June 26, 2024

U.S. Privacy and Data Protection | Insights | June 2024 (Federal Law)

Portrait Kelly Mulcahy
By Kelly Mulcahy

Senior Associate

U.S. Privacy and Data Protection | Insights | June 2024 (Federal Law)

The Federal Trade Commission (FTC) continues to target data privacy and security issues. For example, the FTC has recently taken action against Monument, an alcohol addiction treatment service, for allegedly sharing the personal health data of its users with third-party platforms, such as Meta and Google, without consent.

As alleged by the FTC, Monument offers online support and therapy for alcohol addiction and collects personal information of users, including names, email addresses, birth dates, information about user alcohol consumption, and medical history.

The FTC’s complaint highlights that between 2020 and 2022, there were purported continuous assurances that users’ information would remain “100% confidential” and would not be disclosed without users’ consent. While promising privacy to users, the FTC claims the business contradicted their policies and allegedly shared sensitive user data, such as intimate details about their addiction treatment, for targeted advertising.

Requirements Moving Forward

The FTC alleges Monument's practices violated the 2018 Opioid Addiction Recovery Fraud Prevention Act (OARFPA). As a consequence, the proposed order seeks:

  • Payment of $2.5 million civil penalty for violating OARFPA (suspended due to the company's inability to pay);
  • A ban on sharing data for advertising unless users give explicit permission;
  • Requirements for data deletion and consumer notification; and
  • Implementing a robust privacy program.

As a business, it is critical to assess what categories of consumer data are collected and shared with third parties, and what representations are being made to consumers about the use of their data. A robust privacy compliance program can significantly help mitigate the risk of the misuse of consumer data and be used as a framework and defense if an issue arises.

How Can Kronenberger Rosenfeld Help?

Kronenberger Rosenfeld, LLP regularly assists businesses with data privacy and security issues, including proactive compliance and experienced advice if any legal issues arise. If you need assistance for your business, contact our firm using our online case submission form here.

This entry was posted on Wednesday, June 26, 2024 and is filed under Privacy and Data Protection Updates, Internet Law News.



Related articles

Privacy & Cybersecurity

How to Keep Up With New Privacy Laws

There has been a wave of emerging and detailed privacy laws from the California Consumer Privacy Act ("CCPA"), as amended by the California Privacy Rights Act ("CPRA"), to the General...

Read Article

Privacy & Cybersecurity

U.S. Privacy and Data Protection | Insights |

U.S. Privacy and Data Protection | Insights | May 2024 (State Law) The California Privacy Protection Agency board recently gathered to revise draft regulations to implement parts of the state's...

Read Article

Privacy & Cybersecurity

4 Ways to Protect Your Crypto

If you own any cryptocurrency, it's important to take steps to protect it from hackers and other bad actors. Here are four ways to do so. Use Two-Factor Authentication for...

Read Article

Privacy & Cybersecurity

U.S. Privacy and Data Protection | Insights |

FTC Brings Enforcement Action Against Hotel Chain After experiencing multiple large-scale data breaches, Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC have agreed to a significant...

Read Article
Get the help you need.

We offer legal advice on a wide range of online topics

Get legal help now

Not seeing what you’re looking for?

Submit your case in 3 minutes and get legal help fast.

Submit your case online

OR

Give us a call
Join our mailing list

Stay ahead of legal matters

The internet moves fast. We'll keep you informed.