTC gave final approval to the Venmo/PayPal settlement resolving alleged violations of Section 5 of the FTC Act and the Gramm-Leach-Bliley Act’s Privacy and Safeguards Rules. As described in a previous blog post, the FTC alleged that Venmo made a variety of misrepresentations to consumers with respect to the availability of funds, the ability of consumers to control the privacy of their transactions, and its data security practices. Continue reading “FTC Gives Final Approval to PayPal Settlement Related to Allegations Involving its Venmo Payment Service”
Year: 2018
Stay In Touch! Email Marketing After the GDPR
Part I: Untangling the GDPR and the e-Privacy Directive
This is the first post in a four part series on GDPR and email marketing.
Your email in-box has probably finally recovered from the wave of GDPR opt-in requests and notices that peaked around May 25th. But, if you’ve followed the privacy press or the statements from EU regulators, you’re probably left wondering what it was all for. Many statements made in news stories (both in the U.S. and the EU) and by commentators have claimed that the GDPR means no one can send marketing emails any more without your permission. But, other stories suggest that the opt-in emails and privacy notices were unnecessary or, even, inappropriate. Who’s right? And what email marketing is allowed now?
Continue reading “Stay In Touch! Email Marketing After the GDPR”
Eleventh Circuit Vacates FTC LabMD Order but Does Not Challenge FTC Authority
The U.S. Circuit Court of Appeals for the 11th Circuit vacated the LabMD Federal Trade Commission order but did not challenge the Commission’s ability to use its unfairness authority to challenge inadequate data security practices in a closely watched case that tested the commission’s enforcement powers.
Continue reading “Eleventh Circuit Vacates FTC LabMD Order but Does Not Challenge FTC Authority”
Vermont First State to Pass Data Broker Law
Vermont lawmakers recently passed a first-of-its-kind data broker law, which protects consumers from credit freeze fees, data fraud and clarifies data security requirements.
Continue reading “Vermont First State to Pass Data Broker Law”
Information Governance Can Still Help Your Organization with GDPR Compliance
The highly-anticipated enforcement date of May 25th has come and gone, but the opportunity to use information governance (IG) to bolster your organization’s compliance with the EU General Data Protection Regulation (GDPR) still exists.
Continue reading “Information Governance Can Still Help Your Organization with GDPR Compliance”
Massive Data Breach Exposes 500,000 Patients’ Medical Records
LifeBridge Health in Maryland is the most recent health system to have its patient records impermissibly accessed through a malware cyberattack. Indication of an attack was first detected in March 2018, upon which the hospital hired a national forensic firm to investigate the attack and determined that an unauthorized person had accessed LifeBridge’s server in September 2016.
Continue reading “Massive Data Breach Exposes 500,000 Patients’ Medical Records”