Tag Archive | "Ftc compliance lawyer"

Trump Picks Corporate Antitrust Lawyer to Lead FTC

President Trump has chosen Joseph J. Simons, an antitrust lawyer who has represented a number of tech companies, including Microsoft, to lead the Federal Trade Commission.  Other seats at the agency have also been filled, one of which by Rohit Chopra, a fellow at a consumer advocacy group.

The nominations are expected to be approved once reviewed by Congress.

Mr. Simons led the competition bureau of the FTC during the George W. Bush administration.  All signs are that the Commission will continue to pursue a conservative, free-markets approach to antitrust issues.

It will be interesting to see how antitrust policy plays itself out, considering hot button issues such as the growing power of major Internet and digital advertising companies.  While Mr. Simons appears to possess a lot of institutional knowledge, he is not as well-known in the privacy and data security circles, which is the other major policy area under the FTC’s purview.

Chopra, the nominee for a Democratic position, is known for expertise on financial services issues, particularly in the area of student lending.  He was assistant director in the Consumer Financial Protection Bureau.

Noah Phillips is expected to be approved as a Republican commissioner.  Mr. Phillips possesses expertise in privacy and antitrust matters.

Consult with an experienced FTC defense lawyer if you are the subject of a Federal Trade Commission investigation or enforcement action.

Follow the author on Twitter.

Richard B. Newman is an Internet marketing compliance and regulatory defense attorney at Hinch Newman LLP focusing on advertising and digital media matters. His practice includes conducting legal compliance reviews of advertising campaigns, representing clients in investigations and enforcement actions brought by the Federal Trade Commission and state Attorneys General, commercial litigation, advising clients on promotional marketing programs, and negotiating and drafting legal agreements.

 

ADVERTISING MATERIAL. These materials are provided for informational purposes only and are not to be considered legal advice, nor do they create a lawyer-client relationship. No person should act or rely on any information in this article without seeking the advice of an attorney. Information on previous case results does not guarantee a similar future result. Hinch Newman LLP | 40 Wall St., 35thFloor, New York, NY 10005 | (212) 756-8777.

Posted in LegalComments (0)

GDRP Impact on Digital Marketing

GDRP Impact on Digital Marketing

The General Data Protection Regulation is a regulation that is intended to strengthen data protection for individuals within European Union countries.  At its core, the GDPR is intended to provide individuals more control over and additional safeguards with respect to their personal data, including the right to be forgotten and the right to know when their data has been hacked.

The GDPR is also intended to unify privacy and data requirements across the European Union.  However, countries will be permitted to regulate specific types of data, like health data.

In short, companies that conduct business in the European Union may need to reassess their privacy protocols as they may not pass must under the new GDPR regulations which set a higher standard for consent.

It is widely anticipated that the GDRP will have a significant impact on the digital marketing industry, particularly with respect to how personal data is collected, used and stored for commercial purposes, consent management and what companies must do to bring themselves into compliance.

The new law affects every company that uses personal data from European Union citizens.  It provides data localization, data encryption and anti-SPAM.

If you send email in the European Union, regardless of where you are based, you will have to comply with the GDPR.  Affirmative, opt-in consent for commercial communications will be required.  The new law specifies the nature of such consent, including what constitutes “affirmative” consent (e.g., checking a box, etc.).

Consumers must be informed about the brand that is collecting the consent and information pertaining to how data will be used, including the maintenance of data in a CRM database.

Importantly, GDPR also applies to existing data.  So, if presently existing email lists do not meet GDPR standards, they will be off limits when the new law takes effect.

In-line with U.S. Federal Trade Commission best practice guidance, data should never be retained for longer than needed and should only be used for intended purposes – those which a consumer would reasonably and legitimately expect.  Avoid colleting unnecessary data.

Additionally, the new law provides for the appointment of a data protection officer to oversee compliance,  including responding to consumer inquiries.

The new privacy and data protection rules come into force on May 25, 2018.  GDPR will impact any organization – including those in the US and Canada – that does business in the European Union.

Penalties for non-compliance will be steep.  Up to €20 million or 4% of total annual revenue, whichever is greater.  Compliance is also critical from the standpoint of securing a competitive advantage.

This article should be of interest to social media influencers and marketers.  Consult with an experienced FTC defense lawyer for assisting designing and implementing preventative compliance controls, or if you are being threatened with civil litigation or a regulatory investigation.

Follow the author on Twitter.

Richard B. Newman is an Internet marketing compliance and regulatory defense attorney at Hinch Newman LLP focusing on advertising and digital media matters. His practice includes conducting legal compliance reviews of advertising campaigns, representing clients in investigations and enforcement actions brought by the Federal Trade Commission and state Attorneys General, commercial litigation, advising clients on promotional marketing programs, and negotiating and drafting legal agreements.

