Last week, the Federal Trade Commission (FTC) issued a six-step compliance plan to assist businesses with compliance with the Children’s Online Privacy Protection Act (COPPA). It provides clarity on who is covered by and must comply with COPPA and how companies can get parental consent. It also outlines a six-step compliance plan.

New companies

On April 6, 2017, New York Attorney General Eric Schneiderman (AG) announced that he has settled an investigation against TrustE for alleged violations of failing to adequately prevent illegal tracking technology on children’s websites, including Hasbro.com and Roblox.com. TrustE has agreed to pay the State $100,000 in the settlement and adopt measures to strengthen its

On February 27, 2017, news reports disclosed a major security breach involving Spiral Toys, the seller of the CloudPets brand of internet-connected stuffed animals. The Bluetooth-connected CloudPets toys allow users to exchange voice messages between the toys and applications on smartphones or tablets. An investigation by cybersecurity researcher Troy Hunt revealed that customer data for over 800,000 registered accounts, including over two million voice recordings, was stored in an unprotected database on the public internet. While the company has denied that any voice recordings were stolen, reports indicate that hackers accessed the open database and attempted to ransom the data.
Continue Reading Data Breach Involving CloudPets “Smart” Toys Raises Internet-of-Things Security Concerns

In the wake of the holiday season, it seems that even toys are not immune from privacy and security pitfalls. Two “connected” toys, Genesis Toys’ My Friend Cayla and i-Que robot, have been accused of violating U.S. and European privacy, security and advertising laws.

The toys at issue provide children with an interactive experience via

On December 6, 2016, The Electronic Privacy Information Center, The Campaign for a Commercial Free Childhood, The Center for Digital Democracy and Consumers Union filed a Complaint and Request for Investigation, Injunction and Other Relief (Complaint) with the Federal Trade Commission (FTC) against Genesis Toys (Genesis) and Nuance Communications (Nuance) regarding alleged violations of the

On September 14, 2016, the Department of Education (DOE) issued a “Dear Colleague Letter” to provide guidance on the application of the Family Educational Rights and Privacy Act (FERPA) to the disclosure of student medical records in the context of litigation.

FERPA generally prohibits a school from disclosing personally identifiable information from a student’s education