The Federal Trade Commission (FTC) and the UK’s Information Commissioner’s Office (ICO) are both actively enforcing non-compliant website cookie banners. In the U.S., the FTC have announced proposed settlements arising from three enforcement actions, reflecting the FTC’s ‘heightened focus on pervasive extraction and mishandling of consumers’ sensitive personal data.’ In mid-February, the FTC announced a proposed settlement to resolve allegations that Avast, a security software company, unfairly sold consumers’ granular and re-identifiable browsing information -information that Avast amassed through its antivirus software and browser extensions after telling consumers that Avast’s software would protect their privacy, and that any disclosure of their browsing information would only be in aggregate and anonymous form. Avast is required to pay $USD16.5 million and is prohibited from selling or licensing any web browsing data for advertising purposes. In January of this year, the FTC announced proposed settlements with two data aggregators, X-Mode Social and InMarket, to resolve a host of allegations […]