The Federal Trade Commission (FTC) has invoked its authority under Section 5—"unfair or deceptive acts"—to bring complaints against companies whose privacy and/or data security practices have allegedly harmed or could harm consumers. But to date, the FTC has not conducted rulemaking to specify the practices that are required to avoid liability. Instead, it has declared that companies should consult "industry standards" as a source to develop best practices and has gone so far to say it "will view adherence to such codes favorably in connection with its law enforcement work." But has the FTC kept this promise? Kristina Rozan, CIPP/US, says in a piece for The Privacy Advisor that it's pretty darn close.
Full Story
Comments
If you want to comment on this post, you need to login.