On February 27, 2018, the Federal Trade Commission (FTC) announced that it reached a settlement with PayPal, Inc. over allegations that the company failed to make adequate disclosures regarding its Venmo peer-to-peer payment service.
According to the FTC’s complaint, Venmo misled consumers about the extent to which they could control the privacy of their transactions. By default, some information about transactions between users is displayed on Venmo’s social news feed. In addition, Venmo misrepresented the extent to which consumers’ financial accounts were protected by “bank grade security systems,” and violated the Gramm-Leach-Bliley Act’s Safeguards and Privacy Rules.
As part of the proposed settlement with the FTC, Venmo is prohibited from misrepresenting any material restrictions on the use of its service, the extent of control provided by any privacy settings, and the extent to which Venmo implements or adheres to a particular level of security. Venmo is also required to make certain disclosures to consumers about its transaction and privacy practices, and is prohibited from violating the Privacy Rule and the Safeguards Rule.
The proposed settlement will be subject to public comment for 30 days, through March 29, 2018, after which the FTC will decide whether to make the proposed consent order final.
The settlement highlights the importance of disclosing material information to users, including accurately communicating privacy and security practices and control over optional settings.
For more information on how to adequately disclose your company’s privacy policy, Francesca Giannoni-Crystal
Follow us on& Like us on