The FTC has entered into a settlement with LightYear Dealer Technologies, doing business as DealerBuilt, a technology company that develops and sells dealer management system (DMS) software and data processing services to automotive dealerships nationwide. The settlement resolves allegations that DealerBuilt engaged in a number of unreasonable data security practices. The DealerBuilt’s DMS software tracks, manages, and stores information related to all aspects of a dealership’s business, including sales, finance, inventory, accounting, payroll, and parts and service and collects and maintains personal and competitively sensitive information about consumers and employees.
Tag: FTC
New Requirements for FTC Data Security Settlements
Two of the Federal Trade Commission’s (FTC’s) most recent data security settlements include new requirements that go beyond previous data security settlements. The new provisions (1) require that a senior corporate officer provide to the FTC annual certifications of compliance and (2) specifically prohibit making misrepresentations to the third parties conducting required assessments. A statement accompanying these settlements noted that the FTC has instructed staff to examine whether its privacy and data security orders could be strengthened and improved.
Continue reading “New Requirements for FTC Data Security Settlements”
FTC: “Illegal Robocallers, You’re Out”
In an active week of FTC announcements, the agency on March 26, 2019, announced four major settlements with entities that were responsible for billions of illegal robocalls made to consumers nationwide. The entities targeted by the agency initiated illegal robocalls across a number of industries – they pitched auto warranties, debt-relief services, home security systems, fake charities, and Google search results services. These settlements resolved FTC allegations that the defendants had violated the FTC Act and the FTC’s Telemarketing Sales Rule.
In Veterans of America, the FTC’s complaint against Travis Deloy Peterson alleged that he “created and used a series of corporate entities and fictitious business names that sound like veterans’ charities to operate a telemarketing scheme that used robocalls to trick generous Americans into giving their vehicles or other valuable property to him” since at least 2012. The settlement includes a monetary judgment of $541,032.10 and would permanently ban defendant Peterson or his employees or contractors from soliciting charitable contributions, making misrepresentation in advertising or promoting any good or service, initiating robocalls, and engaging in deceptive and abusive telemarketing.
FTC Seeks Information from Platform-Based ISPs about Their Privacy Practices
Following congressional hearings last month on potential federal data privacy legislation − Hearing on Policy Principles for a Federal Data Privacy Framework in the United States before the Senate Committee on Commerce, Science, and Transportation; Hearing on Improving Data Security at Consumer Reporting Agencies before the House Subcommittee on Economic and Consumer Policy − the Federal Trade Commission (FTC) on March 26, 2019, announced the initiation of a study concerning the privacy policies, procedures, and practices of seven internet service providers (ISPs). The FTC has used this process in other industries or areas of focus to gather information that it may later share in a public report.
Continue reading “FTC Seeks Information from Platform-Based ISPs about Their Privacy Practices”
The FTC’s Approach to Consumer Privacy
As part of the FTC’s Hearings on Competition and Consumer Protection in the 21st Century, the Commission will hold a two-day hearing on April 9–10 at the Constitution Center (400 7th Street SW in Washington D.C.). The FTC has received 40 comments already and will continue receiving comments until May 31, 2019.
GAO Report Recommends Congress Consider Comprehensive Privacy Regulation
The GAO recently concluded a comprehensive analysis of the U.S. federal regulatory landscape with respect to internet privacy, specifically focusing on FTC and FCC enforcement actions and authorities. GAO interviewed representatives from industry, consumer advocacy groups, academia, FTC and FCC staff, former FTC and FCC commissioners, and officials from other agencies. (See page 40 of the GAO report for a complete list of those interviewed.) GAO recommends that Congress consider developing comprehensive legislation on internet privacy that would enhance existing consumer protections and provide flexibility to address a rapidly evolving privacy environment.
Continue reading “GAO Report Recommends Congress Consider Comprehensive Privacy Regulation”