The FTC and Cybersecurity: Unfair Business Practices or Unfair Business Expectations

Author: Brooke Logsdon, Associate Member, University of Cincinnati Law Review

National Cybersecurity, or the lack thereof, has frequently been front and center in our national news these days. Despite the recent increase of cyber-attacks on corporate entities such as Target, Ashley Madison, and Anthem,[1] Congress has yet to pass an adequate cybersecurity bill that would protect our government, our infrastructure, and our private sector from cybersecurity attacks.[2] When Wyndham Hotels fell victim to cyber-attacks in 2008, it decided to fight the Federal Trade Commission’s (FTC) authority to declare business practices “unfair.” Continue reading “The FTC and Cybersecurity: Unfair Business Practices or Unfair Business Expectations”

The FTC: Cyber Security Savior or Data Dictator?

Author: Leanthony Edwards Jr., Associate Member, University of Cincinnati Law Review

Throughout the past few years, data privacy and cybersecurity have become hot topics within the U.S. legal system and the media. Last year, prominent U.S. corporations like Sony and Home Depot suffered major data breaches that caused significant financial and reputational harm for both the companies and consumers. In response to the increase in massive data breaches, President Obama featured cyber security issues prominently in the State of the Union address.[1] Although getting data security on the national agenda was an important breakthrough, the U.S. may suffer in the near future as a result of Congress’s failure to allocate appropriate resources toward devising a legitimate data security strategy. With dubious legislative authority, the Federal Trade Commission (FTC) has ordained itself the regulatory authority responsible for policing data security policies within the United States. This article highlights two lawsuits brought by the FTC that depict this most recent power grab and illustrate why the FTC’s assumption of this data security role is troublesome.

Continue reading “The FTC: Cyber Security Savior or Data Dictator?”