by Avi Gesser and Molly O’Malley Clarke
With 2019 coming to a close, we wanted to take a look at what can be learned from the FTC’s cybersecurity enforcement actions this year. As we have previously noted, the FTC came under criticism last year in the LabMD decision for not providing companies with sufficient clarity as to what it expects in terms of their cybersecurity measures. So we thought it would be helpful to see if the FTC’s cybersecurity settlements in 2019 provide any guidance for what the FTC believes companies should (and should not) be doing to protect consumer data. Continue reading