In November of 2023, Meta launched a service in the European Union that allowed users to utilize the Facebook and Instagram platforms “ad free” for a monthly fee. The subscription service was meant to address regulatory concerns about Meta’s vast data collection and surveillance-based advertising system that tracks consumers across websites. The concept introduced a
Federal Trade Commission
FTC Bureau of Consumer Protection Remarks Compare Lessons Learned from Consumer Credit as a Model for Regulating Privacy
In the middle of the 20th century, there was a massive expansion of the retail credit market. Everything from boats to sewing machines to kitchen appliances were bought and sold through increasingly complex credit arrangements. These credit arrangements would extinguish a consumer’s rights to dispute any terms of the contract once a loan was…
Network Topology and Network Mapping: The NIST Cybersecurity Framework – Part 2
A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can be found here. The second and final part of this series will discuss strategies for optimizing network topology and data security, focusing…
Cybersecurity Enforcement Has Increased, and 2023 Will Be Worse!
The government’s announcement of renewed emphasis on cybersecurity enforcement has spawned recent million-dollar enforcement actions. Continued government attention on cybersecurity promises a treacherous enforcement environment in 2023 and beyond.
Several recent government initiatives have focused on cybersecurity enforcement. Towards the end of 2021, the Department of Justice announced a Civil Cyber-Fraud Initiative to use the…
FTC Finalizes Updated Safeguards Rule Under GLBA to Dramatically Expand Data Security Requirements and Scope of Rule
Until now, companies primarily regulated by the Federal Trade Commission (FTC) were given only vague directives to implement systems sufficient to safeguard customer data, coupled with FTC “recommendations” as to best practices. That is about to change with the FTC’s finalization of its proposed amendments to the Standards for Safeguarding Customer Information (Safeguards Rule) on…
A Second Chance for the Public Health Emergency Privacy Act
This is the seventh alert in a series of Bradley installments on privacy and cybersecurity developments arising from the COVID-19 pandemic. Click to read the first, second, third, fourth, fifth, and sixth installments.
Sen. Mark Warner (D-Va.) has re-introduced a bill to create the Public Health Emergency Privacy Act (PHEPA).…
FTC Eyes Vendor Oversight in Safeguards Rule Settlement
On December 15, 2020, the FTC announced a proposed settlement with Ascension Data & Analytics, LLC, a mortgage industry analytics company, related to alleged violations of the Gramm-Leach-Bliley Act’s (GLBA) Safeguards Rule. In particular, the FTC claimed that Ascension Data & Analytics’ vendor, OpticsML, left “tens of thousands of consumers[’]” sensitive personal information exposed “to…