If you are an IT sourcing professional or an attorney negotiating IT agreements, you have probably encountered the terms AT 101, SSAE No. 16, SOC, SOC1SM, SOC2SM and SOC3SM. These are terms that are well understood by...more
Delaware state representative Darryl Scott recently introduced the Child Online Protection Act (House Bill 261 or the “Bill”), to the state’s House of Representatives. If passed, the Bill would: (1) prohibit the online...more
Just two months after Apple’s settlement with the FTC over lax parental controls over children’s in-app purchases, Google takes the spotlight with claims of unauthorized children’s in-app purchases in the Google Play Store!...more
Officials at the University of Maryland (“University” or “UMD”) announced that UMD was the victim of a significant security breach that took place on Tuesday, February 18 (the “Breach” or “Incident”). The Incident,...more
The Children’s Advertising Review Unit (CARU) announced that it has recommended that HarperCollins Publishers Ltd. (the “Company”) modify its information collection practices on its Ruby Redfort child-directed website (the...more
The FTC has announced its unanimous approval for the kidSAFE Seal Program proposed by Samet Privacy, LLC under the “safe harbor” provision of the COPPA Rule (the “kidSAFE Seal Program”). The Commission’s decision comes after...more
Apple Agrees to Pay Consumers At Least $32.5 Million to Settle Complaint of Unfair Billing Related to Children’s In-App Charges -
FTC Chairwoman Edith Ramirez just announced (press conference) that Apple, Inc....more
As we predicted in our prior blog post reviewing the key children’s privacy developments of the past year, 2014 is turning out to be the year of enforcement of children’s privacy regulations! The first two requests for...more
The FTC has announced (press release) that it has unanimously approved the knowledge-based authentication method proposed by Imperium, LLC (“Imperium”) as a COPPA-compliant method of obtaining verifiable parental consent...more
Significant compliance obligations with children’s privacy rules!
Last December, the FTC gave to us the long awaited (or maybe not so much by covered entities!) final amendments to the 14-year old Children’s Online...more
Earlier this month, Google, Inc. (“Google” or “Company”) entered into an agreement with the Attorney Generals of 37 states and the District of Columbia, settling allegations of violation of the participating states’...more
Or….why are health care institutions still leaving laptops containing PHI unencrypted????
The Los Angeles Times (the “Times”) reported this week the theft of two laptops from an administrative office of hospital group...more
In a Federal Register notice to be published shortly, the FTC is seeking public comment on the kidSAFE Seal Program proposed by Samet Privacy, LLC under the “safe harbor” provision of the COPPA Rule. This provision enables...more
The FTC has announced that it is seeking public comment on a second verifiable consent method proposed under the Voluntary Commission Approval Process provision of the COPPA Rule. The proponent is Imperium, LLC (“Imperium”),...more
Yesterday, the FTC published a Federal Register notice requesting public comment on the first new method for obtaining verifiable parental consent submitted for FTC approval by AssertID, Inc under the Voluntary Commission...more
The latest in a series of National Institute of Standards and Technology (“NIST”) publications is the Guidelines for Managing the Security of Mobile Devices in the Enterprise (the “Guidelines”), a comprehensive document to...more
What Is COPPA?
•Children’s Online Privacy Protection Act, enacted by Congress in 1998
•Congress directed the Federal Trade Commission (FTC), the nation’s consumer protection agency, to issue and enforce regulations...more
The National Institute of Standards and Technology (“NIST”) has released the fourth revision of its standard-setting computer security guide, Special Publication 800-53 titled Security and Privacy Controls for Federal...more
Today, the FTC sent more than ninety (90) “educational” letters to domestic and foreign businesses whose Web sites and online services (including mobile apps) appear to collect personal information from children that are 12...more