Medical testing company LabMD Inc. will likely appeal the Federal Trade Commission’s recent decision reasserting its authority to take data security enforcement action against companies.
In that ruling, the FTC held that to demonstrate unfairness to consumers under Section 5 of the FTC Act its enforcement staff needn’t demonstrate specific harm to consumers from a data breach in order to take action against a company. Allegedly lax data security leading to a breach is enough on its own without more to show unfair business practices, the commission held.
That conclusion has significant implications for companies considering the risk of enforcement action by the FTC. It may also influence other legal proceedings where the inability of plaintiffs to demonstrate harm resulting from a data breach of their personal information has been a leading reason for dismissal of their actions.
Read the full article below: