Merchants who accept credit cards have a duty to protect customer information, not only by law (see, e.g., 201 CMR 17.00), but also because the credit card companies tell them so. The Payment Card Industry Security Standards Council was created by Visa, MasterCard and American Express to tell merchants precisely what they are supposed to do to protect consumers. Merchants must follow the Payment Card Industry Data Security Standard (PCI DSS) or risk fines or losing the ability to process credit cards. … More
Tag Archives: risk assessment
FTC Chief Privacy Officer Mark Groman Presents At The Boston Bar Association
On Wednesday, January 14, 2009, the Boston Bar Association’s Privacy Law Committee hosted FTC Chief Privacy Officer Mark Groman for a brown bag lunch presentation entitled “The View from the Federal Trade Commission’s Chief Privacy Officer.” Here are a couple of highlights from the presentation:
- Mr. Groman views law firms as businesses subject to FTC Red Flags regulations (“we regulate you, too”), so law firms should be developing identity theft prevention programs to comply with the regulations by the May 1,…