The Federal Trade Commission (FTC) has recently reached a settlement with Chegg Inc., an education technology company that offers online educational services and products, and whose target audience is primarily high school and college students. An example of Chegg’s products is the popular “homework help app”.
 
Over the years, Chegg has collected information about users’ religious affiliations, heritage, date of birth, sexual orientation, disabilities, and parents’ income. Regrettably, Chegg exposed students’ and workers' information four different times in recent years. In or around 2018, Chegg’s poor security practices led to the misappropriation of personal information of approximately 40 million users. Among the violations alleged by the FTC are:

• Failing to implement basic security measures;
• Storing information insecurely;
• Failing to Develop Adequate Security Policies and Training.

The lessons companies can take away from Chegg’s mistakes, according to the FTC, are: 

• Exercise special care when storing sensitive information. Once your company has sensitive information in itspossession, you’ve upped the ante on your obligation to keep it secure; 
• Limit access to sensitive information. Limit access to employees and contractors for whom that data is an essential component of their job;
• Respond to data incidents immediately and definitively;
• Conduct regular in-house security training.

 
At Lardiere McNair & Stonebrook Ltd., LPA, we believe cybersecurity can have a considerable impact on any business, as cyber criminals target companies of all sizes. We stand ready to help your business understand your responsibilities to consumers, as well as to assist you in the wake of a data breach. Please call (614) 534-1355, to schedule a free consultation.
 
For more information go to: https://www.ftc.gov/business-guidance/small-businesses/cybersecurity

Aline Wright is a Legal Assistant at Lardiere McNair & Stonebrook, Ltd,. LPA.  To read more about our firm, please visit lawyerscolumbusohio.com.

The information presented here has been prepared by Lardiere McNair for promotional and informational purposes only and should not be considered legal advice.  This information is not intended to provide, and receipt of it does not constitute, legal advice.  Nor does the receipt of this material create an attorney/client relationship.  An attorney client relationship is not established until such time as Lardiere McNair enters in to a written engagement agreement with a specific client for a specific legal matter.