IT Compliance Advisor

Oct 30 2014   6:23PM GMT

Apple Pay sidesteps compliance rules; FCC takes first privacy action

Fran Sales Fran Sales Profile: Fran Sales

Data security standards

Apple Pay rolled out to much fanfare earlier this week, but may have bypassed some compliance requirements that Apple’s mobile payment rivals have to maintain. In other recent headlines, the FCC took its first steps toward data security enforcement, Google cracked down on online piracy, and Verizon is in hot water with privacy advocates.

Apple Pay under less regulatory scrutiny than rivals

Apple faces less stringent compliance demands than its competitors in the mobile payment space, according to some experts. The company didn’t have to register the recently launched Apple Pay with the U.S. Treasury Department’s Financial Crimes Enforcement Network (Fincen), and thus didn’t have to set up an anti-money laundering compliance program for the service.

This is because Apple merely facilitates the transaction between the consumer and a merchant and doesn’t actually accept or transmit payment, industry insiders told the Wall Street Journal. A phone using Apple Pay doesn’t store card numbers, but rather an encrypted token that unlocks payment card data once the user holds the device near a merchant’s reader.

Rivals PayPal, Google and Facebook are registered with Fincen, however, and thus have to maintain anti-laundering programs.

FCC dives into security, hits two companies with $10 million fine

The Federal Communications Commission (FCC) made its first foray into data security enforcement last Friday, imposing a $10 million fine against two telecom companies for storing personally identifiable information (PII) collected on the Internet without instituting security controls.

From September 2012 to April 2013, YourTel America and TerraCom collected PII from as many as 300,000 applicants to a federal subsidy program. This information included names, addresses and Social Security numbers, according to the FCC. Instead of securing the data or destroying it, the companies stored it on publicly accessible online servers. Reporters for the Scripps Howard News Service discovered the PII with a simple Google search.

The $10 million fine will be split between the two companies.

Google revamps search algorithm to deter piracy

Google announced that it has modified its search algorithm to make it less likely that illegal piracy websites will rank highly on its search results pages when users search for copyrighted media content. The company announced its decision through an updated version of its “How Google Fights Piracy” report, which was originally published last year.

The update includes changes to how Google presents its ads in search results pages for queries associated with entertainment media. The ads will be featured prominently at the top of the page and positioned in a way that points users to legitimate sources of content.

Google is currently only implementing these new results in the U.S., but it plans to expand the effort internationally.

Verizon uses identifiers to help clients target advertisements at users

Verizon Wireless is adding tokens to Web requests traveling across its network that allow the cellular services provider to collect data on consumers’ interests. The user profiling, part of the company’s Relevant Mobile Advertising service, affects all Verizon Wireless customers. The tokens, called Unique Identifier Headers (UIDHs), link website visitors to Verizon’s internal profiles.

The service allows clients to tailor their website advertisements to specific consumer market segments. The websites can request advertisements and UIDHs from an on-demand advertising network, which can then ask for consumer data such as geolocation information from Verizon so it can provide targeted advertising.

Verizon says its users remain anonymous and that this marketing data is private. But because the database is not under any legal scrutiny, privacy advocates say that the service tracks users and should not be using the data outside of the intended purposes.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: