Big Fines for Companies That Failed to Protect Customer’s Privacy

James Chiodo, Certified Information Privacy Professional CIPP/US

Two carriers are looking at a total of $10 million in fines for privacy violations. The FTC has its sights set on TerraCom, Inc. and YourTel America, Inc. What did the two telecommunications companies do that is considered a breach of privacy? They allowed the private information of their customers, including social security numbers, to be stored on unprotected servers. Forget about leaving personal data open to hackers. Anyone on the planet could have looked at the identifying information of these customers.

How many people have been affected by the complete lack of privacy protocols? The two business together had as many as 305,000 customers worth of data on the unprotected server. The FTC has never taken on a case such as this before involving the privacy of digital information, and it’s the largest venture involving privacy that the FTC has ever embarked on.

The FTC isn’t pulling any punches when it comes to the breach of privacy. Customers from the two companies no doubt expected their personal information to be kept on a secure server. After all, companies are accountable for what they do with consumer data, aren’t they? The FTC is trying to make sure that is the case by holding these two businesses liable for the lack of security they offered their customers.

While both companies assure users in their privacy policy that security measures are in place, the security measures did not come into effect until April 2013. That means data was on an unprotected server for up to 8 months. Even after the company realized their mistake, they were slow to take measures to fix the problem, and never told customers about the error.

So now you can begin to see the long list of violations that occurred. First of all, the carriers failed to provide a reasonable degree of protection for the personal data of their customers. Second, their privacy policy was misleading and deceptive, since it implied that security measures were in place when there were, in fact, none. Finally, they failed to notify customers of the potential for breach when the privacy concern was uncovered.

It’s no wonder that the FTC is seeking such a high penalty from these two companies which have allegedly violated the privacy of more than 300,000 individuals, most who come from low-income families, which is why they used lesser-known communications providers such as these.

Of course, the FTC isn’t just watching “off brand” carriers. Verizon was recently hit with a $7.4 million settlement over concerns of privacy, when 2 million customers received unlawful marketing without consent.


New California & Nevada Privacy Laws Affect Website and Mobile App Owners ➞ Read More