Skip to main content

Business executives, tech professionals, and the attorneys who represent them need to stay current on what’s happened – and what’s happening – at the FTC when it comes to privacy and data security. You could set aside weeks to review the hundreds of FTC cases, reports, rulemakings, and policy initiatives touching on those topics or you could scroll through the agency’s to-the-point 2023 Privacy and Data Security Update to get the latest word.

Even a quick read illustrates a common thread that runs throughout the agency’s recent privacy and security initiatives: the front-line role the FTC plays in taking on the consumer protection challenges of artificial intelligence. Law enforcement actions against Rite Aid, Ring, and Amazon/Alexa; a Report to Congress – Combatting Online Harms Through Innovation – that discusses to use of algorithms, including generative AI, to create and optimize paid content; and an ongoing market study of social media and video streaming platforms’ use of AI are just a few examples of how the FTC is insisting that consumer interests remain at the forefront of the evolving AI landscape.

 On the Enforcement side, the Update describes recent agency efforts to protect consumers in areas like health privacy, geolocation tracking, children’s privacy, data security, credit reporting and financial privacy, and spam calls and email. Looking for proof of the FTC’s commitment to challenge allegedly illegal conduct? Actions against GoodRx, BetterHelp, CRI Genetics, Epic Games, Microsoft, Drizly, CafePress, TransUnion Rental Screening Solutions, Experian Consumer Services, and Publishers Clearing House are just a few examples of the dozen of times the FTC has used law enforcement to vindicate consumers’ rights.

The Update also gets readers up to speed on FTC rulemakings, reports, workshops, policy initiatives, and consumer and business education related to privacy and security. Among the highlights: the Policy Statement on Biometric Information and Section 5 of the FTC Act; a study under Section 6(b) of FTC Act of social media and video streaming companies’ information practices; updates to the GLB Safeguards Rule; ongoing efforts to strengthen the Children’s Online Privacy Protection Rule; and the proposed Commercial Surveillance and Data Security Rulemaking.

Bureau of Consumer Protection Director Samuel Levine puts the issues in perspective for consumers and businesses concerned about the fast-moving state of privacy and information security:

"We have worked vigorously to ensure that the law has equal force across the digital ecosystem, rising to the challenges presented by new technologies and seeking meaningful remedies that establish critical standards for protecting consumers’ information, rather than placing the burden on consumers to protect themselves. This is an area that demands an all-hands-on-deck response, and as the examples in the report show, the Commission is using every tool it has to safeguard consumers’ rights."

Read the FTC Privacy and Security Update and share it with your colleagues. 


It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.

The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.

  • We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
  • We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
  • We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
  • We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to

We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.

Oscar Netto
March 29, 2024

Please keep up the good work. Thank you.

Get Business Blog updates