The Director of the FTC’s Bureau of Consumer Protection reflects on how the agency has taken action over the past year to strengthen its orders in data security cases. These orders have been a subject of focus for the FTC: in June 2018, the Eleventh Circuit’s LabMD decision struck down an FTC data security order as unenforceably vague, and the FTC subsequently held a hearing in the course of the FTC’s Hearings on Competition and Consumer Protection in the 21st Century on how it could improve data security orders. The FTC identified three categories of improvements in its orders: (1) more specificity regarding company requirements; (2) increased third-party assessor accountability; and (3) c-suite and board obligations.
Cybersecurity, Privacy, & AI
Trending Now
Plankey Withdraws Nomination to Lead CISA • What Federal Leaders Need to Know About Iran’s Cyber Campaign • Navy Deploys SABER Cybersecurity System Fleetwide • The Supreme Court Is About to Decide How Far Geofence Warrants Can Go • FedRAMP Solicits Public Comment on Overhaul to Incident Communications Procedures
FTC Points to Three Key Changes in its Effort to Strengthen Data Security Orders
Jarretera | Shutterstock
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.