Enter to open, tab to navigate, enter to select
HTC America Settles FTC Charges for Failure to Secure Mobile Devices
Practical Law Legal Update 8-524-3810 (Approx. 3 pages)
HTC America Settles FTC Charges for Failure to Secure Mobile Devices
by PLC Intellectual Property & Technology
| Published on 22 Feb 2013 • USA (National/Federal) |
On February 22, 2013, HTC America, Inc. settled FTC charges that it failed to use reasonable and appropriate security measures in developing and customizing software for its smartphones and tablet computers, placing consumers’ sensitive information at risk.
On February 22, 2013, the FTC announced that it had agreed with HTC America, Inc. to settle charges that HTC America failed to take reasonable and appropriate steps to secure the software it developed and customized for smartphones and tablet computers. The FTC charged specifically that HTC America failed to:
- Provide its engineering staff with adequate security training.
- Review or test its mobile devices' software for potential security vulnerabilities.
- Follow well-known and commonly accepted secure coding practices.
- Establish a process for receiving and addressing vulnerability reports from third parties.
The complaint also alleged that user manuals for HTC Android-based devices had deceptive representations. The FTC charged that resulting software vulnerabilities and security flaws placed millions of consumers' sensitive information at risk.
The settlement requires HTC America to:
- Establish a comprehensive security program.
- Refrain from making any false or misleading statements about the security and privacy of consumers' data on HTC devices.
- Undergo independent security assessments every other year for the next 20 years.