FTC’s 2018 Privacy & Data Security Update: What it means for your business

Share This Page

Looking to take a deep dive into the breadth and depth of the FTC’s approach to consumer privacy and data security in the past year? The FTC’s website, including the Business Center, has what you need. But what if you or your clients prefer an at-your-fingertips digest of developments in 2018? We’re got that covered, too. The FTC just issued its 2018 Privacy and Data Security Update – a compendium for attorneys, business executives, and others who are long on interest, but short on time. It summarizes the seven zones that were central to the FTC’s 360° approach in 2018.

Cover of FTC 2018 Privacy & Data Security UpdateENFORCEMENT. The FTC’s privacy and data security enforcement experience runs deep, with hundreds of cases filed in recent years. The 2018 Update leads off with a summary of cases, warning letters, and other actions linked to the resources you’re looking for and summarized by topic:

  • General Privacy
  • Data Security & Identity Theft
  • Credit Reporting & Financial Privacy
  • International Enforcement
  • Children’s Privacy
  • Do Not Call.

ADVOCACY. When government agencies, courts, or other decision makers are considering actions that could impact consumers or competition, the FTC may offer insights based on its years of experience. The 2018 Update describes the FTC’s comments to the CPSC on the Internet of Things and NTIA on privacy. Also included: links to key congressional testimony.

RULES. Are you up on what’s what with privacy- and security-related regulations within the FTC’s purview? The Update offers a thumbnail of what each one requires and 2018 developments.

WORKSHOPS. The FTC has sponsored more than 70 workshops, town halls, and roundtables to bring people together to talk over emerging issues in consumer privacy and security. In 2018, the FTC hosted PrivacyCon, an international forum on the latest academic research; a workshop on combating cryptocurrency scams; and three events centered on big data, artificial intelligence, and data security convened as part of the ongoing Hearings on Competition and Consumer Protection in the 21st Century.

REPORTS AND SURVEYS. To date, the FTC has published more than 60 reports probing consumer privacy and data security issues. Contributions in 2018: a study of mobile security updates and staff perspectives on connected cars, informational injury, and cybersecurity for small business.

CONSUMER EDUCATION AND BUSINESS GUIDANCE. Educating consumers and businesses about privacy and data security is critical to the FTC’s mission. In 2018 we distributed millions of brochures in English and Spanish covering everything from fundamental security ABCs to sophisticated defenses against emerging threats. New titles address changes to the law regarding credit freezes, cybersecurity for small business, virtual private network apps, and scams targeting smaller companies, to name just a few. In addition, hundreds of thousands of subscribers receive the FTC’s Consumer Blog and Business Blog, which regularly touch on timely privacy-related topics.

INTERNATIONAL ENGAGEMENT. A key part of the FTC’s privacy and security mission is to engage international partners to develop mutual enforcement cooperation on privacy and data security investigations. The FTC also plays a lead role in advocating for strong, globally interoperable privacy protections for consumers around the world. The Update includes highlights of how the FTC worked with international counterparts in 2018.

How can you use the 2018 Update? Keep it as a handy reference guide, consult the lists and links, reread it when looking for FTC privacy and security resources, and consider it when drafting client alerts, blogs, or social media content about FTC enforcement and policy initiatives.

Comments

I've been working on my personal computer, but I am looking forward to seeing it.
Are you sure you want to send the report materials by overseas mail?

The report is available online. Follow the link in this blog post to read, print or download the report.

This is so helpful

If my NPPI (documents containing SSN, DOB, banking info) is sent in an unsecured email to non-privy parties, is that a violation of this Act?

If you think a business has not protected your personal information you can report that to the FTC at www.FTC.gov/Complaint. The information you give goes into a secure law enforcement database that the FTC and other law enforcement agencies use for investigations.

Does the FTC govern businesses who transmit information belonging to a non-customer to an unauthorized party? For instance, an email was sent unencrypted- with an attachment containing the SSN, DOB & personal bank information of that consumer...

If you think a business has not protected your personal information you can report that to the FTC at www.FTC.gov/Complaint. The information you give goes into a secure law enforcement database that the FTC and other law enforcement agencies use for investigations.

Add new comment

Comment Policy

Privacy Act Statement

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system (PDF), and user names also are part of the FTC’s computer user records system (PDF). We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.