United States: FTC Approves Final Order In Java Security Update Case

As we previously reported, in December 2015, the FTC settled claims against Oracle that the company deceived consumers about security updates on Oracle's Java Platform, Standard Edition software (Java SE).  The FTC's complaint specifically alleged that, as Oracle rolled out updates to users, the software only updated the most recent version persisting on the user's device.  The software update failed to remove older versions of the program or update all versions on the device, and thus left older versions potentially vulnerable to hackers.  Despite knowing these problems, Oracle allegedly did not tell consumers that they needed to manually uninstall older versions of Java SE.

On March 29, after a public comment period, the FTC approved a final order resolving the Commission's complaint.  The order requires Oracle to notify affected customers that they may have older, insecure versions of Java SE on their computers, and to provide instructions on how to remove these older iterations.  The Commission vote to approve the final order and letters to commenters was 4-0.

The Troutman Sanders' Consumer Financial Services Law Monitor blog offers timely updates regarding the financial services industry to inform you of recent changes in the law, upcoming regulatory deadlines and significant judicial opinions that may impact your business. To view the blog, click here

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.