The Federal Trade Commission’s standard for data security practices is “reasonableness.” But what does that really mean in practice, ask Philip Gordon and Zoe Argento of Littler Mendelson. It’s a question of importance to in-house counsel for many reasons, including employment matters and protecting personal information. But “the challenge for employers, like that for businesses responsible for safeguarding customers’ data, is how to translate ‘reasonable’ security requirements into actual practices,” note the authors.
The FTC was recently asked to testify as to the standards it uses to assess what is “reasonable,” but Gordon and Argento said Bureau of Consumer Protection Deputy Director Daniel Kaufman “sidestepped questions about specific data security practices that would fail the reasonableness standard” and, instead, pointed to FTC consent orders and guidance brochures, emphasizing that it’s a case-by-case analysis.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]