ADVERTISING MATERIAL. These materials are provided for informational purposes only and are not to be considered legal advice, nor do they create a lawyer-client relationship. No person should act or rely on any information in this article without seeking the advice of an attorney. Information on previous case results does not guarantee a similar future result. Hinch Newman LLP | 40 Wall St., 35thFloor, New York, NY 10005 | (212) 756-8777.

Please contact advertising law attorney Richard B. Newman if you are interested in discussing the design and implementation of GDRP compliance protocols, or if you are the subject of a regulatory investigation or enforcement action.

Posted in LegalComments (0)

U.S. Federal Trade Commission Investigating the Equifax Data Breach

Last month, reports surfaced that Equifax, Inc., one of the nation’s leading credit reporting services, was the subject of a historic cyberattack that compromised the security of financial and other personal information of more than 143 million U.S. consumers.  The data breach involved names, social security numbers, birth dates, addresses, driver’s license numbers and credit card numbers.

Not surprisingly, given the breadth of the breach and criticism that Equifax dragged its feet on alerting consumers, the Federal Trade Commission has now opened an investigation into the unprecedented data hack.

“The FTC typically does not comment on ongoing investigations.  However, in light of the intense public interest and the potential impact of this matter, I can confirm that FTC staff is investigating the Equifax data breach,” said Peter Kaplan, the FTC’s acting director of public affairs, in a statement.

Reports indicate that the breach was due to an open-source software vulnerability that the company used to create Java web applications.  The FTC will no doubt be investigating when cybersecurity professionals discovered the vulnerability, when Equifax was put on alert, whether it took proper measures to install security updates and what representations were made to consumers.

For years, the FTC has investigated and taken action against numerous companies for violation of the FTC Act due to inadequate privacy and data security protocols.  For example, in the recent case of FTC v. Wyndham Worldwide Corp., 799 F. 3d 236 (3rd Cir. 2015) hackers accessed the personal and financial information of hundreds of thousands of consumers, resulting in millions of dollars in fraudulent credit card charges.

Consequently, the FTC filed suit against Wyndham, alleging that it made deceptive claims regarding its cybersecurity practices and that its failure to protect the privacy of customer information amounted to an unfair practice.  In support

The FTC cited several facts to supports its allegations against Wyndham, including that it: stored payment card information in clear readable text; allowed the use of easily guessed passwords for remote access; did not use firewalls; did not properly restrict third-party vendor access; failed to conduct security investigations when vulnerabilities were raised; failed to follow industry standard incident response procedures; and failed to monitor its network for malware and harmful software.

Most likely, the FTC will be assessing the foregoing factors during the Equifax investigation, as well as those unique to the company.

The agency’s top Democrat, Terrell McSweeny, stated that she is “very concerned” about the size of the breach, as well as Equifax’s response.

Given the FTC’s public acknowledgement of the investigation, it is probably safe to assume that Equifax will be subject to a permanent injunction and restitutionary remedies designed to compensate consumers that are harmed by the massive data breach.

The Consumer Financial Protection Bureau has also revealed that it has commenced an investigation into the Equifax incident.

Some believe that the scope of the data breach could prompt Congress to act on data privacy legislation, including a data breach notification law and minimum data security standards for credit reporting agencies.

Please contact the author if you are interested in discussing the design and implementation of preventative data security and privacy protocols, or if you are the subject of a local, state or federal regulatory investigation or enforcement action.

 

This article should be of interest to social media influencers and marketers.  Consult with an experienced FTC compliance lawyer for assisting designing and implementing preventative compliance controls, or if you are being threatened with civil litigation or a regulatory investigation.

Follow the author on Twitter.

Richard B. Newman is an Internet marketing compliance and regulatory defense attorney at Hinch Newman LLP focusing on advertising and digital media matters. His practice includes conducting legal compliance reviews of advertising campaigns, representing clients in investigations and enforcement actions brought by the Federal Trade Commission and state Attorneys General, commercial litigation, advising clients on promotional marketing programs, and negotiating and drafting legal agreements.

 

ADVERTISING MATERIAL. These materials are provided for informational purposes only and are not to be considered legal advice, nor do they create a lawyer-client relationship. No person should act or rely on any information in this article without seeking the advice of an attorney. Information on previous case results does not guarantee a similar future result. Hinch Newman LLP | 40 Wall St., 35thFloor, New York, NY 10005 | (212) 756-8777.

 

Posted in LegalComments (0)


Facebook

Subscribe via RSS