2015 Privacy and Data Security Update

At the Federal Trade Commission, we’ve been very public about how we feel about privacy: we want consumers to enjoy the benefits of innovation in the marketplace, confident that their personal information – online and offline – is being handled responsibly.

Today is Data Privacy Day and, marking the occasion, we’re releasing our 2015 Privacy and Data Security Update, highlighting the initiatives we undertook last year to meet that goal, including law enforcement, reports, public workshops, educational efforts, and international cooperation.

Our initiatives last year included launching IdentityTheft.gov, a new resource to help people report and recover from identity theft. Just this week, we enhanced the website. Identity theft victims now can get free, interactive personal recovery plans, step-by-step guidance, and pre-filled letters and forms to speed their recovery.

You can spread the news about IdentityTheft.gov to your employees, customers, and communities. Identity theft can be financially and emotionally overwhelming for its victims. It makes good business sense to help victims get into the fast lane on the road to recovery.

Identity theft is just one of the challenges we see in the privacy and data security arena, where new and emerging technologies have created an environment in which data is collected from consumers wherever they go, often invisibly and without their knowledge.

In 2015, we brought or resolved enforcement actions against:

We also hosted workshops and issued reports on cutting-edge issues such as the Internet of Things, cross-device tracking, and online lead generation. Earlier this month we hosted PrivacyCon, a first-of-its kind FTC event examining pioneering research and trends in protecting consumer privacy and security.

To guide businesses that want to avoid data security pitfalls, we’ve offered an answer: Start with Security. It’s our latest business outreach campaign and includes a guide for businesses that summarizes the lessons learned from the FTC’s 50+ data security settlements, as well as videos and conferences that bring business owners and developers together with industry experts to discuss data security.

Each of our projects in the privacy and data security arena has been informed by a central message: even in the face of rapidly changing business models and technologies, companies still need to follow fundamental privacy principles, including:

  • Don’t collect or retain more data than you reasonably need;
  • Tell consumers how you plan to use and share their data;
  • Give consumers choices about their privacy; and
  • Protect data from unauthorized access.

We’re committed to working with businesses to protect consumers’ privacy in this increasingly digital era. Please take some time to review the Start with Security messages and IdentityTheft.gov, and see how they might fit into your company’s plans for 2016. And if you want more details about the FTC’s activities, check out the 2015 Privacy and Data Security Update.



It's really good work

Without reading the suggested reports, I have a concern that seems obvious it would be on everyone's mind. If we adopt "start with security" guidelines in our effort to collect only the data needed, and the data collected is later breached and exploited, can we hold collection companies accountable for failing to protect sensitive information. Are there guidelines or schedules regarding upgrades to reinforce sensitive info on company servers. And finally, with technology moving as fast as it does, can anyone really ever feel "protected" completely.

You need to investigate Allen & Withrow Attorneys at law because they represent PORTFOLIO RECOVERY ASSOCIATES, LLC. And they sue one person after another. They are JunkDebtCollectors. And the circuit court in North Little Rock, Arkansas is bogged down with this attorneys office filing so many complaints. They have been harassing me in court since 2014 ! They are asking me to sign paper work giving them my social security number, all bank accounts,band deposits,canceled checks and on and on. I am 70 years odl. And am disabled. My wife is disabled and suffers severe panic attacks. I HAVE NEVER TAKEN OUT A CREDIT CARD FROM A BANK EVER!! They are the Plaintiff and it is their job to prove their case. Instead they are trying to make me the Plaintiff prove their case for them. This is just not right! The burden of proof lays on the PLAINTIFF! They are Allen & Withro Attorneys at law 12410 Cantrell Suite 100, Little Rock , Arkansas Phone number (501) 227- 2000. FAX # ( 501 ) 707-1214. PLEASE INVESTIGATE THIS COMPANY. They are a third party JUNKDEBTCOLLECTOR. AND PORTFOLIO RECOVERY ASSOCIATES LLC After banks have written on things and been paid by their insurance Co. Allen and Withro are buying these debts for penny's on the dollar. And collecting on most of them because most people do not even fight them

Awesome Post Jessica,
Cyber Security & Data Protection is must. I am small business owner and I have faced that situation when I had lost my 70% customer data than I realized importance of data protection and online security than I have read too many articles and blogs on this issue. Now I am using a Business VPN for my business activity security and for online data protection. Its very cheap and secure.

Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.