FTC Orders Mobile Device Manufacturers to Provide Information about Security Updates for Study
Time 2 Minute Read
Categories: Information Security, U.S. Federal Law

On May 9, 2016, the Federal Trade Commission announced it had issued Orders to File a Special Report (“Orders”) to eight mobile device manufacturers requiring them to, for purposes of the FTC’s ongoing study of the mobile ecosystem, provide the FTC with “information about how [the companies] issue security updates to address vulnerabilities in smartphones, tablets, and other mobile devices.” The FTC’s authority to issue such Orders comes from Section 6(b) of the FTC Act.

The following companies are receiving the orders:

  • Apple, Inc.;
  • Blackberry Corp.;
  • Google, Inc.;
  • HTC America, Inc.;
  • LG Electronics USA, Inc.;
  • Microsoft Corp.;
  • Motorola Mobility, LLC; and
  • Samsung Electronics America, Inc.

Among other details, the Orders require the relevant companies to provide information regarding:

  • factors the companies consider in deciding whether to patch a vulnerability on a particular mobile device;
  • any written policies, contracts, testing or certification documentation the companies maintain regarding mobile device security;
  • disclosures the companies have made to consumers regarding mobile device security updates;
  • (1) detailed data on the specific mobile devices the companies have offered for sale to consumers since August 2013; (2) the vulnerabilities that have affected those devices; and (3) whether and when the companies patched such vulnerabilities.

The companies must file their responses within 45 days from the date of service of the Orders.

Tags: Apple Inc., Compliance, Consent Order, Consumer Protection, Encryption, Federal Trade Commission, Mobile App, Mobile Device
Print Email Twitter/X Linkedin Facebook

You May Also Be Interested In

Time 3 Minute Read
Connecticut AG Clarifies AI Compliance Obligations Under CTDPA

The Connecticut Attorney General recently issued a legal memorandum regarding the application of existing Connecticut laws, such as the Connecticut Data Privacy Act, to the use of artificial intelligence.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 3 Minute Read
Oklahoma Enacts Comprehensive Consumer Privacy Law

On March 20, 2026, Oklahoma Governor Kevin Stitt signed SB 546 into law, enacting the Oklahoma Consumer Data Privacy Act, which will take effect on January 1, 2027.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
Alabama Enacts App Store Accountability Act Requiring Age Verification

On February 5, 2026, Alabama Governor Kay Ivey signed Alabama House Bill 161, the App Store Accountability Act, establishing age categorization, age verification and parental consent requirements for mobile application marketplace providers operating in Alabama, effective January 2027.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook
Time 2 Minute Read
CalPrivacy Reaches Settlement with Ford Motor Company Over CCPA Opt-Out Right Violations

On March 5, 2026, the California Privacy Protection Agency announced that the agency had reached a settlement with Ford Motor Company resolving an enforcement action against the company that alleged noncompliance with the California Consumer Privacy Act’s opt-out of sale/sharing rights.

Continue Reading ›
Print Email Twitter/X Linkedin Facebook

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page