FTC Settles with Device Manufacturer HTC America over Charges that HTC Products Had Security Design Flaws

more+
less-

In taking action against HTC America, a mobile device manufacturer, last week for alleged data security design flaws in its devices, the U.S. Federal Trade Commission demonstrated a broad view of the scope of its authority under the Federal Trade Commission Act to regulate data privacy and security principles, which all providers of consumer applications and devices should note. On February 22, the FTC announced a proposed settlement with HTC America over alleged claims that the company had committed unfair trade practices by failing to employ reasonable and appropriate security practices in installing software on its smartphones and tablets that had security vulnerabilities. The FTC claimed in its complaint that these security vulnerabilities were unfair trade acts or practices because they provided a gateway through which consumers might be harmed that was neither avoidable by consumers nor offset by countervailing benefits to customers or competition. The FTC also brought a deceptive trade practices claim based on statements in HTC’s product manuals and mobile device interfaces.

The proposed settlement with HTC America reflects the increased focus the FTC has placed on pushing all actors in the electronics and software supply channels – whether upstream product manufacturers or app providers – to incorporate “privacy by design” principles in the product designs. The action should be of concern to a wide range of parties operating in those channels, even if they themselves do not collect or process consumer data but merely provide tools for doing so.

Please see full alert below for more information.

LOADING PDF: If there are any problems, click here to download the file.