FTC seeks to expand authority on data breaches, commercial surveillance
The Federal Trade Commission (FTC) is seeking comment on potential rules that would penalize companies that suffer data breaches due to lax cybersecurity protocols and punish firms that engage in abusive commercial surveillance practices.
The agency’s advance notice of proposed rulemaking, issued Thursday, explained new rules might be necessary “because recent commission actions, news reporting, and public research suggest that harmful commercial surveillance and lax data security practices may be prevalent and increasingly unavoidable.”
“These developments suggest that trade regulation rules reflecting these current realities may be needed to ensure Americans are protected from unfair or deceptive acts or practices,” the FTC said. “New rules could also foster a greater sense of predictability for companies and consumers and minimize the uncertainty that case-by-case enforcement may engender.”