Author: Discerning Data Editorial Board

FTC Requests the Shut Down of a Deceptive Cryptocurrency “Ponzi” Scheme

Share

Recent activity by the FTC in court continues to indicate that federal regulators are prepared to take a strong stance on deceptive practices related to cryptocurrency.

In a complaint, filed on February 20, 2018, the FTC alleges that Thomas Dluca, Louis Gatto, and Eric Pinkston engaged in unfair or deceptive business practice, and misrepresented material facts, associated with businesses known as the “Bitcoin Funding Team,” “My7Network,” and “Jetcoin.”

Continue reading “FTC Requests the Shut Down of a Deceptive Cryptocurrency “Ponzi” Scheme”

Singapore Joins APEC Cross-Border Privacy Rules System and Privacy Recognition for Processors Program

Share

Singapore recently became the latest country to join the Asia-Pacific Economic Cooperation (“APEC”) Cross-Border Privacy Rules (“CBPR”) System.  Singapore is the CBPR’s sixth participant, joining the United States, Mexico, Japan, Canada, and the Republic of Korea.  Singapore also became the second country to join APEC’s new Privacy Recognition for Processors (“PRP”) program, joining only the United States.

As a member of APEC’s CBPR, Singapore’s personal data protection regime has been deemed to be in alignment with the CBPR’s focus on facilitating data flows between economies and preventing accidental disclosure and misuse of personal data vis-à-vis online transactions.  Remarking on this move, Singapore’s Personal Data Protection Commissioner Tan Kiat How stated, “[t]he seamless exchange of personal data will enable certified Singapore business to plug into even more regional and global business opportunities.  Meanwhile, our consumers will enjoy greater peace of mind when they shop or use vital services online.”

Endorsed by APEC Leaders in 2011, the CBPR is a voluntary, accountability-based system that implements the APEC Privacy Framework (the “Framework”) by reducing barriers to information flows, enhancing consumer privacy, and promoting interoperability across regional data privacy regimes.  Created in 2004, the Framework was developed to facilitate the flow of information between the 21 APEC member economies and their trading partners, by promoting a common set of data privacy principles designed to strengthen consumer privacy protections, encourage digital commerce, and facilitate trade and economic growth.  Both the CBPR and the Framework apply only to personal information controllers, whereas the PRP program focuses exclusively on personal information processors.  Finalized in 2016, the PRP program was designed to certify privacy compliance for personal information processors within the Asia-Pacific region by offering a Trustmark certification to processors that demonstrate their capacity to assist data controllers in complying with relevant privacy obligations.  The PRP program was created in order  that (1) data controllers are able to identify qualified data processors to implement data controllers’ data processing obligations, (2) data processors are able to demonstrate their ability to provide effective implementation of a controller’s privacy requirements, and (3) small and medium-sized institutions are able to gain exposure and visibility into a global data processing network.  Collectively, the CBPR, Framework, and PRP make up the three legs of APEC’s current data protection construct.

APEC is one of the leading Asia-Pacific economic forums designed to “support sustainable economic growth and prosperity in the Asia-Pacific region.”  The three pillars of APEC’s agenda focus on trade and investment liberalization, business facilitation, and economic and technical cooperation.  APEC currently has 21 member jurisdictions, including Australia, Brunei Darussalam, Canada, Chile, the People’s Republic of China, Hong Kong, Indonesia, Japan, Republic of Korea, Malaysia, Mexico, New Zealand, Papua New Guinea, Peru, The Philippines, Russia, Singapore, Chinese Taipei, Thailand, the United States, and Vietnam.

Learn more about the APEC Privacy Framework.

Learn more about the APEC Cross Border Privacy Rules.

Social Engineering Fraud and Cyber Insurance – Are You Covered?

Share

Spoofing and phishing are part of what is known as social engineering fraud. Social engineering fraud is typically a type of computer fraud where an employee is misled into believing he or she is communicating with a vendor and is tricked into sending money due that vendor to the fraudster. Many organizations take proactive measures to protect themselves through enhanced IT measures, employee training and the purchase of computer fraud and other types of cyber insurance.

A recent district court action in Washington illustrates how social engineering works and highlights the importance of understanding the limitations of the types of insurance coverages companies may have. The case is currently on appeal before the 9th U.S. Circuit Court of Appeals.

Continue reading “Social Engineering Fraud and Cyber Insurance – Are You Covered?”

Enforcement Actions Launched by Securities and Exchange Commission – Heightened Scrutiny of Blockchain and Cryptocurrency Companies

Share

A recent flurry of activity by the Securities and Exchange Commission (SEC) in court, and strong talk on the Hill, gives a clear indication that the U.S. regulatory agency is making a significant push to rein in the current wild-west atmosphere of investments in Blockchain and cryptocurrency companies.

In the wake of the DAO Report issued by the SEC in July 2017, the agency released several Investor Alerts to warn the public of the risks associated with investing in initial coin offerings (ICOs), including an alert to warn investors to be careful about advertisements by celebrities promoting ICOs and other Blockchain-related investments. Moreover, the SEC chairman and his counterpart at the Commodity Futures Trading Commission (CFTC) have recently released statements and op-eds and appeared before the U.S. Senate Banking Committee to elevate the awareness of lawmakers and the public of some of these risks.

Continue reading “Enforcement Actions Launched by Securities and Exchange Commission – Heightened Scrutiny of Blockchain and Cryptocurrency Companies”

FTC Settlement with PayPal Resolving Allegations That Venmo Made Misrepresentations to Consumers and Violated the Gramm-Leach-Bliley Act

Share

The FTC has entered into a Consent Agreement with PayPal, Inc., settling allegations that PayPal, through its operation of Venmo, had violated Section 5 of the FTC Act and the Gramm-Leach-Bliley Act’s (“GLBA”) Privacy and Safeguards Rules.   PayPal operates Venmo, a payment and social networking application and website that allows consumers to make peer-to-peer payments, which also shares information regarding such payments through a social network feed.  The agreement will be subject to public comment for 30 days.

Continue reading “FTC Settlement with PayPal Resolving Allegations That Venmo Made Misrepresentations to Consumers and Violated the Gramm-Leach-Bliley Act”

DOJ Announces Federal Indictment in Massive Cyberfraud Enterprise

Share

The Department of Justice announced the unsealing of a federal indictment charging 36 individuals for their alleged roles in the Infraud Organization, an Internet-based cybercriminal enterprise that is alleged to have engaged in a large-scale cyberfraud.   The indictment alleges that the enterprise caused more than $530 million in actual losses to consumer, businesses, and financial institutions.

Continue reading “DOJ Announces Federal Indictment in Massive Cyberfraud Enterprise”

©2025 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy