Business Blog
FTC’s 2018 Privacy & Data Security Update: What it means for your business
Looking to take a deep dive into the breadth and depth of the FTC’s approach to consumer privacy and data security in the past year? The FTC’s website, including the Business Center, has what you need. But what if you or your clients prefer an at-your-fingertips digest of developments in 2018? We’re got that covered, too. The FTC just issued its 2018 Privacy and Data Security Update – a compendium for attorneys, business executives, and others who are long on interest, but short on time. It summarizes the seven zones that were central to the FTC’s 360° approach in 2018.
ENFORCEMENT. The FTC’s privacy and data security enforcement experience runs deep, with hundreds of cases filed in recent years. The 2018 Update leads off with a summary of cases, warning letters, and other actions linked to the resources you’re looking for and summarized by topic:
- General Privacy
- Data Security & Identity Theft
- Credit Reporting & Financial Privacy
- International Enforcement
- Children’s Privacy
- Do Not Call.
ADVOCACY. When government agencies, courts, or other decision makers are considering actions that could impact consumers or competition, the FTC may offer insights based on its years of experience. The 2018 Update describes the FTC’s comments to the CPSC on the Internet of Things and NTIA on privacy. Also included: links to key congressional testimony.
RULES. Are you up on what’s what with privacy- and security-related regulations within the FTC’s purview? The Update offers a thumbnail of what each one requires and 2018 developments.
WORKSHOPS. The FTC has sponsored more than 70 workshops, town halls, and roundtables to bring people together to talk over emerging issues in consumer privacy and security. In 2018, the FTC hosted PrivacyCon, an international forum on the latest academic research; a workshop on combating cryptocurrency scams; and three events centered on big data, artificial intelligence, and data security convened as part of the ongoing Hearings on Competition and Consumer Protection in the 21st Century.
REPORTS AND SURVEYS. To date, the FTC has published more than 60 reports probing consumer privacy and data security issues. Contributions in 2018: a study of mobile security updates and staff perspectives on connected cars, informational injury, and cybersecurity for small business.
CONSUMER EDUCATION AND BUSINESS GUIDANCE. Educating consumers and businesses about privacy and data security is critical to the FTC’s mission. In 2018 we distributed millions of brochures in English and Spanish covering everything from fundamental security ABCs to sophisticated defenses against emerging threats. New titles address changes to the law regarding credit freezes, cybersecurity for small business, virtual private network apps, and scams targeting smaller companies, to name just a few. In addition, hundreds of thousands of subscribers receive the FTC’s Consumer Blog and Business Blog, which regularly touch on timely privacy-related topics.
INTERNATIONAL ENGAGEMENT. A key part of the FTC’s privacy and security mission is to engage international partners to develop mutual enforcement cooperation on privacy and data security investigations. The FTC also plays a lead role in advocating for strong, globally interoperable privacy protections for consumers around the world. The Update includes highlights of how the FTC worked with international counterparts in 2018.
How can you use the 2018 Update? Keep it as a handy reference guide, consult the lists and links, reread it when looking for FTC privacy and security resources, and consider it when drafting client alerts, blogs, or social media content about FTC enforcement and policy initiatives.
It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.
The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.
We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.
In reply to I've been working on my by hideyuki A
The report is available online. Follow the link in this blog post to read, print or download the report.
In reply to If my NPPI (documents by Guest
If you think a business has not protected your personal information you can report that to the FTC at www.FTC.gov/Complaint. The information you give goes into a secure law enforcement database that the FTC and other law enforcement agencies use for investigations.
In reply to Does the FTC govern by Guest
If you think a business has not protected your personal information you can report that to the FTC at www.FTC.gov/Complaint. The information you give goes into a secure law enforcement database that the FTC and other law enforcement agencies use for investigations.