Does FTC flexing its data-breach muscles equal trouble for businesses?
This past summer, the Federal Trade Commission — which regulates data breach and security issues of businesses — issued an ominous ruling. According to the FTC, an “injury” is inherent in virtually any data breach and “future injury” can be assumed as a result of the practices causing the breach.
This decision substantially broadens the FTC jurisdiction over businesses suffering data breaches.
FTC’s views of its jurisdiction in the case, commonly known as LabMD, are that it can institute regulatory proceedings against a business whenever and wherever a data breach occurs. Such broad administrative power should send shivers down the spine of any business, particularly given the pervasiveness of data breaches in today’s business world. It has ominous implications for future FTC enforcement actions and perhaps also for data breach litigation.
To read the full article, click here.