Legal Library: Cases and Proceedings

The FTC reached a settlement with 1Health.io over allegations that it left sensitive genetic and health data unsecured, deceived consumers about their ability to get their data deleted and changed its privacy policy retroactively without adequately notifying and obtaining consent from consumers whose data the company had already collected.

The FTC will require Amazon to overhaul its deletion practices and implement stringent privacy safeguards to settle charges the company violated the Children’s Online Privacy Protection Act Rule (COPPA Rule) and deceived parents and users of the Alexa voice assistant service about its data deletion practices. 

The Federal Trade Commission has taken enforcement action for the first time under its Health Breach Notification Rule against the telehealth and prescription drug discount provider GoodRx Holdings Inc., for failing to notify consumers and others of its unauthorized disclosures of consumers’ personal health information to Facebook, Google, and other companies.

The FTC taking action against education technology provider Chegg Inc. for its lax data security practices that exposed sensitive information about millions of its customers and employees, including Social Security numbers, email addresses and passwords.

The Federal Trade Commission is taking action against the online alcohol marketplace Drizly and its CEO James Cory Rellas over allegations that the company’s security failures led to a data breach exposing the personal information of about 2.5 million consumers.

The FTC alleged that Twitter’s deceptive use of user email addresses and phone numbers violated the FTC Act and the 2011 Commission order.

Everalbum settled Federal Trade Commission allegations that it deceived consumers about its use of facial recognition technology and its retention of photos and videos of users who deactivated their accounts.

A lead generation company that collected sensitive information from millions of consumers under the guise of connecting them with lenders will pay $1.5 million in civil penalties and face restrictions on their operations as a result of a Federal Trade Commission lawsuit.

The FTC’s complaint alleges that since at least 2012, ITMedia Solutions LLC, a number of affiliate companies, and their owners and officers have operated hundreds of websites that were designed to entice consumers into sharing their most sensitive financial information—including their Social Security numbers and bank account information. The defendants sold that information to marketing companies and others without regard for how the information would be used, according to the complaint.

The FTC approved a proposed order banning SpyFone and its CEO Scott Zuckerman from the surveillance business over allegations that the stalkerware app company secretly harvested and shared data on people’s physical movements, phone use, and online activities through a hidden device hack.

Under an order with the FTC, OpenX Technologies, Inc. will be required to pay $2 million over allegations that the company collected personal information from children under 13 without parental consent. The FTC also alleged that the company collected geolocation information from users who specifically asked not to be tracked.

Flo Health has settled Federal Trade Commission allegations that the company shared health information of its users with outside data analytics providers after promising such information would be kept private.