Since the end of 2018, the Federal Trade Commission has reportedly been considering how to strengthen the injunctive relief imposed in orders in data security cases.
The FTC began its evaluation with a public hearing in December 2018 on data breaches and data breach assessments. Several months later, in March 2019, the Commission issued a statement explaining that it was examining the obligations in its orders in data security cases and mandating “new requirements” while “anticipat[ing] further refinements.” Thereafter, the FTC ultimately issued seven data security orders with specific data security practices and obligations that differed markedly from past orders.
Click here, to continue reading on the Cleary Cyber Security and Privacy Watch blog.