On October 26, the FTC gave final approval to a settlement agreement with a ride-sharing service. The FTC alleged that the company had deceived consumers about its privacy and data security practices, such as failing to take reasonable measures to secure consumer data stored in the cloud, resulting in two data breaches. The FTC's Decision and Order requires the company to maintain a comprehensive privacy program, obtain privacy assessments by a third party, report any future data security incidents to the FTC, and submit a compliance report to the FTC.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.