�鶹��ý

To make it harder for hackers to bluff their way onto a computer network, careful companies follow the advice of Start with Security and require strong authentication practices. We’ve considered FTC settlements, closed investigations, and the questions we get from businesses about implementing good authentication “hygiene.” Here are some tips on using effective authentication procedures to help safeguard your network. Insist on long, complex, and...

You’ve conducted an information “census” to identify and locate the confidential data in your company’s possession. Then you determined what you need to hold on to for business purposes. What’s the next step? According to Start with Security, it’s time to put limits in place to control access to data sensibly. It’s not a novel concept. You have a lock on the door to prevent after-hours access to your business and people can’t just stroll onto...

When it comes to data security, what’s reasonable will depend on the size and nature of your business and the kind of data you deal with. But certain principles apply across the board: Don’t collect sensitive information you don’t need. Protect the information you maintain. And train your staff to carry out your policies. The FTC’s Start with Security initiative was built on those fundamentals. As we mentioned in last week’s introductory post, we...

Savvy business people are on the lookout for ways to minimize their companies’ risk of a data breach. Many businesses consult the FTC’s complaints and orders, each of which includes a detailed description of the conduct alleged to have violated the FTC Act. Perhaps it was a broken promise about the care the company said it would take when handling consumers’ sensitive data. In other cases, it might be a pattern of failures which, when taken...

Of course, phantom debt collection – the practice of pressuring people to pay “debts” they don’t owe – harms consumers. But as an FTC complaint demonstrates, when phantom debt collectors strike, they could affect your company, too. According to the FTC, a Florida-based outfit engaged in a scheme to defraud consumers through the collection of debts people didn’t actually owe or the company didn’t have the authority to collect. The complaint...

It typically started with a schmoozy call to an unsuspecting small business or nonprofit. Sometimes the caller claimed to be “confirming” an existing order, “verifying” an address, or offering a “free” catalog or sample. Then came the supplies surprise – unordered merchandise arriving at the company’s doorstep followed by high-pressure demands to pay up. In two separate actions, the FTC announced settlements with Maryland-based companies charged...

If marketing claims are any indication, “green” paint is popular with consumers, but not just in the sense of emerald, mint, or avocado. Companies are advertising that their paints are emission-free, VOC-free, and without chemicals that could harm consumers, including pregnant women, babies, and people with asthma. Some brands even feature seals and certifications touting purported environmental benefits. But according to proposed FTC settlements...

There’s been a lot of talk about “ping trees” and other activities associated with the lead generation industry. The FTC’s concern is that consumers don’t get ponged in the process. A proposed settlement gives a glimpse into how one lead generation company operated and offers insights for businesses about compliance considerations when the “product” in question is consumers’ personal data. Arizona-based Blue Global operated at least 38 internet...

Rockne, Lombardi, Landry, Shula. Behind every sports dynasty, there’s a legendary coach. But according to the FTC, marketers of “business coaching” services took consumers for millions by using offside sales tactics that will likely disqualify them from the Truth-in-Advertising Hall of Fame. One notable feature of the cases is that it took two pages just to list the interconnected companies and individuals involved in the operation, but it boils...

If you own or operate gas stations, chances are you know about skimmers – illegal card readers attached to payment terminals, like gas pumps, that grab data off a credit or debit card’s magnetic stripe without the customer’s knowledge. Criminals sell the stolen data or use it to buy things online. If your pumps are compromised, customers won’t know their information has been stolen until they get an account statement or overdraft notice...