The latest FTC enforcement actions, and how to avoid one of your own

Not everyone is pleased with the FTC’s actions, and two recent cases highlight the growing criticism

If the reaction to recent data security breaches at national retailers Target, Michael’s and Apple is any indication, protecting consumer information will continue to be a hot topic. Yet while consumer concerns about theft are universal, as opposed to industry specific, regulatory protection lags behind. To date, no federal regulation or law sets forth data-security standards that apply to all companies engaged in interstate commerce.

The Federal Trade Commission (FTC) is doing its best to fill the void. Since 2000, the FTC has brought more than 40 data security enforcement actions, and just three months into 2014, the FTC has negotiated settlements with Fandango and CreditKarma for alleged failures to take reasonable steps to secure consumers’ personal information. The FTC relies on Section 5(a) of the FTC Act as its authority for enforcement actions; the statute provides that “unfair or deceptive acts or practices in or affecting commerce...are...declared unlawful.” Unfair practices are broadly defined as those that “cause or [are] likely to cause substantial injury to consumers…not reasonably avoidable by consumers themselves and not outweighed by countervailing benefits to consumers or to competition.”

Contributing Author

author image

Breana Jeter

Breana C. Jeter practices on Moore & Van Allen PLLC’s Intellectual Property team. Her work primarily involves trademark, patent and copyright litigation matters for...

Bio and more articles

Contributing Author

author image

Karin McGinnis

Karin McGinnis is a member in Moore & Van Allen’s Employment & Labor group. She concentrates her practice on employment law, handling a broad range of...

Bio and more articles

Join the Conversation

Advertisement. Closing in 15 seconds.