RockYou And The FTC: Privacy Policies Vs. Practices
May 10, 2012, 1:11 PM EDT
Law360, New York (May 10, 2012, 1:11 PM EDT) -- The Federal Trade Commission once again has made it clear that companies’ data security practices must match their policies. Social gaming company RockYou Inc. allegedly promised that it would take commercially reasonable precautions to safeguard data, but the FTC concluded that the company’s precautions did not meet that standard.
As a result, RockYou must implement and maintain an information security program and obtain third-party audits for 20 years. Beyond the ongoing program and audits, the FTC also fined RockYou $250,000 for knowingly collecting personal information from...