In re Microsoft Corp. (2002) . (FTC File No. 0123240, M03) and In re Guess.com Inc. (2003) . (FTC File No. 0223260). In both of these actions, the FTC claimed that the companies misrepresented security protections on their websites and failed to provide even the most basic data security safeguards. No data was actually lost in either of these cases and there was no data breach. Still, the promise or misrepresentation of data security was sufficient for the FTC to take action. Neither Microsoft nor Guess paid a fine but they were required to establish extensive written security programs and remain open to privacy audits for 20 years. In re HireRight Solutions, Inc. (2012) (FTC File No. 102- 3130) (FTC File No. 102- 3130) Employment background checking company providing “consumer reports” failed to use reasonable procedures to assure the maximum possible accuracy of the information, failed to give consumers copies of the reports, and failed to investigate consumer disputes. It agreed to pay $2.6 million for FCRA violations in addition to other corrective actions. On December 17, 2015, LifeLock, Inc. agreed to pay $113 million to settle charges made by the FTC that the company had failed to create and maintain a comprehensive information security program to protect customers’ personal data, including social security and bank account information. This was largest monetary award obtained by the FTC in an order enforcement action. Challenging FTC Jurisdiction in Data Security Actions. Does the FTC have the authority to regulate and impose data security standards on private businesses under the FTC Act? For the first time, a business challenged the very authority of the FTC to regulate the data security practices of private businesses in FTC v. Wyndham Worldwide Corp. No. 2:13cv1887 (D.N.J. 2014). The FTC alleged that franchisor Wyndham Hotels and Resorts, along with its affiliates, engaged in deceptive practices by misrepresenting that it used “industry standard practices” and “commercially reasonable
29
Made with FlippingBook - Online Brochure Maker