Federal Trade Commission (FTC)

FTC announces expanded settlement with Uber, WPF comments included

The FTC finalized an expanded settlement with Uber, Inc. regarding the company’s data security practices. According to the FTC complaint, in the midst of the Commission’s original investigation, Uber experienced a second serious breach and waited more than a year after learning of the breach before informing the public or the Commission. The World Privacy Forum

Public Comments: WPF comments on proposed revised consent decree re: Uber; requests FTC to hold workshop to determine standards for privacy assessments

In comments to the FTC regarding a proposed revised consent decree with Uber Technologies, Inc., WPF urged the FTC to clarify what the term “assessment” means in the context of a consent decree with a company. The comments note that the requirement for an assessment is not the same as the requirement for an audit.

When TVs watch you: What we learned from the FTC’s VIZIO case

Television maker VIZIO is paying $2.2 million in penalties to settle charges after the FTC and the New Jersey Attorney General’s office brought a complaint against the company for violating its customers’ privacy. The complaint against VIZIO stated that the company collected detailed information on millions of its customers TV viewing habits without their express consent, and that VIZIO facilitated something called “data appending,” which is when even more detailed information is added to existing customer profiles.

Update: EU, US reach new Safe Harbor deal

Update for February 29, 2016: The US and the European Commission have released new details about the proposed Privacy Shield program. We have published a new post about this release here. Briefly, the US Department of Commerce has released a 132-page package containing the program principles, letters from the FTC, the Department of Transportation, the Office of the Director