The US Federal Trade Commission takes action against ASUS regarding misleading statements about data security

August 3, 2016 |

The Federal Trade Commission has finalised its orders against ASUSTek Computer arising out its failure to take reasonable steps to secure software on its routers despite make promises about security.  The terms of the settlement are onerous.  As they should be.  It would be ever so nice if the Australian Privacy Commissioner took a more assertive role.  Or even an assertive role.

The obligations on ASUSTek Computer is now quite onerous being:

Under the terms of the consent order, ASUS is required to establish and maintain a comprehensive security program subject to independent audits for the next 20 years. In addition, ASUS must notify consumers about software updates or other steps they can take to protect themselves from security flaws, including through an option to register for direct security notices (e.g., through email, text message, or push notification).

The consent order also prohibits the company from misleading consumers about the security of the company’s products, including whether a product is using up-to-date software

 

One Response to “The US Federal Trade Commission takes action against ASUS regarding misleading statements about data security”

  1. The US Federal Trade Commission takes action against ASUS regarding misleading statements about data security | Australian Law Blogs August 3rd, 2016

    […] The US Federal Trade Commission takes action against ASUS regarding misleading statements about data… […]

Leave a Reply