Privacy & Security Law Blog

Privacy & Security Law Blog

Legal Commentary and Resources for the Payment Industry

Insight & Commentary on Information Management and Protection

Monthly Archives: December 2007

Report on the FTC’s Conference on “Ehavioral Advertising”

Posted in Marketing and Consumer Privacy

Posted by K.C. Halm, Ronald London, Razeeb Hossain, and Anne Shelby

In early November the FTC held a series of roundtables and panels to discuss emerging issues in behavioral advertising. The FTC has posted transcripts, videos, the workshop agenda and a list of all participants on its website, found here.

Common discussion themes throughout the two-day workshop included the contradiction between consumers’ failure to protect their personal information despite their stated concern with privacy; the perceived need for greater transparency in privacy policies, especially with respect to providing more detailed descriptions of data use; the disagreement between the infor-mation industry and consumer groups as to the efficacy of private sector self-regulation; debate over the best methods to inform consumers of their privacy choices; and concern over the coming use of developing technologies for data collection, use and disclosure.

A detailed discussion of the sessions follows below. ... Continue Reading

Beware the Flirtbot

Posted in Marketing and Consumer Privacy

Posted by Brian Kennan

Ever since the computer was invented, people have wondered when such machines would be able to think. In 1950, mathematician Alan Turing suggested a simple test for computer intelligence: if a computer can fool a human being into thinking it is also human, said Turing, the machine should be considered intelligent.

Turing died in 1954 but must have rolled over in his grave last week when the Turing test’s reputation hit a new low: security analysts discovered a "sex chat" computer program so lifelike it was fooling customers into disclosing their personal data.The program is called "CyberLover" and exploits a technique long known to security researchers as "social engineering," a fancy term for manipulating users into disclosing information. What’s new with this con is that the one doing the social engineering is a computer program. And a hard working one.  According to Ina Fried, citing a report from PC Tools, CyberLover "can work quickly, too, establishing up to 10 relationships in 30 minutes…. It compiles a report on every person it meets complete with name, contact information, and photos."

Of course, the user must volunteer this information, which raises another intriguing question: ... Continue Reading

FTC Announces “Crackdown” on Do-Not-Call Violators

Posted in Marketing and Consumer Privacy, Policy and Regulatory Positioning

Posted by Ronald G. London

The Federal Trade Commission recently announced that as a result of a new crackdown by the agency on violations of the National Do-Not-Call Registry (“NDNCR”) and related provisions of the FTC’s Telemarketing Sales Rule (“TSR”), it entered several consent decrees with multiple companies totaling $7.7 million in civil penalties, with one complaint still outstanding. The FTC brought the enforcement actions against Craftmatic (purveyor of adjustable beds and mobility assistance scooters) and affiliated entities through which it conducts telemarketing, ADT for TSR-violative actions by authorized third-party dealers of its security systems, Ameriquest Mortgage Company, Guardian Communications and its prerecorded call vendor U.S. Voice Broadcasting, and Global Mortgage Funding. Each of the first four companies and their affiliated entities entered consent decrees with the government and agreed to pay substantial civil penalties (amounts provided below) and to injunctive relief prohibiting them from engaging in similar violations in the future, while the FTC’s complaint for civil penalties and injunctive relief against Global was to be filed.... Continue Reading