Skip to main content

From the Data Protection and Privacy Conference: Words of Advice from the Federal Trade Commission

Written by Amy Malone

Amy Malone is attending the Data Protection & Privacy Law Conference in Arlington, Virginia this week and will be providing updates.

Kevin Moriarty from the Division of Privacy and Identity Protection of the Federal Trade Commission addressed the privacy conference on Wednesday.  His discussion focused on the current FTC policy work, including workshops and privacy roundtables.  Kevin reviewed historical cases brought under Section 5 of the FTC Act, and ended with words of advice to prevent your organization from becoming a target of an FTC enforcement action.  He suggests you:

  1. Review the FTC website and use the Consumer Protection Resources. (Kevin said the FTC looks favorably on organizations that can show they have reviewed the site and used the resources provided.)
  2. Keep your promises; do what your privacy policy says you do.
  3. Share information only for permissible purposes.
  4. Dispose of information properly –don’t forget about paper!
  5. Keep up with common threats such as stolen credentials, SQL injection attacks, and access to Wi-Fi networks.
  6. Develop an incident response plan before you have an incident.

Subscribe To Viewpoints

Author

Cynthia J. Larose

Member / Chair, Privacy & Cybersecurity Practice

Cynthia J. Larose is Chair of the firm's Privacy & Cybersecurity Practice, a Certified Information Privacy Professional-US (CIPP-US), and a Certified Information Privacy Professional-Europe (CIPP-E). She works with clients in various industries to develop comprehensive information security programs on the front end, and provides timely counsel when it becomes necessary to respond to a data breach.