The Federal Trade Commission Act

922 Words Mar 30th, 2016 4 Pages
ALJ On November 13, 2015, A Federal Trade Commission’s (FTC) Chief Administrative Law Judge (ALJ) held that LabMD did not violate Section 5(a)of the Federal Trade Commission Act (FTC Act) by failing to provide reasonable security for personal information on computer networks. This is the first decision that limits the authority of FTC to regulate businesses that fail to appropriately safeguard their consumers’ electronic personal information.

FTC first became involved with consumer privacy issues in 1995, when it promoted industry self-regulation. After determining that self-regulation was not effective, FTC began taking legal action under Section 5 of the FTC Act. Section 5 limits practices considered to be unfair to instances where, among other things, 1) the practice causes or is likely to cause substantial injury to consumers; (2) the substantial injury is not reasonably avoidable by consumers; and (3) the substantial injury is not outweighed by countervailing benefits to consumers or to competition. Since 2002, the FTC has brought over 50 cases against companies that have engaged in unfair or deceptive practices that put consumers’ personal data at unreasonable risk. Most of these cases resulted in settlements and did not provide judicial decisions addressing the FTC’s authority to regulate the data security practices of companies which have suffered a data breach.
The first case to test the authority of FTC was FTC v. Wyndham Worldwide Corp. After a data breach…
Open Document