The Federal Trade Commission has sent warning letters to two foreign companies that market wearable technology for children that collects geolocation data, allowing parents to monitor and communicate with their children. The letters warned the companies to review compliance with the Children's Online Privacy Protection Act, which requires parental notice and consent before collecting, using or sharing personal information from a child under 13 years old.
Retailers are increasingly deploying cloud services solutions to realise cost savings, gain efficiency and enable scalability across numerous functions. However, while the benefits and popularity of cloud services are clear, cloud solutions are not without risks and challenges. In addition to the normal risks inherent in licensing and using technology, there are a number of issues that retailers should keep in mind when contracting for cloud services solutions.
The Federal Trade Commission has announced an agreement with electronic toy manufacturer VTech Electronics Limited and its US subsidiary settling charges that VTech violated the Children's Online Privacy Protection Act by collecting personal information from hundreds of thousands of children without providing direct notice or obtaining their parent's consent and failing to take reasonable steps to secure the data that it had collected.
To date, data breach plaintiffs have struggled to find a way to access insurance monies in directors and officers (D&O) liability insurance policies. Recently, plaintiffs have pivoted to securities suits as a potential new way to trigger the deeper pockets associated with D&O policies. Insurers are no doubt monitoring this growing trend of litigation, so insureds should pay close attention to cyber-related exclusions in their D&O policies.
The US District Court for the District of New Jersey recently granted Travelers' motion to dismiss Posco Daewoo America Corporation's suit for coverage under the computer fraud provision of its crime insurance policy. Daewoo had sought coverage for amounts that had been designated for payment to it by a third-party supplier and stolen after a criminal impersonated a Daewoo employee. The court held that the crime policy did not cover the lost sums because Daewoo had not owned the stolen money.
Recent judicial interpretations of the Illinois Biometric Information Privacy Act present potential litigation risks for retailers that employ biometric-capture technology. Federal judges in various district courts have allowed cases to move forward against companies such as Facebook, Google and Shutterfly, and retailers that use biometric data may also become litigation targets as federal judges decline to narrow the statute's applicability and additional states consider passing copycat statutes.