In an order released last week, the Eleventh Circuit temporarily delayed enforcement of the Federal Trade Commission’s (FTC) order in the LabMD case.  As we reported earlier, the FTC ruled in July that LabMD’s data security practices violated the FTC Act, clarifying and expanding upon the FTC’s authority to regulate corporate data security practices.  After the FTC denied LabMD’s request for a stay, the company appealed to the Eleventh Circuit, which granted the stay in a unanimous decision.
Continue Reading Appellate Court Stays Enforcement of FTC’s LabMD Order

The Federal Trade Commission (FTC) issued a unanimous opinion and order today, vacating the Administrative Law Judge’s (ALJ) initial decision and finding that LabMD’s data security practices were “unfair” under Section 5 of the FTC Act.  In August 2013, the FTC issued a complaint against LabMD, alleging that its failure to implement adequate data security measures led to the disclosure of patient information from LabMD’s networks.  As we previously reported, FTC staff appealed the ALJ’s November 2015 initial decision dismissing the FTC’s complaint against LabMD for allegedly “unfair” data security practices.  The Commission’s Chief ALJ had dismissed the complaint on the ground that there was no injury or likelihood of injury to consumers because there was no evidence of misuse of any of the personal information at issue.  The Commission Opinion reverses that finding and holds that injury, for purposes of the FTC Act, was established on a record of insufficient data security protections.

The Commission’s opinion in LabMD further bolsters the FTC’s authority to regulate corporate data security practices, which was affirmed last year by the Third Circuit in Wyndham.  It also clarifies and expands upon the Commission’s interpretation of the unfairness test under Section 5 of the FTC Act as it relates to data security. 
Continue Reading FTC: LabMD’s Data Security Practices Violated the FTC Act

As we previously reported, in January AT&T filed a Motion to Dismiss the Federal Trade Commission’s (FTC’s) complaint alleging that AT&T engaged in unfair and deceptive conduct in violation of Section 5 of the FTC Act when it “throttled” mobile broadband subscribers who were “grandfathered” into the company’s unlimited mobile data plan.  AT&T moved

As we previously reported, in October 2014 the Federal Trade Commission (FTC) filed a complaint against AT&T in federal court alleging that AT&T’s “throttling” practices for mobile broadband subscribers who were “grandfathered” into the company’s unlimited mobile data plan were unfair and deceptive in violation of Section 5 of the FTC Act.  On Monday, AT&T filed a Motion to Dismiss this lawsuit on the basis that it is a common carrier subject to the Communications Act and thus exempt from Section 5 of the FTC Act.
Continue Reading AT&T Challenges FTC Jurisdiction Over Non-Common Carrier Activities of Common Carriers

Earlier this week, U.S. District Court Judge Esther Salas directed the Federal Trade Commission (“FTC”) and Wyndham Hotels and Resorts to seek mediation to resolve their landmark dispute over whether the FTC has the authority to regulate companies’ data-security practices.  As we’ve previously reported, the FTC alleged that Wyndham violated Section 5 of the

Yesterday, the Federal Trade Commission (FTC) filed a complaint against AT&T alleging that the company misled consumers by limiting its “unlimited” data plan for mobile customers.

The FTC’s two-count complaint, which was filed in the U.S. District Court for the Northern District of California, alleges that AT&T violated Section 5 of the FTC Act, which prohibits “unfair or deceptive” trade practices, by imposing significant data speed restrictions on unlimited data plan customers and failing to disclose this practice to customers.Continue Reading FTC Says AT&T Fails to Deliver on ‘Unlimited’ Data Promises

The Federal Trade Commission (“FTC”) announced on Thursday, September 4 that Google has agreed to settle charges and refund no less than $19 million to consumers whose children were allegedly deceived into making mobile purchases through the Android app store.

Google offers thousands of apps for free or a specific dollar amount through its Google Play Store, which is preloaded on Android mobile devices.  In many children’s game apps, after installation, children may purchase virtual items within an app — “in-app charges.”Continue Reading Google to Refund Consumers at Least $19 Million to Settle FTC Complaint It Unlawfully Billed Parents for Children’s Unauthorized In-App Charges

By: Nora Diamond

The Federal Trade Commission (“FTC”) brought suit last week against Amazon.com for allegedly collecting unauthorized in-app charges in connection with children’s apps. The FTC alleges that, by failing to require the account holder to enter a password before allowing a charge, Amazon unfairly billed parents for millions of dollars in unauthorized purchases.

Last week, a federal judge in the District of New Jersey denied Wyndham Hotels and Resorts’ motion to dismiss the FTC’s complaint alleging Wyndham violated the FTC Act by failing to provide reasonable security for its customers’ personal information.  This Covington E-Alert provides a detailed look at the parties’ arguments and the court’s holdings in

The Federal Trade Commission (“FTC”) recently announced a settlement with Apple, Inc. over allegations that the company billed parents and other account holders for children’s in-app activities without obtaining the account holders’ express and informed consent. The FTC’s complaint alleged that Apple’s failure to obtain express and informed consent prior to each in-app purchase constituted an unfair act or practice in violation of Section 5 of the FTC Act.

The FTC’s allegations stemmed from an App Store feature, disclosed in Apple’s Terms and Conditions, that allowed in-app purchases for up to fifteen minutes without requiring password re-entry after the user completed a password-requiring transaction. The FTC complaint alleged that this feature allowed children who were given possession of mobile devices after an initial password entry to incur charges for up to fifteen minutes without parental or accountholder knowledge.Continue Reading FTC Announces $32.5M Settlement with Apple, Inc., May Be Seen as Expanding its “Unfairness” Authority