COVID-19 Update – Our firm is fully operational. Read the Latest
10 Practical Tips for Remote Video Hearings and Trials https://t.co/Xz7SXuBApN https://t.co/b8C8BnUpQ2
10 Tips for Navigating the Courthouse During COVID-19 https://t.co/ptii3tp9YO https://t.co/LLN0zzvIb4
RT @NCBAorg: Today, we remember. https://t.co/1DtIBqq1ob
A recent settlement by the FTC with the manufacturer of computer routers serves as a reminder to all that in the growing Internet of Things, it is critical for companies to have effective security measures in place to protect consumer’s private data. The FTC’s latest proposed consent order targets Taiwan-based computer hardware maker ASUSTek Computer, Inc. (“ASUS”). ASUS manufactures and sells home routers and related software and services for consumer use. ASUS’s routers include software features that allow consumers to access and share files via a wireless connection through their routers. The FTC complaint contends that ASUS routers are prone to multiple vulnerabilities and that critical security flaws within the router’s software “put the home networks of hundreds of thousands of consumers at risk.” FTC Press Release: ASUS Settles FTC Charges that Insecure Home Routers and “Cloud” Services Put Consumers’ Privacy at Risk (Feb. 23, 2016).
With no admission of liability, the parties have agreed to a consent order which requires ASUS to adopt a comprehensive security program subject to independent audits for the next twenty years. Here are the key takeaways:
The Consent Order should be reviewed by all companies involved in the Internet of Things as a risk management tool.
ASUS to fully and accurately make disclosures to consumers regarding the extent to which the company or its products or services maintain:
ASUS to develop and maintain a comprehensive written security program (“WISP”) reasonably designed to address security risks related to the development and management of their devices and to protect the privacy, security, confidentiality and integrity of consumer information. The WISP should, among other things:
Caren Enloe leads Smith Debnam’ s consumer financial services litigation and compliance group. In her practice, she defends consumer financial service providers and members of the collection industry in state and federal court, as well as in regulatory matters involving a variety of consumer protection laws. Caren also advises fintech companies, law firms, and collection agencies regarding an array of consumer finance issues. An active writer and speaker, Caren currently serves as chair of the Debt Collection Practices and Bankruptcy subcommittee for the American Bar Association’s Consumer Financial Services Committee. She is also a member of the Defense Bar for the National Creditors Bar Association, the North Carolina State Chair for ACA International’s Member Attorney Program and a member of the Bank Counsel Committee of the North Carolina Bankers Association. Most recently, she was elected to the Governing Committee for the Conference on Consumer Finance Law. In 2018, Caren was named one of the “20 Most Powerful Women in Collections” by Collection Advisor, a national trade publication. Caren oversees a blog titled: Consumer Financial Services Litigation and Compliance dedicated to consumer financial services and has been published in a number of publications including the Journal of Taxation and Regulation of Financial Institutions, California State Bar Business Law News, Banking and Financial Services Policy Report and Carolina Banker. ...LEARN MORE