The FTC announced earlier today that Wyndham Hotels and Resorts has agreed to settle charges that the
company’s security practices unfairly exposed the payment card
information of hundreds of thousands of consumers to hackers in three
separate data breaches. The settlement requires Wyndham to establish a comprehensive information security program
designed to protect cardholder data and to conduct annual information security audits and maintain safeguards in
connections to its franchisees’ servers.
This settlement demonstrates that the FTC will go after companies that it believe do not have the proper data privacy and security protocols in place. Companies must be careful when determining what type of data they collect from their customers, how they will safeguard the information, and how long they utilize the information. In conjunction with a data collection and usage program it is imperative to have robust privacy and security audits.
The bottom line is that companies should bake privacy and security into their customer data collection and usage programs or they risk millions of dollars in potential legal liability.
Copyright 2015 by The Law Office of Bradley S. Shear, LLC All rights reserved.
Showing posts with label Cyber Security Law Expert. Show all posts
Showing posts with label Cyber Security Law Expert. Show all posts
Wednesday, December 9, 2015
Thursday, August 27, 2015
The Ashley Madison Hack, Cybersecurity, Privacy, and Legal Liability
Privacy and cyber security go hand and hand. If the platform you are
utilizing has weak and/or misleading privacy policies and/or weak cyber
security your safety is at risk. The ongoing issues related to the Ashley Madison hack (and Adult Friend Finder) should be a wake
call to everyone who accesses the Internet and digital services.
While this latest hack along with previous major data breaches is very concerning, I find it very troubling that Ashely Madison intentionally misled clients about its alleged "Delete" service. For $19, its users were intentionally misled that their personal information would be removed from Ashely Madison's records. Obviously this was not the case. Therefore, from a legal perspective, those who paid $19 to have their personal data deleted but didn't receive what was promised to them may be in the greatest position to win damages.
Even though Ashely Madison is based in Canada, the U.S. FTC may get involved since the company did business in the United States. Since a U.S. federal appeals court recently affirmed that the FTC has the power to regulate cyber security it would not surprise me if the FTC gets involved due to Ashley Madison's alleged weak cyber security and/or because it misled their clients about its so called "Delete" service.
The bottom line is that Ashely Madison faces tens of millions (or more) of dollars in potential legal liability either from class action lawsuits and/or regulators. While this situation may take years to sort out, the lesson for all is to be careful what you post online and what digital platforms you trust.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
While this latest hack along with previous major data breaches is very concerning, I find it very troubling that Ashely Madison intentionally misled clients about its alleged "Delete" service. For $19, its users were intentionally misled that their personal information would be removed from Ashely Madison's records. Obviously this was not the case. Therefore, from a legal perspective, those who paid $19 to have their personal data deleted but didn't receive what was promised to them may be in the greatest position to win damages.
Even though Ashely Madison is based in Canada, the U.S. FTC may get involved since the company did business in the United States. Since a U.S. federal appeals court recently affirmed that the FTC has the power to regulate cyber security it would not surprise me if the FTC gets involved due to Ashley Madison's alleged weak cyber security and/or because it misled their clients about its so called "Delete" service.
The bottom line is that Ashely Madison faces tens of millions (or more) of dollars in potential legal liability either from class action lawsuits and/or regulators. While this situation may take years to sort out, the lesson for all is to be careful what you post online and what digital platforms you trust.
Copyright 2015 by the Law Office of Bradley S. Shear, LLC. All rights reserved.
Subscribe to:
Posts (Atom)