Global online software platforms offering users the opportunity to earn cash for undertaking surveys, trying new products and services, downloading apps, and completing tasks online have surged in popularity in recent years. Without adequate protections, however, the data saved on these platforms is vulnerable to attacks from hackers and other bad actors. State attorneys general and the Federal Trade Commission (FTC) share the national beat in protecting consumers from the fallout of such incidents.

In a narrative that has become far too common, one such platform suffered a data breach that allowed hackers to gain access to the personal information of more than 6.5 million consumers. The FTC subsequently announced that it was investigating the company and its operator in response to the data breach, alleging that its security practices were inadequate and that it misrepresented the extent of its security.

Cozen O’Connor’s State AG Group represented the company in negotiations with the FTC to reach a settlement resolving its concerns. To avoid future compromises of its consumer data and address the FTC’s concerns, we worked with our client to develop and implement a comprehensive information security program and put in place other practices and protocols to ensure compliance with the settlement. This case was particularly significant as one of the earliest FTC data security settlements following the 11th Circuit’s rebuke of the FTC’s prior framework for such settlements in LabMD, Inc. v. FTC.