Author: chris

Federal Trade Commission Privacy Law and Policy is reviewed in the current issue (Vol. 2, Issue 2) of the European Data Protection Law Review by Professor Alessandro Mantelero. Professor Mantelero says: In his book on the Federal Trade Commission (FTC), Hoofnagle gives the European reader more than a historical overview of the origins and vicissitudes…

A historical look at the FTC reveals that it spent decades doing lame work. Just consider the years of “trade practice conferences.” Commissioners would fly all over the country, giving their blessing to self-regulatory agreements on the most trivial of topics. One commissioner famously raved about his post at the FTC to Philip Elman because…

News to me–the FTC was required by Congress to adjust civil penalties so that they catch up with inflation. The new maximum is $40,000 per day/per violation (up from $16,000). Interestingly, if fully adjusted for inflation, the maximum would have gone up to $52k for violations of orders, but alas, Congress capped the increase to…

Jeremy Snow of Fedscoop reports that the FTC closes approximately 70% of investigations into information security violations. The figure comes from a speech by Commissioner Maureen Ohlhausen. Ohlhausen emphasized that the FTC’s approach overall emphasizes reasonableness. This means that, as Snow reports, “If a company’s security is ‘reasonable, or even good,’ Ohlhausen said, and solves the…

Leafing through pages and pages of historical records on the FTC, one is frustrated by both its volume, and by what it is missing. For much of the FTC’s history the agency quietly settled matters with companies using assurances of voluntary compliance (“AVCs”). One result is that there are very interesting docket entries in the…

Law360 published the “early challenges” essay from FTC Privacy Law and Policy here. Here is the full version in PDF and plain text (below) for those without a Lexis subscription.

Historians of consumerism have recognized three waves of consumer movements. The first surrounded the passage of the 1906 food and drug law. The second took hold after the Great Depression and reached its height with the passage of amendments to the FDA Act and the Wheeler–Lea Amendments to the FTC Act. The third was actuated…

The law firm Bryan Cave offers some good advice for companies about consumer complaints to the FTC: …a massive database of consumer complaints known as “Consumer Sentinel” … is used by the FTC and other consumer protection regulators to identify and investigate enforcement targets. [fusion_builder_container hundred_percent=”yes” overflow=”visible”][fusion_builder_row][fusion_builder_column type=”1_1″ background_position=”left top” background_color=”” border_size=”” border_color=”” border_style=”solid” spacing=”yes”…

Some complain that the FTC’s cases are never litigated and thus are not law. Why are not more FTC cases litigated? The class action suit against Trump University demonstrates one reason. In that case, discovery has turned up calling scripts and the like that portray the organization negatively. Modern businesses, in order to swindle big,…

Many internet business models seem to take advantage of the confusion between online and offline contexts. Social networks make strangers and mere acquaintances your “friends.” Privacy policies borrow from offline norms of confidentiality. Websites have our “trust” yet act in ways that contravene basic principles of the pre-internet idea of trust. My most recent paper…

The shoes are dropping on the companies that assess PCI compliance. Our first signal comes from the LifeLock case. In LifeLock, the FTC alleged that the company “failed to establish and maintain a comprehensive information security program…” as required by a 2010 order. Lifelock settled the case for over $100M, despite the fact that the…

Law360 is featuring an essay from my book on the FTC’s early challenges. Read it here (subscription only). I’ll post the full text in 3 months.