Recent challenges to the Federal Trade Commission’s (FTC) authority to police data security practices have criticized the agency’s failure to provide adequate guidance to companies.
In other words, the criticism goes, businesses do not know what they need to do to avoid a charge that their data security programs fall short of the law’s requirements.
A series of blog posts that the FTC began on July 21, 2017, titled “Stick with Security,” follows promises from acting Chair Maureen Ohlhausen to provide more transparency about practices that contribute to reasonable data security. Some of the posts provide insight into specific data security practices that businesses should take, while others merely suggest what, in general, the FTC sees as essential to a comprehensive data security program. Continue Reading More Insight From the FTC on Data Security—or More of the Same?