Now in Legal Rebels:
Posted Aug 21, 2012 10:07 pm CDT
It isn’t just individuals who can find companies’ privacy and data security policies confusing. Companies themselves don’t always follow their own rules for protecting user information.
Now, in the wake of a record $22.5 million settlement by Google Inc. with the Federal Trade Commission, albeit without admitting any liability, other companies are reviewing their own procedures to try to head off any potential issues, Computerworld reports.
Likely areas of concern include inadequate security protocols; not following stated policies concerning user privacy and data security; tracking users or disclosing information about users to third parties without consent; and failing to obtain parental consent, when minors are involved.
Even when no fine whatsoever is involved, the cost of dealing with an FTC investigation can be draining, the magazine points out. “The year-one price tag for an information security consent decree for a Fortune 1,000 corporation, including audits, fixes, attorney fees and new appointments, could easily top $1 million. If the meter starts at $250,000 for the subsequent audits, the total effective cost would exceed $3 million.”
The article also offers advice to companies under investigation.