FTC Serves MoviePass Its Final Scene

moviepass

The folks behind MoviePass have agreed to settle charges with the Federal Trade Commission that the business worked to subvert customers’ ability to use the film subscription service and failed to protect personal data, in a messy case that’s quite the example of poor leadership and poor privacy compliance all rolled into one. For those…

Read More

Zoom and FTC Enforcement to Come

Zoom

A few weeks ago the Federal Trade Commission took an enforcement action against Zoom Technologies for misleading statements Zoom made about the security of its videoconferencing services. The case wasn’t too exciting except for a dissenting statement from one of the Democratic FTC commissioners — which read like a foreshadowing of cybersecurity enforcement in the…

Read More

Facebook, Power, and Antitrust Issues

facebook

Compliance officers have a lot to consider about this week’s news that Facebook will pay $5.1 billion in penalties and implement a raft of procedures to improve its privacy compliance. Above all, however, consider this: the market didn’t care.  It didn’t. While we were all busy analyzing what Facebook’s settlements with the Federal Trade Commission…

Read More

Nine Compliance Issues for 2019

2019

Welcome to 2019, everyone! The federal government may be shut down, but corporate compliance never stops. Now that we’re done returning Christmas presents and deleting emails clogging our in-boxes, our thoughts turn to how the corporate compliance landscape might evolve in the coming year. Without further delay, then, my annual list of compliance issues that…

Read More

Talking About Information Risk

analytics

Compliance officers can’t ponder the threat of information risk enough these days—so to fill that need, I’ll be hosting a three-part webinar series starting next week to explore the subject. Set your calendars! Information risk intrigues me so much because it’s so hard to define, and therefore so slippery to address. Sure, once upon a…

Read More

10 Quick Tips on Cybersecurity, Privacy

cybersecurity

The Society of Corporate Compliance & Ethics annual conference always provides a torrent of useful ideas and advice. I spent the first day attending several sessions on cybersecurity risks and privacy compliance. Without further delay, here is a collection of random observations I jotted down, in no particular order… Remember that one weak spot in…

Read More

The ‘This Seems Weird’ Control for Data Privacy

cybersecurity

Not long ago I heard the story of a CEO who was the victim of attempted “spear phishing”—where some outside hacker impersonates the boss, and via email asks employees at the company to reply back with valuable information. In this specific case, the hacker posed as the CEO and contacted a junior member of the…

Read More