In its first enforcement action under the Fair Credit Reporting Act (“FCRA”) about the sale of data compiled from publicly available online sources in the context of employment screening, the Federal Trade Commission (“FTC”) announced yesterday that it had entered into a $800,000 settlement with an online data broker, Spokeo, for allegedly marketing consumer profiles to employers and recruiters without complying with the requirements of FCRA. In addition, the FTC settled charges that Spokeo violated Section 5 of the FTC Act by posting surreptitious endorsements of its services under the names of others.
Tag Archives: FCRA
SEC and CFTC Propose Identity Theft Red Flags Rules
The FTC Red Flags Rules were not specific to the securities industry and there was some confusion as to which entities were subject to their requirements. This blog entry describes proposed rulesto applyRed Flag rules to certain broker-dealers, investment companies, investment advisers, futures commission merchants, commodity pool operators, introducing brokers, and other SEC- and CFTC-regulated entities
Details on FTC Recommendation of Legislation to Address Practices of Information Brokers
In the report issued by the FTC yesterday, the FTC calls on Congress to consider enacting targeted legislation to provide greater transparency for, and control over, the practices of information brokers and to allow consumers to access their data maintained by information brokers. The FTC notes that Congress could model any such legislation on a bill that the House passed during the 111th Congress, as well as similar bills introduced in the 112th Congress. These bills included some data accuracy and access provisions that were targeted specifically to information brokers. The bills are detailed in this blog entry.
Supreme Court Defers on Constitutional Right to Information Privacy; Scalia Predicts Increased Litigation
On January 19, the Supreme Court decided NASA v. Nelson, a case brought by NASA contractors alleging that questions asked by the federal agency in a background check violated their constitutional right to information privacy — i.e., a constitutional privacy interest in the government “avoiding the disclosure of personal matters” recognized in a pair of 1977 cases, Whalen v. Roe and Nixon v. Administrator of General Services. At issue were questions that asked whether the contractors received “any treatment or counseling” regarding illegal drug use within the previous year (as a follow up to a question regarding whether they used, possessed, supplied or manufactured illegal drugs within that year), and questions directed toward references for information bearing on “suitability for government employment or security clearance,” including “adverse information” about an the contractor’s “honesty or trustworthiness,” “violations of the law,” “financial integrity,” “abuse of alcohol and/or drugs,” “mental or emotional stability,” “general behavior or conduct,” or “other matters.”
CFTC Proposes Rules on Affiliate Marketing, Data Disposal, and GLBA Privacy
On October 27, the Commodity Futures Trading Commission (CFTC) issued proposed privacy and data security rules under the Gramm-Leach-Bliley Act (GLBA) and Fair Credit Reporting Act (FCRA), pursuant to the Dodd-Frank Act.
Regulations Imposing New Obligations on Entities Furnishing Information to Consumer Reporting Agencies Go into Effect on July 1
On July 1, 2010, final regulations will go into effect that impose new obligations on entities that furnish information about individuals (“data furnishers”) to consumer reporting agencies (“CRAs”) for use in reports about those individuals. These regulations require data furnishers to institute reasonable policies and procedures that (1) ensure the accuracy and integrity of furnished information and (2) allow individuals to formally dispute the correctness of certain information that is furnished about them to CRAs directly with the data furnisher.
FTC Red Flags Rule Enforcement Delayed Again (and New Legal Challenge)
FTC Chairman Leibowitz: “Congress needs to fix the unintended consequences of the legislation establishing the Red Flags Rule – and to fix the problem quickly.”
FTC Delays Enforcement of Red Flags Rule for Fourth Time
The Federal Trade Commission (FTC) announced today that it is delaying enforcement of its FACTA Red Flags Rule until June 1, 2010 “[a]t the request of Congress.”
Recently Introduced Federal Legislation May Expand Regulation of Data Brokers
The Personal Data Privacy and Security Act (“PDPSA”), recently reintroduced by Sen. Patrick Leahy (D-VT) and referred to the Senate Judiciary Committee proposes comprehensive federal regulation of data broker services. While enactment of the PDPSA remains uncertain, the draft legislation may presage future legislative and regulatory trends. Comprehensive Federal Regulation of “Data Brokers” Title II [...]