Information Intersection > Troutman Sanders LLP

FTC Takes on Video Game “Influencers”



When the FTC revised its Endorsement Guides in 2009, it signaled that it would focus more of its efforts on deceptive advertising conveyed through social media and evolving methods of online advertising. The FTC warned advertisers that they risk enforcement action when material connections between an endorser and an advertiser are not disclosed, regardless of where the endorsement appears.

Since then, the FTC has kept that promise, and last week announced that it settled a case against Machinima involving its deployment of “influencers” who were paid to “build an early buzz” surrounding the launch of Microsoft’s Xbox One console in late 2013.

[

September 9, 2015   No Comments

Third Circuit Rules That FTC Can Police “Unfair” Data Security Practices

Server Room (c) Torkild Retvedt

Server Room (c) Torkild Retvedt

The Federal Trade Commission scored a major win today in its efforts to regulate cybersecurity when the Third Circuit affirmed that the agency can exercise its unfair practices jurisdiction to sue companies that do not take reasonable data security measures.

The FTC sued Wyndham Worldwide Corp. in district court after hackers obtained over 600,000 consumers’ credit card information from the hotel group’s systems in 2008 and 2009, resulting in over $10 million in fraudulent charges. Unlike virtually all other FTC cybersecurity cases, Wyndham opted to challenge the FTC’s authority rather than settling.

[

August 25, 2015   No Comments

Criminalization of Robocalls?

U.S. Senator Chuck Schumer (D. N.Y.) has introduced a bill that would criminalize the act of knowingly initiating a commercial robocall without the prior express written consent of the recipient.

Photo by Kesneme

Photo by Kesneme

The bill, S. 1681, defines a “commercial robocall” as a telephone call made for the purpose soliciting a purchase, rental, enrollment or investment in goods or services using an “automatic telephone dialing system” or an artificial or prerecorded voice.

[

August 14, 2015   No Comments

OMG! FDA Cracks Down on Kim Kardashian Social Media Drug Endorsement

Forbes / Kim Kardashian / Instagram

Forbes / Kim Kardashian / Instagram


Tens of millions of people around the world follow Kim Kardashian’s every move on social media. So apparently does the FDA’s Office of Prescription Drug Promotion. Last week, the FDA issued a Warning Letter to Canadian drug manufacturer Duchesnay concerning Kardashian’s social media posts promoting the morning sickness drug Diclegis. The FDA warned that the posts unlawfully misbranded Diclegis under the Federal Food, Drug, and Cosmetic Act. [Read more →]

August 13, 2015   No Comments

Building Your Cybersecurity Team

Troutman Sanders LLP, in conjunction with the New York State Bar Association’s (“NYSBA”) International Section, hosted a Cybersecurity Symposium last week at the firm’s New York City office.


The Symposium was attended by a large and diverse audience consisting of lawyers, compliance officers, government officials, and founders, from the finance, real estate, insurance, start-up, and medical technical spaces.

Troutman Sanders attorneys involved included Aurora Cassirer, Erin Whaley, and Christina Bost Seaton, who collectively have experience in privacy compliance, employee privacy, class action litigation, corporate governance, and healthcare privacy.

Kevin Chalker, a former CIA operative, Clandestine Services, who is the Founder and CEO of Global Risk Advisors, a premier strategic consulting firm focused on security strategy and innovative technical solutions, which counts some or the United States’ largest and most prominent businesses as its clients, discussed the many surprising ways in which technology can lead to security vulnerabilities, and some strategies for preventing and remediating a cybersecurity incident.

[

July 31, 2015   2 Comments

DOJ Issues Cyber-Security and Data Breach Best Practices

Organized crime and other criminal enterprises consider cyber-intrusions to be a “low-risk, high-reward proposition” that pose a serious threat to every business that is connected to the internet or uses electronic systems. The U.S. Department of Justice (DOJ) has joined the growing list of federal agencies to weigh in on cyber-security “best practices.” On the heels of The Federal Trade Commission and the HHS Office of Civil Rights and Office of the National Coordinator, DOJ just released its own guidance on steps to take before a cyber-intrusion or data breach occurs, as well as a template response for cyber-intrusions and attacks.[1] Following an accepted protocol of “Preparedness, Response and Recovery” the Guidance identifies steps a business should take before, during and after cyber-intrusions to minimize risk and defuse the impact of breaches when they do occur. [Read more →]

May 7, 2015   No Comments

Supreme Court Grants Certiorari In Spokeo Case – Set To Address Article III Standing In Cases With No Concrete Harm

On April 27, 2015, the United States Supreme Court granted certiorari in Spokeo Inc. v. Robins, a case which could have wide-ranging implications for lawsuits, including class actions, against businesses under a number of consumer protection statutes.

In a case that the Supreme Court will hear and decide in its next term, the Court will address the question of whether Congress may confer Article III standing on a plaintiff who suffers no concrete harm, by simply authorizing a private right of action based on the violation of a federal statute alone.  If the Court reverses the lower court’s decision, it could mean the death-knell of “no harm” class action lawsuits that have proliferated under statutes that allow for statutory damages without proof of actual harm. [Read more →]

April 28, 2015   No Comments

HIT is Hot in Congress

Doctors Studying Data on ComputerLately there’s been a flurry of activity related to health IT in the 114th Congress.  At the end of March, the House passed the SGR bill, or “Doc Fix,” by an overwhelming vote of 392-37.  If there are no hang-ups, the Senate is expected to pass it Tuesday night.

The SGR bill repeals the old formula to pay doctors and creates a new formula for a value-based Medicare payment system.  The bill also includes a few key HIT measures: it requires HHS to create metrics to determine if EHRs are interoperable by July 2016, it defines interoperability as the ability of two health systems to exchange clinical data, and it includes language requiring providers to show they are not blocking information – just to name a few provisions. [Read more →]

April 15, 2015   No Comments

ONC Issues New Privacy and Security Guide for Electronic Health

The Office of the National Coordinator for Health Information Technology (ONC) has just issued a new Guide to Privacy and Security of Electronic Health Information to help everyone that deals with electronic health information better incorporate federal health information privacy and security requirements into their organization.Shelves of Medical Records


The Guide is broadly applicable to anyone that is a HIPAA Covered Entity or Business Associate as well as Medicare Eligible Professionals under the CMS Electronic Health Record (EHR) Incentive Programs (the “Meaningful Use” program).

[

April 13, 2015   No Comments

Data Security Law Proposed in New York State

On April 8, Bill No. A06866, sponsored by Assemblyman Jeffrey Dinowitz (D-Bronx) was introduced in the New York State Assembly.

The bill would amend the General Business Law to add a new section, 899-BB, that would require persons and businesses that conduct business in New York State and own or license computerized data which includes “private information” of a New York State resident, to “develop, implement and maintain reasonable safeguards to protect the security, confidentiality and integrity” of the information, including data disposal.

[

April 10, 2015   No Comments