On December 9, 2014, a joint open letter (“Letter”) was issued to the operators of seven (7) app marketplaces, urging them to “make the basic commitment to require each app that can access or collect personal information, to provide users with timely access to the app’s privacy policy.” Although the Letter was sent to Apple, […]
Privacy Policy
CFPB’s Final Rule Allows Online Privacy Notice Posting In Certain Circumstances
The Consumer Financial Protection Bureau (CFPB) recently published a final rule regarding annual privacy notices from financial institutions to their customers. The rule allows financial institutions that limit their consumer data-sharing and meet other requirements to post their annual privacy notices online rather than delivering them individually. Under the Gramm-Leach-Bliley Act (GLBA), financial institutions generally […]
FTC Settles with TRUSTe Inc. Over Deception Claims
The Federal Trade Commission (FTC) and TRUSTe Inc. entered into a settlement agreement Monday over the FTC’s allegations that the internet privacy certifier deceived consumers about its privacy seal recertification program and allowed its customers to falsely advertise it as a nonprofit entity. Under the settlement, TRUSTe will pay a $200,000 fine and stop making […]
FTC seeks public comment on AgeCheq Inc.’s application for approval of proposed verifiable parental consent method
On August 25, 2014, the Federal Trade Commission (“FTC”) issued a Federal Register notice to be published, announcing the FTC’s request for public comment on a proposed verifiable parental consent method. The method has been submitted for approval by AgeCheq, Inc. under the Children’s Online Privacy Protection Act and the rules promulgated thereunder (the “Rule”). The Rule requires […]
Kim Peretti Interviewed by BankInfoSecurity
Kim Peretti, co-chair of the firm’s Security Incident Management & Response Team, was interviewed by BankInfoSecurity about what boards must know about security issues and how to keep directors risk-aware. In the interview, titled “Cybersecurity: What Boards Must Know,” Peretti discusses what directors don’t know about security, the pre- and post-breach responsibilities of boards, and how […]