Our Friday feature is back!
- FTC Imposes Largest Civil Penalty Ever for Violation of Children’s Online Privacy Protection Act (COPPA) – Magic Kingdom Subsidiary Pays Up
Amidst allegations that a major online game developer – a subsidiary of Disney Enterprises, Inc. – illegally collected and disclosed personal information from hundreds of thousands of children under age 13, the FTC yesterday released a consent judgment against Playdom, Inc. and one of its executives imposing a $3 million dollar civil penalty – the largest civil penalty ever for violation of COPPA.
- Lawrence, Massachusetts Alley Reveals Hundreds of Illegally Dumped Personal Records
When you see a story like this, the reaction is “There oughta be a law!” In this case, there is. Despite the Massachusetts law (M.G.L 93H) establishing standards for “proper” disposal of records containing personal information – and setting civil penalties for “improper” disposal — a public alley in Lawrence, Massachusetts is the resting place for many garbage bags overflowing with sensitive personal information and dumped papers in clear view, including blank checks, Social Security cards, and patient records from a doctor’s office. According to published and broadcast reports, after discovery of the dumping, many of the bags had been removed from the alley by unknown persons. Lawrence officials are still investigating – but there has been no comment from the Massachusetts Attorney General’s office (charged with enforcing the Massachusetts statute) on the matter.
- PIN Pad Tampering Probe at Michaels Craft Stores Expands
Texas-based arts and crafts store Michaels announced that besides Chicago, PIN pads in 19 additional states were tampered with. Michaels released a statement on May 4 stating its Chicago-area customers should monitor their accounts as a result of PIN pad tampering in area stores.
Although Michaels identified less than 90 PIN pads that were affected, it removed 7,200 similar PIN pads from stores nationwide as a cautionary measure. It intends to replace the removed PIN pads within 15 days. The company again urged customers tomonitor their bank accounts and to inform their financial institutions if they discover unusual activiy.
The states affected are Colorado, Delaware, Georgia, Iowa, Illinois, Massachusetts, Maryland, North Carolina, New Hampshire, New Jersey, New Mexico, Nevada, New York, Ohio, Oregon, Pennsylvania, Rhode Island, Utah, Virginia and Washington.
More reading – BankInfoSecurity