Over the past year, the Federal Trade Commission (FTC) has ramped up its oversight of companies’ processing of consumer data. This heightened scrutiny has prompted a series of bold enforcement actions across sectors, including health privacy, geolocation tracking, and children’s privacy, to name a few. These actions, resulting in substantial financial penalties and bans on data sharing, underscore the importance for companies to prioritize data privacy and compliance with federal regulations. With a myriad of tracking technologies available, such as cookies and Pixels, and new advancements emerging, businesses must exercise diligence in their approach to consumer data collection, usage, and sharing. 

BetterHelp is a mobile app that provides convenient and affordable therapy online to millions of users. In its investigation, the FTC found that the company deceived consumers by disclosing personal and sensitive health information to third parties for advertising purposes, despite repeated assurances to users that information would remain private and be used for non-advertising purposes only. Consequently, BetterHelp paid $7.8 million to settle and is banned from sharing users’ health data for advertising.

Similarly, the FTC determined GoodRx, a mobile app that tracks user prescriptions and finds discounted prices, breached its privacy policy by sharing user health information with a third-party advertiser, leading to a $1.5 million settlement and a ban on such data sharing.

In regards to children’s privacy, the FTC found that Microsoft violated COPAA by collecting and retaining children’s personal information without notifying or obtaining consent from their parents, prompting a reminder for companies to adhere to strict limitations on children’s data as well.

More recently, the FTC issued an order against InMarket Media, a data aggregator, for failing to inform consumers and obtain their consent before collecting and using their geolocation data for advertising and marketing.

There are a few lessons to be learned from these enforcement actions:

  • Companies must prioritize data privacy and protection. 
  • Companies and legal advisors should review data privacy policies and practices to ensure compliance with federal and state regulatory law.
  • Companies and legal advisors should understand exactly what data is being processed by tracking technologies and determine whether it is necessary for business practices. 

Aligning Technology and Compliance Requires Software Experts

Experts at Quandary Peak Research have a deep understanding of the complex regulatory laws and compliance standards related to tracking technologies. Specifically, our experts have experience with and can expertly analyze personally-identifiable information (PII) and cookies, server logging and session capture, applications with location-aware features, and more to ensure compliance with federal regulations. 

Our experts are also experienced in analyzing network traffic to determine the nature and content of complex information exchanges, investigating the cause of network failures, and assessing the production and maintenance costs, and quality of network infrastructure.

Quandary Peak experts can also offer pre-litigation research and analysis to provide attorneys with supporting evidence for a cause of action prior to initiating litigation or introducing consumer-facing products to the market. Our experts inspect, reverse-engineer, and test software and hardware devices to glean information about their functionality and determine plausible causes for class action lawsuits or regulatory violations.

Get Expert Help with Data Privacy Laws

Expert witnesses at Quandary Peak Research have deep experience with privacy laws and compliance requirements. Contact us today to recruit a software expert who is experienced with data privacy and the technologies involved.