August 9, 2022

Volume XII, Number 221

Advertisement
Advertisement

August 09, 2022

Subscribe to Latest Legal News and Analysis

August 08, 2022

Subscribe to Latest Legal News and Analysis

Federal Trade Commission (FTC) Settles with HTC America Over Charges it Failed to Secure Smartphone Software

Smartphone manufacturer HTC agreed in February to settle Federal Trade Commission (FTC) charges that the company failed to take reasonable steps to secure software it developed for its mobile devices including smartphones and tablet computers. In itscomplaint, the FTC charged HTC with violations of the Federal Trade Commission Act.  On July 2 the FTC approved a final order settling these charges.

trade FTC smartphone HTC

The FTC alleged HTC failed to employ reasonable security measures in its software which led to the potential exposure of consumer’s sensitive information. Specifically, the FTC alleged HTC failed to implement adequate privacy and security guidance or training for engineering staff, failed to follow well-known and commonly accepted secure programming practices which would have ensured that applications only had access to users’ information with their consent. Further, the FTC alleged the security flaws exposed consumers to malware which could steal their personal information stored on the device, the user’s geolocation information and the contents of the user’s text messages.

HTC is a manufacturer of smartphones but it also installs its own proprietary software on each device. It is this software that the FTC targeted. While HTC smartphones run Google’s Android operating system, the HTC software allegedly introduced significant vulnerabilities which circumvented some of Android’s security measures.

As part of the settlement consent order, HTC agreed to issue security patches to eliminate the vulnerabilities. HTC also agreed to establish a comprehensive security program to address the security risks identified by the FTC and to protect the security and confidentiality of consumer information stored on or transmitted through a HTC device. HTC further agreed to hire a third party to evaluate its data and privacy security program and to issue reports every two years for the consent order’s 20 year term. The implication of the FTC’s policy makes it clear that companies must affirmatively address both privacy and data security issues in their custom applications and software for consumer use.

© 2022 by Raymond Law Group LLC.National Law Review, Volume III, Number 204
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Bruce Raymond Litigation Attorney Raymond Law Group
Partner

Bruce H. Raymond has served as lead counsel in over 1000 litigated cases in over 20 years of trial practice in state and federal courts in Connecticut and Massachusetts. Attorney Raymond has obtained many favorable results for clients in jury trials. His experience includes business litigation, products liability, toxic torts including asbestos, and intellectual property matters. He has litigated personal injury insurance defense cases including motor vehicle accidents, premises liability, liquor liability, and professional liability matters.

Attorney Raymond was elected President...

860-266-4925
Advertisement
Advertisement
Advertisement