The FTC – in a decision that should surprise no one – refused to dismiss its administrative complaint (“Complaint”) against LabMD. This case – like the FTC’s case against Wyndham Worldwide – illustrates the continuing fight regarding the scope of the FTC’s power for regulate inadequate data security practices. In particular, this decision is important because it […]
Enforcement
FTC Denies LabMD’s Motions to Stay Pending Administrative Action
In the ongoing Federal Trade Commission (“FTC”) proceeding against LabMD, Inc. (“Lab MD”), the FTC recently denied LabMD’s attempts to stay the proceeding pending the outcome of the company’s separate requests for injunctive relief pending before the U.S. District Court for the District of Columbia and petition for review before the U.S. Court of Appeals for […]
NIST’s Preliminary Cybersecurity Framework Could Have Broad Implications for Critical, Non-Critical Infrastructure Alike
On October 22, 2013, the National Institute of Standards and Technology (NIST) released its Preliminary Cybersecurity Framework (“Framework”), marking one of the final steps in creating the “voluntary” Framework envisioned in an Obama Administration Executive Order (EO) issued earlier this year. That EO, which was designed to strengthen the cybersecurity of the United States’ critical […]
FTC Chairwoman Reiterates Support for National Data Breach Law with FTC Enforcement Powers
At the National Consumers League Conference on identity theft, held on December 12, 2013 in Washington, D.C., Federal Trade Commission (“FTC”) Chairwoman Edith Ramirez pushed for a federal data breach law featuring the FTC as the “enforcer.” Chairwoman Ramirez engaged in a keynote discussion with former FTC Chairwoman Deborah Platt Majoras and made her position […]