Federal trade commission

When you first hear about “auto-deleting” or “ephemeral” messaging, you may think of nefarious techniques to hide evidence of wrongdoing. In fact, ephemeral messages – which are typically end-to-end encrypted and set for deletion shortly after they are sent and/or read – in various forms are routinely used for business and other relevant communications. That means that they must be considered for preservation and potential disclosure, raising all sorts of legal, technical, and optical considerations. This came up recently in Federal Trade Commission v. Noland, No. CV-20-00047-PHX-DWL, 2021 WL 3857413 (D. Ariz. Aug. 30, 2021), where the court considered the use of ephemeral messages in the context of an investigation by the Federal Trade Commission (FTC) of the company Success By Health (SBH) and its officers for a potential pyramid scheme. The day after learning of the inquiry, the officers switched from their existing communication means (WhatsApp and iOS messages) to other encrypted mobile messaging apps including Signal, which they set to “auto-delete” all messages on reading. Company leaders exchanged thousands of such messages over many months, despite the FTC’s instruction to preserve documents and suspend ordinary-course document destruction. Further, defendants colluded to remove all traces of the apps and messages from their phones right before turning them over for inspection. The truth came out when the FTC received anonymous information alerting it to the undisclosed use of the apps. On the FTC’s motion against defendants for sanctions, District Court Judge Lanza found defendants had intentionally deprived the FTC of relevant documents, and sanctioned them under Fed. R. Civ. P. 37(e)(2) with an adverse inference that the spoliated evidence was unfavorable to the individual defendants.

Examples of Ephemeral PlatformsContinue Reading Ephemeral Messages: Handle With Care

Facebook faces government investigations on both sides of the Atlantic after recent revelations that Cambridge Analytica, a British political data firm with ties to President Trump’s 2016 campaign, collected and used the personal information of more than 50 million Facebook users in a manner that violates Facebook’s stated policy regarding access, disclosure, and use of personal information. Legislators in the U.S. and the UK have called for hearings.

The Federal Trade Commission (“FTC”) has confirmed it is conducting an investigation into whether Facebook violated the terms of its November 2011 consent decree requiring it to, among other things, “not misrepresent . . . the extent to which it maintains the privacy or security of [personal] information,” and “establish and implement, and thereafter maintain, a comprehensive privacy program that is reasonably designed to (1) address privacy risks related to the development and management of new and existing products and services for consumers, and (2) protect the privacy and confidentiality of [personal] information.” Several state attorneys general have also announced investigations, and Facebook faces at least one a shareholder lawsuit alleging that Facebook did not properly disclose the third-party access to users’ personal information.
Continue Reading Political Data Firm Improperly Accessed Facebook Users’ Data

On February 27, 2018, the Federal Trade Commission (“FTC”) announced a proposed administrative settlement with PayPal, Inc. over allegations that the company failed to make adequate disclosures to users regarding its Venmo peer-to-peer payment service. The settlement underscores the importance of effectively disclosing material information to consumers, including accurately communicating privacy and security practices and user control over optional settings.

Specifically, the FTC alleged that VenmoContinue Reading PayPal Settles FTC Claims Regarding Venmo’s Disclosure, Privacy, and Security Practices

Last week, the Federal Trade Commission (“FTC”) announced an agreement settling claims against a television manufacturer arising from the alleged unauthorized collection of television viewing data.  The FTC, along with the State of New Jersey, alleged that certain “smart TVs” manufactured and sold by VIZIO, Inc. and its subsidiary VIZIO Inscape Services (collectively, “VIZIO”) failed