U.S. Privacy and Data Protection | Insights | Mar. 2024 (Federal Law)

The Federal Trade Commission ("FTC") has continued to be active in the realm of data privacy and security.

As an initial matter, it is important to acknowledge that data is a critical component of developing new technologies, especially ones such as AI, which is rapidly becoming ubiquitous. With this in mind, the FTC has highlighted concerns about the ways in which companies go about updating their data and privacy policies in order to utilize consumers’ data, including through use of evolving AI.

Specifically, according to the FTC, retroactive amendments and failing to adequately inform consumers about amendments are red flags and may be considered a violation of FTC rules. In other words, transparency and effective notifications, and in applicable cases consumer consent, are key issues for companies to consider when making material changes to website privacy policies and terms of use. The FTC has adopted a stance of vigorously pursuing actions against companies who engage in practices that are considered unfair and deceptive. As such, it is important for companies to remain fully informed of the key components of compliance when updating data and privacy policies.

Recently, in addition to its press release about "quietly" changing website terms, the FTC has brought actions against:

• Facebook/Meta (alleging Facebook violated its privacy promises to consumers and violated a 2012 Commission order).
• Rite Aid Corporation (prohibiting the company from using facial recognition technology for security or surveillance purposes for five years to settle charges that the retailer failed to implement reasonable procedures in use of the technology).
• Global Tel Link Corporation (alleging failure to secure sensitive data stored in a cloud environment and failure to alert those affected by a data incident).
• Avast (involving a $16.5 million payment requirement and prohibition from selling or licensing web browsing data for advertising purposes after the business purportedly made claims that products would protect consumers from online tracking).

Kronenberger Rosenfeld, LLP regularly advises clients regarding FTC matters, advertising, and privacy compliance. Contact our firm using our online case submission form here.