FTC’s Marriott Data Breach Order Echoes States’ Right to Delete

The Federal Trade Commission’s draft settlement deal with Marriott International Inc. over a years-long series of data breaches signals the agency’s growing embrace of right-to-delete policies as the consumer-focused approach becomes increasingly common in US state laws.

The FTC’s proposed agreement containing consent order with Marriott, released Oct. 9, addresses hacks from 2014 to 2020 impacting more than 344 million customers worldwide. The deal would require the hotel chain and subsidiary Starwood Hotels & Resorts Worldwide LLC to provide US customers with a link for users to request the deletion of personal information associated with their email addresses or loyalty ...