Website Security and Privacy – Do’s and Don’ts

The Federal Trade Commission announced on February 27, 2018 that it has settled a complaint it had filed against Venmo, PayPal’s peer-to-peer payment service, for misrepresentations to consumers about its website security and privacy settings.

In its announcement, the FTC stated:

“The Federal Trade Commission has reached a settlement with PayPal, Inc. over allegations that the company told users of its Venmo peer-to-peer payment service that money credited to their Venmo balances could be transferred to external bank accounts without adequately disclosing that the transactions were still subject to review and that funds could be frozen or removed.

In its complaint, the FTC also charges that Venmo misled consumers about the extent to which they could control the privacy of their transactions. In addition, Venmo misrepresented the extent to which consumers’ financial accounts were protected by ‘bank grade security systems,’ and violated the Gramm-Leach-Bliley Act’s Safeguards and Privacy Rules, the complaint alleges.”

Defending your company from an FTC complaint is always time-consuming and expensive, even if the government doesn’t hit you with fines.  Legal fees and post-settlement compliance monitoring can take a big bite out of your bank account.

Here are a few Do’s and Don’ts for any Website:

Do: Find out which privacy laws apply to your website. Different regulations apply depending on whether you are handling customer health information or are selling children’s toys.

Do: Make sure you comply with each privacy law’s requirements.  Get help from a Web Development firm that has already created numerous websites for comparable companies.  Also have a lawyer who specializes in Internet law review your site after the web development firm builds it.

Do: Make sure you have a Privacy Notice that itself complies with the laws governing privacy notices.

Don’t: Make untrue claims about your website’s security capabilities or about your use of customer data.  The Federal Trade Commission Act gives the FTC the power to go after you for “false, deceptive, or misleading advertising.”  The FTC takes a very broad view of what constitutes advertising, and the courts give them a lot of leeway.

Michael Oswald

Please note: the above post contains educational information. It is not intended as legal advice. Engage an attorney who is licensed in your state to get advice on dealing with any specific legal issue.

© 2018 Michael S. Oswald



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s