Chapter 3: Regulatory Enforcement Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

Agency that handles unfair and deceptive trade practices

A

FTC

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Consent decree

A

Formal agreement between the government and a company on how they will behave

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

FTC complaint process

A

Investigation
Complaint
Resolution or Administrative Law court appeal
Federal court appeal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Factors in determining unfair practices

A

Injures consumer
Violates public policy
Unethical or unscrupulous

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Criteria for determining unfair practices

A

Substantial injury
Injury not outweighed by benefits
Injury must not be reasonably avoidable by consumers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

FTC vs. Wyndham Worldwide

A

Did not live up to their privacy policy with the security investments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

FTC vs. LabMD

A

2016
Inufficient cybersecurity practices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

FTC vs. LifeLock

A

2010
Deceptive advertising
Also must implement stronger security controls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

First LifeLock fine

A

$12 million

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Second Lifelock fine

A

2019
$100 Million

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

FTC vs. DesignerWare

A

2012
Spyware and keystroke logger
Order to stop doing this

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Deceptive practices

A

Likely to mislead consumers
Perspective of reasonable consumer(s)
Pracrice is material

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Geocities deceptive practices

A

Sold customer info after saying they wouldn’t

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Eli Lilly deceptive practices

A

Collected patient info and then sent patient identities to all other patients

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Nomi deceptive practices

A

Used sensors to track customers mobile devices without their consent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Snapchat deceptive practices

A

Told customers that messages and pictures disappeared forever but knew there were workarounds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

TRUSTe deceptive practices

A

Provides certifications of privacy practices. Failed to perform annual recerts.

18
Q

Facebook 2012 deceptive practices

A

Shared information about “friends” with 3rd party developers

19
Q

Facebook 2019 fine

A

$5 billion

20
Q

Zoom deceptive practices

A

Said they had end to end encryption, but they didn’t.

21
Q

FCC

A

Responsible for communications

22
Q

CPNI

A

Consumer Proprietary Network Information

23
Q

2014 Verizon FCC enforcement

A

Used CPNI for marketing without consent
$7.4 Million settlement

24
Q

TerraComm and YourTel America FCC enforcement

A

Posted customer info on a public website

25
Q

Department of Commerce

A

Handles international privacy agreements

26
Q

HHS

A

Implements HIPAA

27
Q

HHS Lifespan case

A

$1 million fine for stolen unencrypted laptop with PHI

28
Q

HHS Jackson Health Systems fine

A

$2 million for multiple incidents with lost, sold, and leaked patient info

29
Q

HHS case against a doctor

A

$100,000 for violating HIPAA security rule

30
Q

CFPB

A

Lead federal agency for consumer finnacial protection

31
Q

GST Factoring CFPB enforcement

A

$25,000 for illegal telemarketing

32
Q

Equifax CFPB fine

A

$575 million for losing records for 147M people

33
Q

Which agency enforces FERPA

A

Department of Education

34
Q

Self-regulation programs

A

Groups of companies enforce their own standards

35
Q

PCI DSS

A

Self-regulation
Security and privacy

36
Q

NAI

A

Network Advertising Initiative
Self-regulation focused on digital marketing

37
Q

NAI publishes…

A

A code of conduct

38
Q

NAI code of conduct contains

A

Privacy practices
Opt-out mechanisms
Security procedures

39
Q

Where does NAI refer violators?

A

FTC

40
Q

Trust marks

A

Symbols demonstrating independent 3rd party review of privacy standards

41
Q

Safe harbor agreements

A

Exempt from prosecution for certain laws if they meet requirements

42
Q

Privacy Shield

A

Between the US and EU allowing data transfers if firms comply with GDPR.
Orgs must certify with Privacy Shield.
Found illegal in 2020 with the Schrems II decision