Security camera firm settles allegations of lax data protection and misleading marketing practices.
The Federal Trade Commission (FTC) has mandated that security camera company Verkada implement a comprehensive information security program after allegations that its inadequate security practices allowed a hacker to access customers’ cameras. Verkada must also pay a $2.95 million fine to settle violations of the CAN-SPAM Act by overwhelming potential customers with unsolicited emails, the largest penalty ever imposed by the FTC for such a violation.
The Department of Justice (DOJ), acting on the FTC’s referral, filed a complaint detailing Verkada’s failure to secure sensitive data, which led to two security breaches. One of these breaches allowed unauthorized access to footage from over 150,000 cameras, including in sensitive locations like psychiatric hospitals.
“When customers invite companies into private spaces to monitor consumers by using their security cameras and other products, they expect those companies to provide basic levels of security, which Verkada failed to do,” said Samuel Levine, Director of the FTC’s Bureau of Consumer Protection. “Companies that fail to secure and protect consumer data can expect to be held responsible.”
As the Lord Leads, Pray with Us…
- For Chair Khan and members of the FTC to be prudent as they seek to enforcement privacy and information laws.
- For DOJ officials as they bring consumer protection cases before federal courts.
Sources: Federal Trade Commission