Sometimes the day just gets away from you …..

Here are three privacy & security things you should know for your week:

1.  FTC Cites TRUSTe With Misrepresenting Practices – Fines $200,000

Apparently TRUSTe hasn’t been quite so …. the FTC has charged the “certification” company with misrepresenting practices to consumers and failing to conduct annual re-certifications of around 1,000 companies between 2006 and 2013 contrary to its stated policies.  TRUSTe (which stands for “True Ultimate Standards Everywhere”) agreed to settle the charges by promising that will not misrepresent its practices (or itself as a nonprofit, which it has not been for over 6 years) and agreed to pay $200,000 to the FTC.

“TRUSTe promised to hold companies accountable for protecting consumer privacy, but it fell short of that pledge,” FTC Chairwoman Edith Ramirez said in a statement. “Self-regulation plays an important role in helping to protect consumers. But when companies fail to live up to their promises to consumers, the FTC will not hesitate to take action.”

 FTC Press Release

PCWorld – TRUSTe Deceived Consumers About Recertification Program, FTC Says 

Washington Post – Latest FTC enforcement action shows why it’s so hard to figure out who to trust online

2.  FBI Investigating US Government Agency Breaches Linked to Hacking

The FBI has announced that is has opened investigations into hacking attacks on the State Department and the US Postal Service that appear to be linked to espionage.   “We are aware of these reports and are working with our interagency partners to investigate the matter,” FBI spokesman Joshua Campbell said in an e-mail to Bloomberg News. He declined to comment on any link between the State Department and White House attacks.

At least four government agencies and some private businesses have been disrupted in recent weeks by attacks that have been blamed on Russian or Chinese hackers. The National Oceanic and Atmospheric Administration last week reported four Web sites were hacked in recent weeks.

“The compromise of public and private sector systems is something we take very seriously, and the FBI will continue to investigate and hold accountable those who pose a threat in cyberspace,” the FBI’s Campbell said.

According to a Bloomberg News report, the rash of attacks have renewed efforts by lawmakers to pass legislation that would allow agencies and companies to share information about hackers in order to better secure vital public and private computer networks.

“Criminals, hacktivists and nation states are attacking our government networks at an alarming rate,” Rep. Michael McCaul (R-Texas), chairman of the House Homeland Security Committee, said in a statement.

The number of reported breaches on federal computer systems surged to 46,605 in 2013 from 26,942 in 2009, according to the U.S. Computer Emergency Readiness Team

“Every day that Congress does not pass vital and bipartisan cybersecurity legislation is a day Congress leaves this country vulnerable to these persistent and increasingly dangerous attacks,” McCaul said “If a larger attack occurs, it’s going to be on Congress for not acting.”

 Bloomberg News – FBI Probes Agency Computer Breaches Said to Bear Signs of Spying 3.  Another “Voluntary Code”  – Automakers and the Connected Car Two groups representing  broad group of US and foreign auto makers — the Alliance of Automobile Manufacturers and the Association of Global Automakers — have signed off on a voluntary code setting out certain privacy guidelines for “connected cars.”  The Privacy Principles include guidance on issues like transparency, anonymity and security and are intended to set ground rules for the collection and use of information collected by increasingly sensor-rich automobiles about wide varieties of car operations —- and driver actions.

The Alliance of Automobile Manufacturers and Association of Global Automakers signed off on the code, which was presented to the FTC last week. Between them, the groups count 19 companies as members, including Chrysler, Ford and General Motors.

The announcement comes several months after the European Commission announced that two European standards-setting organizations had already completed the basic set of standards for connected cars and a year after the U.S. General Accountability Office (GAO) issued a report critical of automakers for offering only vague and “broadly-worded” explanations of data sharing practices.     “Without clear disclosures, risks increase that data may be collected or shared for purposes that the consumer is not expecting or might not have agreed to,” the GAO report stated.    It remains to be seen how automakers will incorporate the new voluntary Privacy Principles to better communicate with the auto-buying public.