11 Sep FTC complaint against medical laboratory signals agency’s continued intent to assert authority in data-security-breach actions
Quote from Lexology
In taking action against medical laboratory LabMD, the U.S. Federal Trade Commission demonstrated its continued intent to assert authority through the Federal Trade Commission Act in data-security-breach actions. On August 29, 2013, the FTC announced the filing of an administrative complaint alleging that LabMD failed to take reasonable measures to protect sensitive consumer information. TheLabMD action is notable because almost all other actions in which the FTC has made similar allegations have settled without being litigated. The action may result in an administrative law judge ruling on the theory of liability advanced by the FTC in these prior cases, none of which has ever drawn a judicial opinion on the merits, and should accordingly be monitored closely by all companies that collect or use consumer information.