FTC and Data Security

Who establishes and enforces your rights for data security at the places you shop? I used to think it was a matter of negligence law, or maybe contract. Both enforceable through a lawsuit.

Wrong, again, sort of. The FTC has assumed unto itself the responsibility for defending our rights, under its original charter (1914) to protect us from unfair or deceptive trade practices. We can still sue.

“FTC Wins A Round Over Data Security,” Wall Street Journal, April 8, 2014 B1 http://on.wsj.com/1n0hfLV

A Federal judge in New Jersey denied a motion to dismiss from Wyndham Worldwide Corp., alleging the FTC didn’t have the power to regulate Wyndham data security practices.

Maybe it’s a good thing. One more reason for the businesses to be careful with my information. May be cumulative. And the government is not necessarily the best at IT things. We’ll see.


Leave a comment

Filed under Board, Business Case, Controls, Duty of Care, Governance, HR, Information, Internal controls, IT, Management, Privacy, Protect, Protect assets, Protect information assets, Risk, Security, Third parties, Value

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s