An analysis of the last five years of the Federal Trade Commission’s data security settlements shows that the regulator has generally become less hesitant to label inadequate data security measures as an unfair business practice. This string of precedents may embolden the agency’s efforts to draft consumer data protection rules in 2022—a change that could affect both compliance and transactional attorneys alike.
The chart below depicts the last five years of FTC-issued consent decrees and their court-issued equivalents—known as stipulated orders—that resulted from a business’s alleged failure to implement adequate data security measures.
These statistics highlight the FTC’s increasingly consistent ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.