Consumer Harm: High Bar in FTC Data Security Claims
ALJ On November 13, 2015, A Federal Trade Commission’s (FTC) Chief Administrative Law Judge (ALJ) held that LabMD did not violate Section 5(a)of the Federal Trade Commission Act (FTC Act) by failing to provide reasonable security for personal information on computer networks. This is the first decision that limits the authority of FTC to regulate businesses that fail to appropriately safeguard their consumers’ electronic personal information.
FTC first became involved with consumer privacy issues in 1995, when it promoted industry self-regulation. After determining that self-regulation was not effective, FTC began taking legal action under Section 5 of the FTC Act. Section 5 limits practices considered to be unfair to instances where, among other things, 1) the practice causes or is likely to cause substantial injury to consumers; (2) the substantial injury is not reasonably avoidable by consumers; and (3) the substantial injury is not outweighed by countervailing benefits to consumers or to competition. Since 2002, the FTC has brought over 50 cases against companies that have engaged in unfair or deceptive practices that put consumers’ personal data at unreasonable risk. Most of these cases resulted in settlements and did not provide judicial decisions addressing the FTC’s authority to regulate the data security practices of companies which have suffered a data breach.
The first case to test the authority of FTC was FTC
It is wrong and unethical to target uninformed consumers. it is unethical, because it misleads consumers into buying something that isn't entirely what they are told, it can cause a loss of business for the company or producer, and it is an abusive power.
During the last Christmas season, Target announced that their data security was breached. According to David Lazarus in Los Angeles Times, Target stated that roughly 110 million customers’ information was illegally taken from their database. The information included their credit/debit card info, phone numbers, and email addresses. Target is one of the most popular grocery stores in the U.S.; they have a substantial amount of consumers. Because of this incident, consumers' trusts for the store have been decreasing. Worrying about losing its customers, the company offered a free year of credit monitoring and identity-theft protection, so the customers will feel more secure. Not only Target, some other large retailers also faced the same issues. They want their customers to trust that the companies can protect private data. However, should we not worry? Data breaches have been going on for about a decade, but we have not seriously thought about the issue. In order to protect people’s privacy, the federal government should make new laws concerning companies’ handling of customer information.
Jan Hughes, Plaintiff-Appellant v, Boston Scientific corporation, Defendant-Apellee., 631F .3d 762 (2011), United States Court of Appeals, Fifth Circuit (January 21, 2011)
Companies have an obligation to protect their customer’s information, which goes beyond that of complying with state and federal regulations. If the company loses the trust of their customers, they risk the chance of damaging
Plaintiffs contend the forum selection clause limits them to Virginia state court, where a class action remedy would be unavailable to them; this, they contend, violates California public policy favoring consumer class actions and renders the forum selection clause unenforceable.” (Doe 1 v AOL LLC, 2009) The district court granted AOL’s motion and dismissed the action.
The most efficient way for consumers to get what they want is through the ‘market’, not the government, but businesses have more power than their customers. Some businesses can and will use abuse this power and cheat and steal from consumers to make money. Because of this, the government regulates the behaviour of businesses to have a market economy that functions properly. These laws mainly protect consumers against; misleading/deceptive representations, unconscionable conduct, unfair contracts, and unsafe goods and/or services. To protect consumers, different legal and non-legal approaches have been taken.
The Fourth Amendment allows electronic surveillance to be used to help solve crime while still protecting privacy. The NSA and FBI are looking directly into nine U.S. internet companies, extracting audio and video chats, photographs, emails, documents, and connection logs, which help to track foreign targets. The formal legal process required in Britain to seek personal materials such as emails, photos, and videos from an internet company based out of the country is being circumvented. It was agreed that they would minimize the amount of personal data being taken from people without a warrant and that people should know when their information is being used. Apple, for example, believes the customers have a right to know how their private information
ALJ On November 13, 2015, A Federal Trade Commission’s (FTC) Chief Administrative Law Judge (ALJ) held that LabMD did not violate Section 5(a)of the Federal Trade Commission Act (FTC Act) by failing to provide reasonable security for personal information on computer networks. This is the first decision that limits the authority of FTC to regulate businesses that fail to appropriately safeguard their consumers’ electronic personal information.
In this case yes it was reasonably foreseeable and violated state dram shop laws (Melvin, 2015). Nevertheless, under the dram shop statute, a person who provides alcoholic beverages to another person is immune from civil liability for damages caused by the drunkenness of that person unless the provider is licensed to dispense such beverages and the person to whom the beverages are provided is a drunken person(www.courtlistener.com/opinion/2610778/gonzales-v-kruegerOpinion for, 799 P.2d 1318). A drunken person *1320 is a person whose conduct is substantially and visibly impaired as a result of alcohol ingestion. There were two related arguments presented by Safeway as to why it cannot, as a matter of law, be civilly liable for Gonzales' injuries.
We have all purchased a new consumer product with several labels, stickers, and product inserts containing warnings, disclaimers and oversimplified directions. The warnings can actually be humorous at times as illustrated in the following examples:
Information about individuals is used by businesses to provide customers with a huge array of targeted goods and personalized services that consumers have come to expect. If it lands in the wrong hands, this same information can result in harm to the very individuals it was meant to serve. The protection of an individual's personal information has business implications that extend beyond the privacy of any one individual. Private information relative to certain businesses and industries is protected by various laws. For example the Health Insurance Portability and Accountability Act (HIPAA) laws protect private medical information. Many states have enacted their own laws, and the federal government is regulated by the Privacy Act of 1974. Legislatures are increasingly responding to calls for greater protection of private information, and stories of
The Target data breach along with the data breach at Neiman Marcus has caused U.S retailers to push for more legislation and regulation on issues of data breach of large retailers. The Federal Trade Commision also pushed the government to give them more power to regulate the concerns of cyber security. This being one of the largest data breaches in history caused the government to take notice and begin to make moves to better protect the population from these attacks.
Individuals and corporations that are the victims of an organizations data theft may elect to sue the business for damages. As well as the legal costs involved, if the court rules in favor of the prosecution, then the business will be liable for the damages incurred. This has the potential to put the company out of business. Organizations will need to meet the compliance requirements of one or more Acts, depending upon their vertical industry. The requirement, which is broad-based, is to ensure customer privacy. This is essential to prevent personal details such as social security information, addresses, credit card information, and more, being divulged through data
Making existing and potential customers knowledgeable about products/services, consumer awareness creates more informed buying decisions. Consumers cannot purchase products and services if they do not know they exist. That being said, I believe McDonalds does uphold the basic rights of consumers. Currently, McDonalds displays nutrition facts on all of there food items. That was not always the case. Prior to the movie super size me, and the ensuing lawsuits, McDonalds would offer consumers the option to upgrade their already unhealthy meals to a even larger potion known as super size. This ignored consumer rights because the establishment did not warn customers that they would be consuming nearly half of there daily calories just by having
In the United States data privacy is not highly regulated or legislated, for instance, the Health, and Information Portability and Accountability Act of 1996 (HIPPA), the Children’s Online Privacy Protection Act of 1998 (COPPA), and the Fair and Accurate Credit Transactions Act of 2003 (FACTA) are indicators of how the United States federal laws tend to favor